← threatfilter.dev / all groups / Rancor
Rancor
Overview
Rancor is a threat group that has led targeted campaigns against the South East Asia region. Rancor uses politically-motivated lures to entice victims to open malicious documents.
Targets
Civil society · Government
Regions
Cambodia · Singapore
TTPs — 9 techniques across 5 tactics
Initial Access
-
T1566.001Spearphishing Attachment
Execution
-
T1053.005Scheduled Task -
T1059.003Windows Command Shell -
T1059.005Visual Basic -
T1204.002Malicious File
Privilege Escalation
Stealth
-
T1218.007Msiexec
Command and Control
-
T1071.001Web Protocols -
T1105Ingress Tool Transfer
Tools & malware (4)
Reg · DDKONG · PLAINTEE · certutil