APT
ATLAS
Atlas
Actors
Sectors
Requirements
⌘K
▸
sign in
Atlas
Actors
Sectors
Requirements
LOADING
Pioneer Kitten (aka Fox Kitten, PARISITE) · APT Atlas
Actors
/
Nation-state / APT
/
Asia
Pioneer Kitten
APT
IR · Iran
AKA
Fox Kitten · PARISITE · Br0k3r · RUBIDIUM
Mandiant
:
UNC757
Microsoft
:
Lemon Sandstorm
IRGC-affiliated cluster involved in espionage and access brokering.
Targets
25
Sectors
18
Threat types
2
GIRs covered
0/480
Active since
2017
Pin to atlas
Watch
Share
Export
Victimology
Geographic footprint · 25 countries
Region filter
Export
origin · Iran
targeted countries · 25
ASIA ·
12
United Arab Emirates
·
China
·
Indonesia
·
Israel
·
India
·
Macau
·
Maldives
·
Philippines
·
Qatar
·
Saudi Arabia
·
Singapore
·
Taiwan
OCEANIA ·
1
Australia
EUROPE ·
7
Belgium
·
Belarus
·
Switzerland
·
France
·
United Kingdom
·
Ireland
·
Norway
AMERICAS ·
4
Canada
·
Guatemala
·
Mexico
·
United States
AFRICA ·
1
Ghana
Sectors targeted
18 of 40
Government
83 actors
Defense
60 actors
Aviation
19 actors
Financial Services
61 actors
Healthcare
38 actors
Technology
51 actors
Telecom
57 actors
Retail & Hospitality
25 actors
Energy / Utilities
49 actors
Education & Research
50 actors
Manufacturing (man)
40 actors
Media & Journalism
41 actors
Transportation
25 actors
Logistics
18 actors
Hospitality
26 actors
Consulting / Professional Services
26 actors
Industrials / Engineering
23 actors
Chemicals
15 actors
Tactics, techniques, procedures
Threat types + MITRE ATT&CK mapping
THREAT TYPES
ESP · Espionage
ext · Extortion
MITRE ATT&CK · 32 techniques
Resource Development
· 1
T1585
Establish Accounts
Initial Access
· 1
T1190
Exploit Public-Facing Application
Execution
· 4
T1053.005
Scheduled Task
Credential Access
· 5
T1003.001
LSASS Memory
Discovery
· 5
T1012
Query Registry
T1018
Remote System Discovery
Lateral Movement
· 5
T1021.001
Remote Desktop Protocol
T1021.002
Collection
· 4
T1005
Data from Local System
T1039
Data from Network Shared Drive
T1213.005
Messaging Applications
Command And Control
· 3
T1090
Proxy
T1102
Web Service
Stealth
· 4
T1027.010
Command Obfuscation
T1036.004
Masquerade Task or Service
GIR coverage
0 / 480 requirements satisfied
Open matrix
No GIRs mapped yet for this actor.
Related actors
By origin and actor type
APT2
nation-state
China · 6 targets · since 2010
APT5
nation-state
China · 15 targets · since 2007
APT8
nation-state
China · 5 targets · since —
APT14
nation-state
China · 15 targets · since —
APT17
nation-state
China · 10 targets · since 2009
APT20
nation-state
China · 14 targets · since 2011
T1059
Command and Scripting Interpreter
T1059.001
PowerShell
T1059.003
Windows Command Shell
T1003.003
NTDS
T1110
Brute Force
T1552.001
Credentials In Files
T1555.005
Password Managers
T1046
Network Service Discovery
T1083
File and Directory Discovery
T1217
Browser Information Discovery
SMB/Windows Admin Shares
T1021.004
SSH
T1021.005
VNC
T1210
Exploitation of Remote Services
T1560.001
Archive via Utility
T1105
Ingress Tool Transfer
T1036.005
Match Legitimate Resource Name or Location
T1078
Valid Accounts