Home/ Threat Actors/ GCMAN

🌐GCMAN

🌐 GCMAN is a tracked threat actor in the Clankerusecase corpus. ??-aligned. Primary motivation: Unknown. We map 6 detection use cases to this actor across 2 MITRE ATT&CK techniques, with 0 threat-intel articles citing them.

View full actor card → All threat actors MITRE ATT&CK group spec (G0036) ↗

6Use cases

0Articles

2Techniques

0IOCs

About this actor (MITRE)

[GCMAN](https://attack.mitre.org/groups/G0036) is a threat group that focuses on targeting banks for the purpose of transferring money to e-currency services. (Citation: Securelist GCMAN)

Known aliases

GCMAN

Top techniques

T1021.004 · SSH T1021.005 · VNC

Detection use cases (6)

Cisco IOS XE Remote Access Probe Burst MITRE match Cisco Privileged Account Creation with HTTP Command Execution MITRE match ESXi SSH Enabled MITRE match Linux SSH Remote Services Script Execute MITRE match Windows Protocol Tunneling with Plink MITRE match Windows PuTTY Suite Utility Execution MITRE match