Brute-force attacks
Dictionary attacks
Abuse of MS-SQL Bulk Copy Program (BCP) utility
Malware delivery via SQL database tables
Deployment of ICE Cloud Client (Go-based)
Deployment of Trigona ransomware
Deployment of Mimic ransomware
Use of AnyDesk for persistence and remote access
Use of Teramind for remote monitoring
Use of curl for secondary payload delivery
System reconnaissance (hostname, whoami, ipconfig, netstat, tasklist)