Trusted Design

Dridex, Vawtrak and others increase focus on Canada

概要

The spam messages we observed used several different tactics to deliver malicious payloads to users, including macros, packager shell objects (aka OLE objects), and links. The first example, a campaign observed on May 17, 2016, uses a fake Microsoft security alert social engineering lure to trick the victim into opening a link that leads to an executable download. The user would have to then open the downloaded executable in order to infect their computer. In this case the payload was Kronos, a banking Trojan which was introduced in July of 2014 [1]. This instance of Kronos was configured to target US, Canadian, and Australian financial sites.

Created: 2026-02-23

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Kimsuky

Score: 65.05
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1176.001 - Browser Extensions
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1140 - Deobfuscate/Decode Files or Information
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1585.002 - Email Accounts
  • T1657 - Financial Theft
  • T1027.012 - LNK Icon Smuggling
  • T1583.006 - Web Services
  • T1534 - Internal Spearphishing
  • T1588.002 - Tool
  • T1566 - Phishing
  • T1055.012 - Process Hollowing
  • T1027 - Obfuscated Files or Information
  • T1102.002 - Bidirectional Communication
  • T1656 - Impersonation
  • T1598 - Phishing for Information
  • T1027.010 - Command Obfuscation
  • T1027.002 - Software Packing
  • T1204.001 - Malicious Link
  • T1588.005 - Exploits
MITREへのリンク →

Sea Turtle

Score: 13.75
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1566 - Phishing
  • T1203 - Exploitation for Client Execution
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Ember Bear

Score: 28.77
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1491.002 - External Defacement
  • T1114 - Email Collection
  • T1195 - Supply Chain Compromise
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1588.001 - Malware
  • T1571 - Non-Standard Port
  • T1203 - Exploitation for Client Execution
  • T1588.005 - Exploits
MITREへのリンク →

Indrik Spider

Score: 11.04
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1585.002 - Email Accounts
  • T1584.004 - Server
MITREへのリンク →

Agrius

Score: 8.26
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
MITREへのリンク →

Contagious Interview

Score: 51.21
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1588.007 - Artificial Intelligence
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1681 - Search Threat Vendor Data
  • T1585.002 - Email Accounts
  • T1204.005 - Malicious Library
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1571 - Non-Standard Port
  • T1656 - Impersonation
  • T1543.001 - Launch Agent
  • T1027.010 - Command Obfuscation
  • T1204.004 - Malicious Copy and Paste
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Sandworm Team

Score: 62.42
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1491.002 - External Defacement
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1585.002 - Email Accounts
  • T1591.002 - Business Relationships
  • T1584.005 - Botnet
  • T1588.002 - Tool
  • T1571 - Non-Standard Port
  • T1027 - Obfuscated Files or Information
  • T1592.002 - Software
  • T1195.002 - Compromise Software Supply Chain
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1499 - Endpoint Denial of Service
  • T1027.010 - Command Obfuscation
  • T1584.004 - Server
  • T1204.001 - Malicious Link
MITREへのリンク →

Star Blizzard

Score: 18.55
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1204.002 - Malicious File
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1585.002 - Email Accounts
  • T1598.002 - Spearphishing Attachment
  • T1588.002 - Tool
MITREへのリンク →

Lazarus Group

Score: 60.28
Matched TTPs:
  • T1027.009 - Embedded Payloads
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1218 - System Binary Proxy Execution
  • T1010 - Application Window Discovery
  • T1585.002 - Email Accounts
  • T1070 - Indicator Removal
  • T1583.006 - Web Services
  • T1491.001 - Internal Defacement
  • T1588.002 - Tool
  • T1571 - Non-Standard Port
  • T1036.003 - Rename Legitimate Utilities
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1001.003 - Protocol or Service Impersonation
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1027.007 - Dynamic API Resolution
  • T1564.001 - Hidden Files and Directories
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

TA577

Score: 9.32
Matched TTPs:
  • T1027.009 - Embedded Payloads
  • T1566.002 - Spearphishing Link
  • T1586.002 - Email Accounts
  • T1204.001 - Malicious Link
MITREへのリンク →

Moonstone Sleet

Score: 29.46
Matched TTPs:
  • T1027.009 - Embedded Payloads
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1585.002 - Email Accounts
  • T1027 - Obfuscated Files or Information
  • T1195.002 - Compromise Software Supply Chain
  • T1598 - Phishing for Information
  • T1569.002 - Service Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

LAPSUS$

Score: 32.94
Matched TTPs:
  • T1597.002 - Purchase Technical Data
  • T1586.002 - Email Accounts
  • T1598.004 - Spearphishing Voice
  • T1591.002 - Business Relationships
  • T1588.001 - Malware
  • T1204 - User Execution
  • T1588.002 - Tool
  • T1589.001 - Credentials
  • T1656 - Impersonation
  • T1213.005 - Messaging Applications
MITREへのリンク →

Scattered Spider

Score: 34.63
Matched TTPs:
  • T1564.008 - Email Hiding Rules
  • T1114 - Email Collection
  • T1598.003 - Spearphishing Link
  • T1598.004 - Spearphishing Voice
  • T1588.001 - Malware
  • T1657 - Financial Theft
  • T1204 - User Execution
  • T1588.002 - Tool
  • T1656 - Impersonation
  • T1598 - Phishing for Information
  • T1213.005 - Messaging Applications
MITREへのリンク →

FIN4

Score: 12.73
Matched TTPs:
  • T1564.008 - Email Hiding Rules
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1056.002 - GUI Input Capture
  • T1204.001 - Malicious Link
MITREへのリンク →

APT41

Score: 26.69
Matched TTPs:
  • T1568.002 - Domain Generation Algorithms
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1218.001 - Compiled HTML File
  • T1027 - Obfuscated Files or Information
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1656 - Impersonation
  • T1027.002 - Software Packing
  • T1569.002 - Service Execution
MITREへのリンク →

TA551

Score: 9.85
Matched TTPs:
  • T1568.002 - Domain Generation Algorithms
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1036 - Masquerading
  • T1027.010 - Command Obfuscation
MITREへのリンク →

Volt Typhoon

Score: 26.74
Matched TTPs:
  • T1584.008 - Network Devices
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1218 - System Binary Proxy Execution
  • T1010 - Application Window Discovery
  • T1584.005 - Botnet
  • T1588.002 - Tool
  • T1027.002 - Software Packing
  • T1584.004 - Server
  • T1518 - Software Discovery
MITREへのリンク →

APT28

Score: 55.14
Matched TTPs:
  • T1584.008 - Network Devices
  • T1559.002 - Dynamic Data Exchange
  • T1204.002 - Malicious File
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1140 - Deobfuscate/Decode Files or Information
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1546.015 - Component Object Model Hijacking
  • T1589.001 - Credentials
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1598 - Phishing for Information
  • T1189 - Drive-by Compromise
  • T1564.001 - Hidden Files and Directories
  • T1204.001 - Malicious Link
  • T1550.001 - Application Access Token
  • T1001.001 - Junk Data
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

ZIRCONIUM

Score: 25.83
Matched TTPs:
  • T1584.008 - Network Devices
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1218.007 - Msiexec
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1583.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1598 - Phishing for Information
  • T1027.002 - Software Packing
  • T1204.001 - Malicious Link
MITREへのリンク →

Leviathan

Score: 36.11
Matched TTPs:
  • T1584.008 - Network Devices
  • T1559.002 - Dynamic Data Exchange
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1140 - Deobfuscate/Decode Files or Information
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1585.002 - Email Accounts
  • T1102.003 - One-Way Communication
  • T1534 - Internal Spearphishing
  • T1589.001 - Credentials
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1204.001 - Malicious Link
MITREへのリンク →

Mustard Tempest

Score: 18.66
Matched TTPs:
  • T1583.008 - Malvertising
  • T1566.002 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1189 - Drive-by Compromise
  • T1608.006 - SEO Poisoning
  • T1204.001 - Malicious Link
MITREへのリンク →

Silent Librarian

Score: 9.22
Matched TTPs:
  • T1114 - Email Collection
  • T1598.003 - Spearphishing Link
  • T1585.002 - Email Accounts
  • T1588.002 - Tool
MITREへのリンク →

Magic Hound

Score: 41.32
Matched TTPs:
  • T1114 - Email Collection
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1562 - Impair Defenses
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1585.002 - Email Accounts
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1571 - Non-Standard Port
  • T1592.002 - Software
  • T1589.001 - Credentials
  • T1102.002 - Bidirectional Communication
  • T1027.010 - Command Obfuscation
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

FIN13

Score: 15.09
Matched TTPs:
  • T1587.001 - Malware
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

OilRig

Score: 31.65
Matched TTPs:
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1140 - Deobfuscate/Decode Files or Information
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1218.001 - Compiled HTML File
  • T1203 - Exploitation for Client Execution
  • T1137.004 - Outlook Home Page
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

UNC3886

Score: 20.32
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1681 - Search Threat Vendor Data
  • T1588.001 - Malware
  • T1205.001 - Port Knocking
  • T1212 - Exploitation for Credential Access
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

LuminousMoth

Score: 17.62
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1574.001 - DLL
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1564.001 - Hidden Files and Directories
  • T1204.001 - Malicious Link
MITREへのリンク →

Salt Typhoon

Score: 4.41
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
MITREへのリンク →

APT29

Score: 28.71
Matched TTPs:
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.003 - Cloud Accounts
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1027.006 - HTML Smuggling
  • T1027.002 - Software Packing
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Play

Score: 8.80
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1027.010 - Command Obfuscation
MITREへのリンク →

Aoqin Dragon

Score: 9.47
Matched TTPs:
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1027.002 - Software Packing
MITREへのリンク →

RedCurl

Score: 18.17
Matched TTPs:
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1102 - Web Service
  • T1056.002 - GUI Input Capture
  • T1027 - Obfuscated Files or Information
  • T1564.001 - Hidden Files and Directories
  • T1204.001 - Malicious Link
MITREへのリンク →

Moses Staff

Score: 4.41
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
MITREへのリンク →

Turla

Score: 26.79
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.001 - Malware
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1584.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1027.010 - Command Obfuscation
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1204.001 - Malicious Link
MITREへのリンク →

Ke3chang

Score: 14.29
Matched TTPs:
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1027 - Obfuscated Files or Information
  • T1614.001 - System Language Discovery
  • T1569.002 - Service Execution
MITREへのリンク →

Mustang Panda

Score: 58.35
Matched TTPs:
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1585.002 - Email Accounts
  • T1176.002 - IDE Extensions
  • T1070 - Indicator Removal
  • T1102 - Web Service
  • T1608 - Stage Capabilities
  • T1027.012 - LNK Icon Smuggling
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1027 - Obfuscated Files or Information
  • T1203 - Exploitation for Client Execution
  • T1001.003 - Protocol or Service Impersonation
  • T1518 - Software Discovery
  • T1027.007 - Dynamic API Resolution
  • T1564.001 - Hidden Files and Directories
  • T1204.001 - Malicious Link
MITREへのリンク →

TeamTNT

Score: 12.40
Matched TTPs:
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1102 - Web Service
  • T1027.002 - Software Packing
MITREへのリンク →

FIN7

Score: 43.54
Matched TTPs:
  • T1587.001 - Malware
  • T1559.002 - Dynamic Data Exchange
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.004 - Drive-by Target
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1674 - Input Injection
  • T1583.006 - Web Services
  • T1497.002 - User Activity Based Checks
  • T1588.002 - Tool
  • T1571 - Non-Standard Port
  • T1195.002 - Compromise Software Supply Chain
  • T1102.002 - Bidirectional Communication
  • T1027.010 - Command Obfuscation
  • T1564.001 - Hidden Files and Directories
  • T1204.001 - Malicious Link
  • T1569.002 - Service Execution
MITREへのリンク →

Cobalt Group

Score: 14.35
Matched TTPs:
  • T1559.002 - Dynamic Data Exchange
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1027.010 - Command Obfuscation
  • T1204.001 - Malicious Link
MITREへのリンク →

MuddyWater

Score: 26.97
Matched TTPs:
  • T1559.002 - Dynamic Data Exchange
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1027.004 - Compile After Delivery
  • T1027.010 - Command Obfuscation
  • T1518 - Software Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

Sidewinder

Score: 21.13
Matched TTPs:
  • T1559.002 - Dynamic Data Exchange
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1598.002 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1027.010 - Command Obfuscation
  • T1518 - Software Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

APT37

Score: 12.35
Matched TTPs:
  • T1559.002 - Dynamic Data Exchange
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1027 - Obfuscated Files or Information
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Gallmaker

Score: 6.70
Matched TTPs:
  • T1559.002 - Dynamic Data Exchange
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

BITTER

Score: 8.72
Matched TTPs:
  • T1559.002 - Dynamic Data Exchange
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

TA505

Score: 21.27
Matched TTPs:
  • T1559.002 - Dynamic Data Exchange
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1218.007 - Msiexec
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1027.010 - Command Obfuscation
  • T1027.002 - Software Packing
  • T1204.001 - Malicious Link
MITREへのリンク →

Patchwork

Score: 22.59
Matched TTPs:
  • T1559.002 - Dynamic Data Exchange
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1588.002 - Tool
  • T1055.012 - Process Hollowing
  • T1203 - Exploitation for Client Execution
  • T1027.010 - Command Obfuscation
  • T1189 - Drive-by Compromise
  • T1027.002 - Software Packing
  • T1204.001 - Malicious Link
MITREへのリンク →

Malteiro

Score: 9.38
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1140 - Deobfuscate/Decode Files or Information
  • T1657 - Financial Theft
  • T1614.001 - System Language Discovery
MITREへのリンク →

APT12

Score: 5.55
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Machete

Score: 9.52
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1218.007 - Msiexec
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Elderwood

Score: 9.78
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1027.002 - Software Packing
  • T1204.001 - Malicious Link
MITREへのリンク →

Transparent Tribe

Score: 13.43
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.004 - Drive-by Target
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1564.001 - Hidden Files and Directories
  • T1204.001 - Malicious Link
MITREへのリンク →

Dragonfly

Score: 25.96
Matched TTPs:
  • T1204.002 - Malicious File
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.004 - Drive-by Target
  • T1190 - Exploit Public-Facing Application
  • T1591.002 - Business Relationships
  • T1598.002 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
MITREへのリンク →

WIRTE

Score: 6.48
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.002 - Tool
  • T1571 - Non-Standard Port
MITREへのリンク →

RTM

Score: 5.16
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1189 - Drive-by Compromise
MITREへのリンク →

APT-C-36

Score: 7.20
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1571 - Non-Standard Port
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

CURIUM

Score: 17.35
Matched TTPs:
  • T1204.002 - Malicious File
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.004 - Drive-by Target
  • T1585.002 - Email Accounts
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Tropic Trooper

Score: 11.87
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Dark Caracal

Score: 10.57
Matched TTPs:
  • T1204.002 - Malicious File
  • T1218.001 - Compiled HTML File
  • T1189 - Drive-by Compromise
  • T1027.002 - Software Packing
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

PLATINUM

Score: 10.15
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1036 - Masquerading
  • T1189 - Drive-by Compromise
  • T1056.004 - Credential API Hooking
MITREへのリンク →

menuPass

Score: 15.91
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1055.012 - Process Hollowing
  • T1036.003 - Rename Legitimate Utilities
MITREへのリンク →

HEXANE

Score: 23.04
Matched TTPs:
  • T1204.002 - Malicious File
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1010 - Application Window Discovery
  • T1585.002 - Email Accounts
  • T1534 - Internal Spearphishing
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1027.010 - Command Obfuscation
  • T1518 - Software Discovery
MITREへのリンク →

FIN8

Score: 9.71
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1027.010 - Command Obfuscation
  • T1204.001 - Malicious Link
MITREへのリンク →

Threat Group-3390

Score: 27.82
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1608.004 - Drive-by Target
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1608.002 - Upload Tool
  • T1588.002 - Tool
  • T1055.012 - Process Hollowing
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1027.002 - Software Packing
MITREへのリンク →

LazyScripter

Score: 17.49
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1588.001 - Malware
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1027.010 - Command Obfuscation
  • T1204.001 - Malicious Link
MITREへのリンク →

PROMETHIUM

Score: 6.69
Matched TTPs:
  • T1204.002 - Malicious File
  • T1205.001 - Port Knocking
  • T1189 - Drive-by Compromise
MITREへのリンク →

APT39

Score: 19.74
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1059.010 - AutoHotKey & AutoIT
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1027.002 - Software Packing
  • T1204.001 - Malicious Link
  • T1569.002 - Service Execution
MITREへのリンク →

Higaisa

Score: 10.30
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1203 - Exploitation for Client Execution
  • T1001.003 - Protocol or Service Impersonation
MITREへのリンク →

Rancor

Score: 4.95
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1218.007 - Msiexec
MITREへのリンク →

Wizard Spider

Score: 11.87
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1585.002 - Email Accounts
  • T1588.002 - Tool
  • T1027.010 - Command Obfuscation
  • T1204.001 - Malicious Link
  • T1569.002 - Service Execution
MITREへのリンク →

Storm-1811

Score: 23.21
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1566.004 - Spearphishing Voice
  • T1667 - Email Bombing
  • T1656 - Impersonation
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Inception

Score: 9.27
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

EXOTIC LILY

Score: 15.27
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1585.002 - Email Accounts
  • T1102 - Web Service
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Ajax Security Team

Score: 4.19
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Saint Bear

Score: 13.59
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1656 - Impersonation
  • T1027.002 - Software Packing
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN6

Score: 11.82
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1027.010 - Command Obfuscation
  • T1569.002 - Service Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Whitefly

Score: 3.37
Matched TTPs:
  • T1204.002 - Malicious File
  • T1574.001 - DLL
  • T1588.002 - Tool
MITREへのリンク →

TA459

Score: 3.16
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Nomadic Octopus

Score: 3.85
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1036 - Masquerading
MITREへのリンク →

Gorgon Group

Score: 7.23
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.002 - Tool
  • T1055.012 - Process Hollowing
MITREへのリンク →

APT19

Score: 9.44
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.002 - Tool
  • T1027.010 - Command Obfuscation
  • T1189 - Drive-by Compromise
MITREへのリンク →

TA2541

Score: 16.97
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1055.012 - Process Hollowing
  • T1027.002 - Software Packing
  • T1204.001 - Malicious Link
MITREへのリンク →

Earth Lusca

Score: 26.17
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1584.006 - Web Services
  • T1027 - Obfuscated Files or Information
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1204.001 - Malicious Link
MITREへのリンク →

SideCopy

Score: 11.74
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1608.001 - Upload Malware
  • T1598.002 - Spearphishing Attachment
  • T1518 - Software Discovery
MITREへのリンク →

Mofang

Score: 4.47
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1204.001 - Malicious Link
MITREへのリンク →

Tonto Team

Score: 4.89
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Andariel

Score: 11.23
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1588.001 - Malware
  • T1592.002 - Software
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

BRONZE BUTLER

Score: 14.01
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1518 - Software Discovery
MITREへのリンク →

APT38

Score: 21.67
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1218.007 - Msiexec
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.002 - Tool
  • T1218.001 - Compiled HTML File
  • T1036.003 - Rename Legitimate Utilities
  • T1189 - Drive-by Compromise
  • T1027.002 - Software Packing
  • T1204.001 - Malicious Link
  • T1569.002 - Service Execution
MITREへのリンク →

Naikon

Score: 3.40
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
MITREへのリンク →

Molerats

Score: 9.32
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1218.007 - Msiexec
  • T1140 - Deobfuscate/Decode Files or Information
  • T1204.001 - Malicious Link
MITREへのリンク →

admin@338

Score: 3.16
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Gamaredon Group

Score: 39.96
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1102 - Web Service
  • T1027.012 - LNK Icon Smuggling
  • T1583.006 - Web Services
  • T1491.001 - Internal Defacement
  • T1102.003 - One-Way Communication
  • T1534 - Internal Spearphishing
  • T1588.002 - Tool
  • T1571 - Non-Standard Port
  • T1027 - Obfuscated Files or Information
  • T1102.002 - Bidirectional Communication
  • T1027.004 - Compile After Delivery
  • T1027.010 - Command Obfuscation
  • T1204.001 - Malicious Link
MITREへのリンク →

Darkhotel

Score: 10.62
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1140 - Deobfuscate/Decode Files or Information
  • T1497.002 - User Activity Based Checks
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

APT32

Score: 37.11
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1571 - Non-Standard Port
  • T1036.003 - Rename Legitimate Utilities
  • T1203 - Exploitation for Client Execution
  • T1027.010 - Command Obfuscation
  • T1189 - Drive-by Compromise
  • T1564.001 - Hidden Files and Directories
  • T1204.001 - Malicious Link
  • T1569.002 - Service Execution
MITREへのリンク →

The White Company

Score: 5.21
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1027.002 - Software Packing
MITREへのリンク →

IndigoZebra

Score: 7.19
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1583.006 - Web Services
  • T1588.002 - Tool
MITREへのリンク →

APT33

Score: 9.21
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1571 - Non-Standard Port
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Silence

Score: 12.61
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1218.001 - Compiled HTML File
  • T1571 - Non-Standard Port
  • T1027.010 - Command Obfuscation
  • T1569.002 - Service Execution
MITREへのリンク →

Confucius

Score: 7.98
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

BlackTech

Score: 10.02
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Windshift

Score: 15.98
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1036 - Masquerading
  • T1027 - Obfuscated Files or Information
  • T1189 - Drive-by Compromise
  • T1518 - Software Discovery
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Evilnum

Score: 4.54
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1574.001 - DLL
  • T1204.001 - Malicious Link
MITREへのリンク →

APT3

Score: 10.37
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1574.001 - DLL
  • T1027 - Obfuscated Files or Information
  • T1203 - Exploitation for Client Execution
  • T1027.002 - Software Packing
  • T1204.001 - Malicious Link
MITREへのリンク →

APT1

Score: 7.92
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1585.002 - Email Accounts
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

APT42

Score: 15.73
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1585.002 - Email Accounts
  • T1070 - Indicator Removal
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1656 - Impersonation
MITREへのリンク →

Winter Vivern

Score: 12.85
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Chimera

Score: 10.28
Matched TTPs:
  • T1574.001 - DLL
  • T1588.002 - Tool
  • T1589.001 - Credentials
  • T1027.010 - Command Obfuscation
  • T1569.002 - Service Execution
MITREへのリンク →

Cinnamon Tempest

Score: 8.14
Matched TTPs:
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1588.002 - Tool
MITREへのリンク →

Velvet Ant

Score: 10.66
Matched TTPs:
  • T1574.001 - DLL
  • T1571 - Non-Standard Port
  • T1569.002 - Service Execution
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

Aquatic Panda

Score: 6.91
Matched TTPs:
  • T1574.001 - DLL
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1027.010 - Command Obfuscation
MITREへのリンク →

GALLIUM

Score: 11.68
Matched TTPs:
  • T1574.001 - DLL
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1027 - Obfuscated Files or Information
  • T1036.003 - Rename Legitimate Utilities
  • T1027.002 - Software Packing
MITREへのリンク →

Daggerfly

Score: 13.91
Matched TTPs:
  • T1574.001 - DLL
  • T1195.002 - Compromise Software Supply Chain
  • T1036.003 - Rename Legitimate Utilities
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1204.001 - Malicious Link
MITREへのリンク →

BackdoorDiplomacy

Score: 8.80
Matched TTPs:
  • T1574.001 - DLL
  • T1190 - Exploit Public-Facing Application
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

BlackByte

Score: 22.16
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1562 - Impair Defenses
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1491.001 - Internal Defacement
  • T1055.012 - Process Hollowing
  • T1614.001 - System Language Discovery
  • T1569.002 - Service Execution
MITREへのリンク →

Rocke

Score: 18.59
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1102 - Web Service
  • T1571 - Non-Standard Port
  • T1027 - Obfuscated Files or Information
  • T1027.004 - Compile After Delivery
  • T1027.002 - Software Packing
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

GOLD SOUTHFIELD

Score: 9.55
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1566 - Phishing
  • T1195.002 - Compromise Software Supply Chain
  • T1027.010 - Command Obfuscation
MITREへのリンク →

Medusa Group

Score: 28.66
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1608.002 - Upload Tool
  • T1585.002 - Email Accounts
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1650 - Acquire Access
  • T1027.010 - Command Obfuscation
  • T1027.002 - Software Packing
  • T1569.002 - Service Execution
  • T1218.014 - MMC
MITREへのリンク →

Storm-0501

Score: 9.67
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1614.001 - System Language Discovery
  • T1027.002 - Software Packing
MITREへのリンク →

Fox Kitten

Score: 9.70
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1102 - Web Service
  • T1027.010 - Command Obfuscation
  • T1213.005 - Messaging Applications
MITREへのリンク →

ToddyCat

Score: 3.99
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Blue Mockingbird

Score: 4.72
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1569.002 - Service Execution
MITREへのリンク →

INC Ransom

Score: 10.53
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1566 - Phishing
  • T1569.002 - Service Execution
MITREへのリンク →

Axiom

Score: 20.71
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1584.005 - Botnet
  • T1566 - Phishing
  • T1553 - Subvert Trust Controls
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1001.002 - Steganography
MITREへのリンク →

HAFNIUM

Score: 18.44
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1592.004 - Client Configurations
  • T1584.005 - Botnet
  • T1583.006 - Web Services
  • T1564.001 - Hidden Files and Directories
  • T1550.001 - Application Access Token
MITREへのリンク →

APT5

Score: 5.09
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1070 - Indicator Removal
MITREへのリンク →

MoustachedBouncer

Score: 6.59
Matched TTPs:
  • T1659 - Content Injection
  • T1027.002 - Software Packing
MITREへのリンク →

Metador

Score: 3.31
Matched TTPs:
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

AppleJeus

Score: 5.81
Matched TTPs:
  • T1657 - Financial Theft
  • T1566 - Phishing
MITREへのリンク →

POLONIUM

Score: 5.26
Matched TTPs:
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

TA578

Score: 3.37
Matched TTPs:
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

DarkVishnya

Score: 7.78
Matched TTPs:
  • T1588.002 - Tool
  • T1571 - Non-Standard Port
  • T1200 - Hardware Additions
MITREへのリンク →

Leafminer

Score: 4.48
Matched TTPs:
  • T1588.002 - Tool
  • T1027.010 - Command Obfuscation
  • T1189 - Drive-by Compromise
MITREへのリンク →

Carbanak

Score: 3.25
Matched TTPs:
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

Windigo

Score: 4.51
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1518 - Software Discovery
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Sandworm Team

Score: 0.80
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1584.004 - Server
  • T1195 - Supply Chain Compromise
  • T1036 - Masquerading
  • T1204.001 - Malicious Link
  • T1608.001 - Upload Malware
  • T1499 - Endpoint Denial of Service
  • T1588.002 - Tool
  • T1491.002 - External Defacement
  • T1585.002 - Email Accounts
  • T1571 - Non-Standard Port
  • T1195.002 - Compromise Software Supply Chain
  • T1027.010 - Command Obfuscation
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1583 - Acquire Infrastructure
  • T1591.002 - Business Relationships
  • T1592.002 - Software
  • T1566.001 - Spearphishing Attachment
  • T1027 - Obfuscated Files or Information
  • T1140 - Deobfuscate/Decode Files or Information
  • T1203 - Exploitation for Client Execution
  • T1584.005 - Botnet
  • T1204.002 - Malicious File
  • T1598.003 - Spearphishing Link
MITREへのリンク →

Kimsuky

Score: 0.80
Matched TTPs:
  • T1534 - Internal Spearphishing
  • T1102.002 - Bidirectional Communication
  • T1055.012 - Process Hollowing
  • T1204.001 - Malicious Link
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1176.001 - Browser Extensions
  • T1585.002 - Email Accounts
  • T1656 - Impersonation
  • T1586.002 - Email Accounts
  • T1027.010 - Command Obfuscation
  • T1657 - Financial Theft
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1588.005 - Exploits
  • T1190 - Exploit Public-Facing Application
  • T1583 - Acquire Infrastructure
  • T1566.001 - Spearphishing Attachment
  • T1566 - Phishing
  • T1027 - Obfuscated Files or Information
  • T1140 - Deobfuscate/Decode Files or Information
  • T1027.002 - Software Packing
  • T1027.012 - LNK Icon Smuggling
  • T1204.002 - Malicious File
  • T1598 - Phishing for Information
  • T1583.006 - Web Services
  • T1598.003 - Spearphishing Link
MITREへのリンク →

Lazarus Group

Score: 0.75
Matched TTPs:
  • T1070 - Indicator Removal
  • T1102.002 - Bidirectional Communication
  • T1584.004 - Server
  • T1010 - Application Window Discovery
  • T1491.001 - Internal Defacement
  • T1001.003 - Protocol or Service Impersonation
  • T1588.002 - Tool
  • T1027.007 - Dynamic API Resolution
  • T1189 - Drive-by Compromise
  • T1585.002 - Email Accounts
  • T1571 - Non-Standard Port
  • T1587.001 - Malware
  • T1218 - System Binary Proxy Execution
  • T1564.001 - Hidden Files and Directories
  • T1566.002 - Spearphishing Link
  • T1566.003 - Spearphishing via Service
  • T1574.001 - DLL
  • T1566.001 - Spearphishing Attachment
  • T1036.003 - Rename Legitimate Utilities
  • T1140 - Deobfuscate/Decode Files or Information
  • T1203 - Exploitation for Client Execution
  • T1027.009 - Embedded Payloads
  • T1204.002 - Malicious File
  • T1583.006 - Web Services
MITREへのリンク →

Mustang Panda

Score: 0.75
Matched TTPs:
  • T1070 - Indicator Removal
  • T1204.001 - Malicious Link
  • T1001.003 - Protocol or Service Impersonation
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1027.007 - Dynamic API Resolution
  • T1585.002 - Email Accounts
  • T1586.002 - Email Accounts
  • T1102 - Web Service
  • T1587.001 - Malware
  • T1564.001 - Hidden Files and Directories
  • T1566.002 - Spearphishing Link
  • T1518 - Software Discovery
  • T1608 - Stage Capabilities
  • T1574.001 - DLL
  • T1566.001 - Spearphishing Attachment
  • T1027 - Obfuscated Files or Information
  • T1176.002 - IDE Extensions
  • T1140 - Deobfuscate/Decode Files or Information
  • T1203 - Exploitation for Client Execution
  • T1027.012 - LNK Icon Smuggling
  • T1204.002 - Malicious File
  • T1583.006 - Web Services
  • T1598.003 - Spearphishing Link
MITREへのリンク →

APT28

Score: 0.73
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1036 - Masquerading
  • T1204.001 - Malicious Link
  • T1211 - Exploitation for Defense Evasion
  • T1588.002 - Tool
  • T1550.001 - Application Access Token
  • T1189 - Drive-by Compromise
  • T1001.001 - Junk Data
  • T1586.002 - Email Accounts
  • T1546.015 - Component Object Model Hijacking
  • T1559.002 - Dynamic Data Exchange
  • T1564.001 - Hidden Files and Directories
  • T1190 - Exploit Public-Facing Application
  • T1566.001 - Spearphishing Attachment
  • T1589.001 - Credentials
  • T1140 - Deobfuscate/Decode Files or Information
  • T1584.008 - Network Devices
  • T1203 - Exploitation for Client Execution
  • T1204.002 - Malicious File
  • T1598 - Phishing for Information
  • T1583.006 - Web Services
  • T1598.003 - Spearphishing Link
MITREへのリンク →

Contagious Interview

Score: 0.64
Matched TTPs:
  • T1036 - Masquerading
  • T1204.001 - Malicious Link
  • T1543.001 - Launch Agent
  • T1588.007 - Artificial Intelligence
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1681 - Search Threat Vendor Data
  • T1585.002 - Email Accounts
  • T1656 - Impersonation
  • T1571 - Non-Standard Port
  • T1204.004 - Malicious Copy and Paste
  • T1027.010 - Command Obfuscation
  • T1657 - Financial Theft
  • T1587.001 - Malware
  • T1566.003 - Spearphishing via Service
  • T1583 - Acquire Infrastructure
  • T1204.005 - Malicious Library
  • T1204.002 - Malicious File
  • T1583.006 - Web Services
MITREへのリンク →

FIN7

Score: 0.63
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1204.001 - Malicious Link
  • T1674 - Input Injection
  • T1497.002 - User Activity Based Checks
  • T1569.002 - Service Execution
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1571 - Non-Standard Port
  • T1195.002 - Compromise Software Supply Chain
  • T1027.010 - Command Obfuscation
  • T1587.001 - Malware
  • T1559.002 - Dynamic Data Exchange
  • T1564.001 - Hidden Files and Directories
  • T1608.004 - Drive-by Target
  • T1566.002 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1566.001 - Spearphishing Attachment
  • T1140 - Deobfuscate/Decode Files or Information
  • T1204.002 - Malicious File
  • T1583.006 - Web Services
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る