T1110 - Credential Access - Brute Force,
T1133 - Initial Access - External Remote Services,
T1078 - Initial Access - Valid Accounts,
T1552.001 - Credential Access - Unsecured Credentials: Credentials In Files,
T1027 - Defense Evasion - Obfuscated Files or Information,
T1005 - Collection - Data from Local System,
T1595 - Reconnaissance - Active Scanning,
T1572 - Command and Control - Protocol Tunneling,
T1059.004 - Execution - Command and Scripting Interpreter: Unix Shell,
T1048 - Exfiltration - Exfiltration Over Alternative Protocol,