Operation Harvest

Description

(McAfee) Following a recent Incident Response, McAfee Enterprise‘s Advanced Threat Research (ATR) team worked with its Professional Services IR team to support a case that initially started as a malware incident but ultimately turned out to be a long-term cyber-attack.

The diagram reflecting our outcome insinuated that Emissary Panda, APT 27, LuckyMouse, Bronze Union and APT 41 are the most likely candidates that overlap with the (sub-)techniques we observed.

Names

Name	Name-Giver
Operation Harvest	McAfee

Country

China

Motivation

Information theft and espionage

First Seen

2016

Tools

BadPotato
Impacket
Mimikatz
nbtscan
PlugX
ProcDump
PsExec
RottenPotato
SMBExec
Winnti
WinRAR

Information

https://www.mcafee.com/blogs/enterprise/mcafee-enterprise-atr/operation-harvest-a-deep-dive-into-a-long-term-campaign/

Other Information

Uuid

c4692959-b083-4fdc-9d6f-4a6cd1c9f44a

Last Card Change

2021-11-02

Threat Intelligence Garden

Explorer

Operation Harvest

Operation Harvest

Description

Names

Country

Motivation

First Seen

Tools

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks