[T1486: Data Encrypted for Impact](https://cmndcntrl.notion.site/T1486-Data-Encrypted-for-Impact-2008f81ca68847258758013d8ffeaf85)

[T1490: Inhibit System Recovery](https://cmndcntrl.notion.site/T1490-Inhibit-System-Recovery-bc900c7c69cc401093146326c62eb71a)

[T1027: Obfuscated Files or Information](https://cmndcntrl.notion.site/T1027-Obfuscated-Files-or-Information-0fcf4f9d405e41ef98e125dc141da8e0)

[T1047: Windows Management Instrumentation ](https://cmndcntrl.notion.site/T1047-Windows-Management-Instrumentation-ee220ee69d794e778c3d0599a50831f2)

[T1036: Masquerading](https://cmndcntrl.notion.site/T1036-Masquerading-a30625fd63304a1fb0b6a1f8fd77b475)

[T1059: Command & Scripting Interpreter](https://cmndcntrl.notion.site/T1059-Command-Scripting-Interpreter-34523300a9e448b29d1887e3db8103f3)

[T1562: Impair Defenses](https://cmndcntrl.notion.site/T1562-Impair-Defenses-271ff0d0adb249919674494be227c272)

[T1112: Modify Registry](https://cmndcntrl.notion.site/T1112-Modify-Registry-14dfca4a8a01486da3433118909548d2)

[T1204: User Execution](https://cmndcntrl.notion.site/T1204-User-Execution-840a2e91b9b542d8b3813f4ab06bb66c)

[T1055: Process Injection](https://cmndcntrl.notion.site/T1055-Process-Injection-be87c8ba590947c0bf748826834f9a0d)

Here's a table summarizing the key MITRE ATT&CK TTPs for the Sandworm Team and LockBit, associated with ransomware attacks:

RansomwareSim

https://github.com/cdong1012/Rust-Ransomware

https://www.cisa.gov/sites/default/files/publications/Federal_Government_Cybersecurity_Incident_and_Vulnerability_Response_Playbooks_508C.pdf