Exfiltration to Cloud Storage
Sharepoint
Account Access Removal
Domain Trust Discovery
Match Legitimate Resource Name or Location
Valid Accounts
Steal or Forge Kerberos Tickets
Remote System Discovery
Remote Desktop Protocol
PowerShell
Financial Theft
Data Encrypted for Impact
External Remote Services
Binary Padding
Disable or Modify Tools
Remote Access Tools
Archive via Utility