Trusted Design

CVE-2015-5122 Exploited in Strategic Web Compromise

概要

On July 14, FireEye researchers discovered attacks exploiting the Adobe Flash vulnerability CVE-2015-5122, just four days after Adobe released a patch. CVE-2015-5122 was the second Adobe Flash zero-day revealed in the leak of HackingTeam’s internal data. The campaign targeted Japanese organizations by using at least two legitimate Japanese websites to host a strategic web compromise (SWC), where victims ultimately downloaded a variant of the SOGU malware.

Created: 2026-02-23

Indicators

類似Pulses

Operation Clandestine Wolf – Adobe Flash Zero-Day APT3 Phishing (score: 0.78)
An analysis of exploit supply chains and digital quartermasters (score: 0.75)
Killing a Zero-Day in the Egg: Adobe CVE-2016-1019 (score: 0.74)
Latest Flash Exploit Used in Pawn Storm (score: 0.73)
Watering Hole Attack on Aerospace Firm Exploits CVE-2015-5122 (score: 0.72)

このPulseに関連する脅威アクター (事実ベース)

Ember Bear

Score: 9.76

Matched TTPs:

T1564.008 - Email Hiding Rules
T1218.010 - Regsvr32
T1003.003 - NTDS

MITREへのリンク →

Sandworm Team

Score: 15.05

Matched TTPs:

T1564.008 - Email Hiding Rules
T1686.003 - Windows Host Firewall
T1122 - Component Object Model Hijacking
T1218.010 - Regsvr32
T1546.016 - Installer Packages

MITREへのリンク →

Mustard Tempest

Score: 10.84

Matched TTPs:

T1682 - Query Public AI Services
T1059.012 - Hypervisor CLI
T1543.002 - Systemd Service

MITREへのリンク →

APT41

Score: 4.78

Matched TTPs:

T1560.003 - Archive via Custom Method
T1218.010 - Regsvr32

MITREへのリンク →

Scattered Spider

Score: 3.29

Matched TTPs:

T1560.003 - Archive via Custom Method

MITREへのリンク →

TA505

Score: 3.29

Matched TTPs:

T1560.003 - Archive via Custom Method

MITREへのリンク →

Volt Typhoon

Score: 12.89

Matched TTPs:

T1560.003 - Archive via Custom Method
T1686.003 - Windows Host Firewall
T1546.016 - Installer Packages
T1569.002 - Service Execution

MITREへのリンク →

APT3

Score: 4.78

Matched TTPs:

T1560.003 - Archive via Custom Method
T1218.010 - Regsvr32

MITREへのリンク →

FIN13

Score: 6.21

Matched TTPs:

T1560.003 - Archive via Custom Method
T1569.002 - Service Execution

MITREへのリンク →

Storm-0501

Score: 3.84

Matched TTPs:

T1686.003 - Windows Host Firewall

MITREへのリンク →

APT29

Score: 15.15

Matched TTPs:

T1592.004 - Client Configurations
T1122 - Component Object Model Hijacking
T1218.010 - Regsvr32
T1218.009 - Regsvcs/Regasm
T1547.008 - LSASS Driver

MITREへのリンク →

APT32

Score: 9.85

Matched TTPs:

T1592.004 - Client Configurations
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1556 - Modify Authentication Process

MITREへのリンク →

BRONZE BUTLER

Score: 7.10

Matched TTPs:

T1592.004 - Client Configurations
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

APT28

Score: 10.54

Matched TTPs:

T1122 - Component Object Model Hijacking
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1146 - Clear Command History

MITREへのリンク →

Threat Group-3390

Score: 6.01

Matched TTPs:

T1122 - Component Object Model Hijacking
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

Sea Turtle

Score: 4.24

Matched TTPs:

T1122 - Component Object Model Hijacking
T1218.010 - Regsvr32

MITREへのリンク →

Dragonfly

Score: 6.09

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1546.016 - Installer Packages

MITREへのリンク →

Andariel

Score: 3.26

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

EXOTIC LILY

Score: 4.02

Matched TTPs:

T1218.010 - Regsvr32
T1547.008 - LSASS Driver

MITREへのリンク →

Lazarus Group

Score: 22.27

Matched TTPs:

T1218.010 - Regsvr32
T1567.002 - Exfiltration to Cloud Storage
T1059.012 - Hypervisor CLI
T1546.016 - Installer Packages
T1055.005 - Thread Local Storage
T1547.008 - LSASS Driver
T1569.002 - Service Execution
T1556 - Modify Authentication Process

MITREへのリンク →

Patchwork

Score: 3.26

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

Axiom

Score: 3.26

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

Higaisa

Score: 8.27

Matched TTPs:

T1218.010 - Regsvr32
T1567.002 - Exfiltration to Cloud Storage
T1569.002 - Service Execution

MITREへのリンク →

Leviathan

Score: 6.09

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1546.016 - Installer Packages

MITREへのリンク →

APT37

Score: 3.26

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

Mustang Panda

Score: 12.22

Matched TTPs:

T1218.010 - Regsvr32
T1567.002 - Exfiltration to Cloud Storage
T1055.005 - Thread Local Storage
T1556 - Modify Authentication Process

MITREへのリンク →

Transparent Tribe

Score: 3.26

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

Elderwood

Score: 3.26

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

Darkhotel

Score: 3.26

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

OilRig

Score: 11.30

Matched TTPs:

T1218.010 - Regsvr32
T1592.002 - Software
T1547.008 - LSASS Driver
T1556 - Modify Authentication Process

MITREへのリンク →

APT33

Score: 4.24

Matched TTPs:

T1218.010 - Regsvr32
T1556 - Modify Authentication Process

MITREへのリンク →

Windshift

Score: 4.29

Matched TTPs:

T1059.012 - Hypervisor CLI
T1547.008 - LSASS Driver

MITREへのリンク →

Earth Lusca

Score: 4.60

Matched TTPs:

T1059.012 - Hypervisor CLI
T1546.016 - Installer Packages

MITREへのリンク →

Dark Caracal

Score: 4.29

Matched TTPs:

T1059.012 - Hypervisor CLI
T1547.008 - LSASS Driver

MITREへのリンク →

Turla

Score: 7.53

Matched TTPs:

T1059.012 - Hypervisor CLI
T1546.016 - Installer Packages
T1569.002 - Service Execution

MITREへのリンク →

CURIUM

Score: 4.29

Matched TTPs:

T1059.012 - Hypervisor CLI
T1547.008 - LSASS Driver

MITREへのリンク →

Daggerfly

Score: 4.60

Matched TTPs:

T1059.012 - Hypervisor CLI
T1546.016 - Installer Packages

MITREへのリンク →

Magic Hound

Score: 4.29

Matched TTPs:

T1059.012 - Hypervisor CLI
T1547.008 - LSASS Driver

MITREへのリンク →

Kimsuky

Score: 4.13

Matched TTPs:

T1003.003 - NTDS

MITREへのリンク →

Contagious Interview

Score: 5.27

Matched TTPs:

T1547.008 - LSASS Driver
T1556 - Modify Authentication Process

MITREへのリンク →

FIN6

Score: 5.27

Matched TTPs:

T1547.008 - LSASS Driver
T1556 - Modify Authentication Process

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Lazarus Group

Score: 0.81

Matched TTPs:

T1556 - Modify Authentication Process
T1569.002 - Service Execution
T1547.008 - LSASS Driver
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1546.016 - Installer Packages
T1055.005 - Thread Local Storage
T1567.002 - Exfiltration to Cloud Storage

MITREへのリンク →

Sandworm Team

Score: 0.60

Matched TTPs:

T1122 - Component Object Model Hijacking
T1686.003 - Windows Host Firewall
T1218.010 - Regsvr32
T1546.016 - Installer Packages
T1564.008 - Email Hiding Rules

MITREへのリンク →

APT29

Score: 0.59

Matched TTPs:

T1122 - Component Object Model Hijacking
T1547.008 - LSASS Driver
T1218.010 - Regsvr32
T1592.004 - Client Configurations
T1218.009 - Regsvcs/Regasm

MITREへのリンク →

Related CVEs

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る