T1566 - Initial Access - Phishing,
T1059.001 - Execution - Command and Scripting Interpreter: PowerShell,
T1059 - Execution - Command and Scripting Interpreter,
T1119 - Collection - Automated Collection,
T1566.001 - Initial Access - Phishing: Spearphishing Attachment,
T1567 - Exfiltration - Exfiltration Over Web Service,
T1560 - Collection - Archive Collected Data,
T1005 - Collection - Data from Local System,