APT
ATLAS
Atlas
Actors
Sectors
Requirements
⌘K
▸
sign in
Atlas
Actors
Sectors
Requirements
LOADING
Patchwork (aka Patchwork, VICEROY TIGER) · APT Atlas
Actors
/
Nation-state / APT
/
Asia
Patchwork
APT
IN · India
AKA
VICEROY TIGER · Operation Hangover · Dropping Elephant · Monsoon · Chinastrats · SectorE02 · ATK11 · Hangover
CrowdStrike
:
QUILTED TIGER
Targets
21
Sectors
14
Threat types
1
GIRs covered
0/480
Active since
2009
Pin to atlas
Watch
Share
Export
Victimology
Geographic footprint · 21 countries
Region filter
Export
origin · India
targeted countries · 21
ASIA ·
15
United Arab Emirates
·
Afghanistan
·
Bangladesh
·
China
·
Hong Kong
·
India
·
Iran
·
Sri Lanka
·
Mongolia
·
Oman
·
Pakistan
·
Saudi Arabia
·
Singapore
·
Türkiye
·
Taiwan
OCEANIA ·
1
Australia
AMERICAS ·
2
Canada
·
United States
EUROPE ·
3
United Kingdom
·
Norway
·
Russia
Sectors targeted
14 of 40
Government
83 actors
Defense
60 actors
Aerospace
49 actors
Aviation
19 actors
Financial Services
61 actors
Healthcare
38 actors
Technology
51 actors
Telecom
57 actors
NGOs & Dissidents
47 actors
Media & Journalism
41 actors
Private Sector (generic)
28 actors
Extractive Industries
8 actors
Dissidents (as targets)
14 actors
Maritime
21 actors
Tactics, techniques, procedures
Threat types + MITRE ATT&CK mapping
THREAT TYPES
ESP · Espionage
MITRE ATT&CK · 27 techniques
Initial Access
· 3
T1189
Drive-by Compromise
T1566.001
Spearphishing Attachment
T1566.002
Spearphishing Link
Execution
· 6
T1053.005
Scheduled Task
Persistence
· 1
Credential Access
· 1
T1555.003
Credentials from Web Browsers
Discovery
· 3
T1033
System Owner/User Discovery
Lateral Movement
· 1
T1021.001
Remote Desktop Protocol
Collection
· 3
T1005
Data from Local System
T1119
Automated Collection
T1560
Archive Collected Data
Command And Control
· 2
T1102.001
Dead Drop Resolver
Defense Impairment
· 1
T1112
Modify Registry
Stealth
· 6
T1027.002
Software Packing
GIR coverage
0 / 480 requirements satisfied
Open matrix
No GIRs mapped yet for this actor.
Related actors
By origin and actor type
APT2
nation-state
China · 6 targets · since 2010
APT5
nation-state
China · 15 targets · since 2007
APT8
nation-state
China · 5 targets · since —
APT14
nation-state
China · 15 targets · since —
APT17
nation-state
China · 10 targets · since 2009
APT20
nation-state
China · 14 targets · since 2011
T1059.001
PowerShell
T1059.003
Windows Command Shell
T1059.005
Visual Basic
T1203
Exploitation for Client Execution
T1204.001
Malicious Link
T1547.001
Registry Run Keys / Startup Folder
T1083
File and Directory Discovery
T1680
Local Storage Discovery
T1105
Ingress Tool Transfer
T1027.010
Command Obfuscation
T1036.005
Match Legitimate Resource Name or Location
T1055.012
Process Hollowing
T1070.004
File Deletion
T1197
BITS Jobs