Emerging Threats
Actor2020
GALLIUM
2Rules
3References
1Folders
2024-11-23Latest
Summary
GALLIUM is tracked here as a threat actor, intrusion set, or campaign with 2 Sigma detections spanning 2020. Coverage centers on windows / dns-server-analytic, windows / process_creation.
Related Detections
Search this threatEmerging Threathightest
GALLIUM IOCs
Detects artifacts associated with GALLIUM cyber espionage group as reported by Microsoft Threat Intelligence Center in the December 2019 report.
WindowsProcess Creation
TA0006 · Credential AccessTA0011 · Command and ControlT1212 · Exploitation for Credential AccessT1071 · Application Layer Protocol+2
Tim BurrellFri Feb 072020
Emerging Threathightest
GALLIUM Artefacts - Builtin
Detects artefacts associated with activity group GALLIUM - Microsoft Threat Intelligence Center indicators released in December 2019.
Windowsdns-server-analytic
TA0006 · Credential AccessTA0011 · Command and ControlT1071 · Application Layer Protocoldetection.emerging-threats
Tim BurrellFri Feb 072020
References