T1566 - Initial Access - Phishing,
T1071 - Command and Control - Application Layer Protocol,
T1204 - Execution - User Execution,
T1056 - Credential Access - Input Capture,
T1204.002 - Execution - User Execution: Malicious File,
T1567 - Exfiltration - Exfiltration Over Web Service,
T1115 - Collection - Clipboard Data,
T1566.002 - Initial Access - Phishing: Spearphishing Link,
T1016 - Discovery - System Network Configuration Discovery,
T1056.001 - Credential Access - Input Capture: Keylogging,