TA17-117A Intrusions Affecting Multiple Victims Across Multiple Sectors
概要
US-CERT IR-ALERT-MED-17-093-0, TA17-117A
The National Cybersecurity and Communications Integration Center (NCCIC) has become aware
of an emerging sophisticated campaign, occurring since at least May 2016, that uses multiple
malware implants. Initial victims have been identified in several sectors, including information
technology, energy, healthcare and public health, communications, and critical manufacturing.
According to preliminary analysis, threat actors appear to be leveraging stolen administrative
credentials (local and domain) and certificates, along with placing sophisticated malware
implants on critical systems. Some of the campaign victims have been IT service providers,
where credential compromises could potentially be leveraged to access customer environments.
Depending on the defensive mitigations in place, the threat actor could possibly gain full access
to networks and data in a way that appears legitimate to existing monitoring tools.
Created: 2026-02-23
Indicators
Indicatorsは見つかっていない。
類似Pulses
このPulseに関連する脅威アクター (事実ベース)
Score: 86.92
Matched TTPs:
- T1583 - Acquire Infrastructure
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1007 - System Service Discovery
- T1040 - Network Sniffing
- T1082 - System Information Discovery
- T1586.002 - Email Accounts
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1596 - Search Open Technical Databases
- T1112 - Modify Registry
- T1657 - Financial Theft
- T1583.006 - Web Services
- T1591 - Gather Victim Org Information
- T1534 - Internal Spearphishing
- T1593 - Search Open Websites/Domains
- T1588.002 - Tool
- T1566 - Phishing
- T1562.001 - Disable or Modify Tools
- T1593.001 - Social Media
- T1102.002 - Bidirectional Communication
- T1012 - Query Registry
- T1656 - Impersonation
- T1518.001 - Security Software Discovery
- T1598 - Phishing for Information
- T1070.004 - File Deletion
- T1111 - Multi-Factor Authentication Interception
- T1105 - Ingress Tool Transfer
- T1587 - Develop Capabilities
- T1588.005 - Exploits
- T1102.001 - Dead Drop Resolver
- T1584.001 - Domains
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 21.10
Matched TTPs:
- T1583 - Acquire Infrastructure
- T1190 - Exploit Public-Facing Application
- T1199 - Trusted Relationship
- T1588.002 - Tool
- T1566 - Phishing
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
- T1584.002 - DNS Server
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 38.38
Matched TTPs:
- T1583 - Acquire Infrastructure
- T1491.002 - External Defacement
- T1195 - Supply Chain Compromise
- T1190 - Exploit Public-Facing Application
- T1021 - Remote Services
- T1595.002 - Vulnerability Scanning
- T1112 - Modify Registry
- T1078.001 - Default Accounts
- T1588.001 - Malware
- T1210 - Exploitation of Remote Services
- T1562.001 - Disable or Modify Tools
- T1203 - Exploitation for Client Execution
- T1070.004 - File Deletion
- T1588.005 - Exploits
MITREへのリンク →
Score: 28.53
Matched TTPs:
- T1583 - Acquire Infrastructure
- T1587.001 - Malware
- T1007 - System Service Discovery
- T1112 - Modify Registry
- T1590 - Gather Victim Network Information
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1012 - Query Registry
- T1078.002 - Domain Accounts
- T1136 - Create Account
- T1584.004 - Server
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 8.59
Matched TTPs:
- T1583 - Acquire Infrastructure
- T1190 - Exploit Public-Facing Application
- T1562.001 - Disable or Modify Tools
- T1078.002 - Domain Accounts
MITREへのリンク →
Score: 59.98
Matched TTPs:
- T1583 - Acquire Infrastructure
- T1588.007 - Artificial Intelligence
- T1587.001 - Malware
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1589 - Gather Victim Identity Information
- T1681 - Search Threat Vendor Data
- T1593.003 - Code Repositories
- T1497 - Virtualization/Sandbox Evasion
- T1657 - Financial Theft
- T1583.006 - Web Services
- T1593 - Search Open Websites/Domains
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1593.001 - Social Media
- T1656 - Impersonation
- T1070.004 - File Deletion
- T1204.004 - Malicious Copy and Paste
- T1587 - Develop Capabilities
- T1566.003 - Spearphishing via Service
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 65.30
Matched TTPs:
- T1583 - Acquire Infrastructure
- T1491.002 - External Defacement
- T1587.001 - Malware
- T1586.001 - Social Media Accounts
- T1598.003 - Spearphishing Link
- T1040 - Network Sniffing
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1195 - Supply Chain Compromise
- T1190 - Exploit Public-Facing Application
- T1595.002 - Vulnerability Scanning
- T1591.002 - Business Relationships
- T1584.005 - Botnet
- T1199 - Trusted Relationship
- T1593 - Search Open Websites/Domains
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1592.002 - Software
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
- T1078.002 - Domain Accounts
- T1499 - Endpoint Denial of Service
- T1070.004 - File Deletion
- T1584.004 - Server
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 22.24
Matched TTPs:
- T1583 - Acquire Infrastructure
- T1598.003 - Spearphishing Link
- T1586.002 - Email Accounts
- T1608.001 - Upload Malware
- T1589 - Gather Victim Identity Information
- T1598.002 - Spearphishing Attachment
- T1593 - Search Open Websites/Domains
- T1588.002 - Tool
- T1078 - Valid Accounts
MITREへのリンク →
Score: 63.64
Matched TTPs:
- T1597.002 - Purchase Technical Data
- T1586.002 - Email Accounts
- T1589 - Gather Victim Identity Information
- T1598.004 - Spearphishing Voice
- T1591.002 - Business Relationships
- T1593.003 - Code Repositories
- T1588.001 - Malware
- T1621 - Multi-Factor Authentication Request Generation
- T1552.008 - Chat Messages
- T1199 - Trusted Relationship
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1531 - Account Access Removal
- T1589.001 - Credentials
- T1584.002 - DNS Server
- T1656 - Impersonation
- T1591.004 - Identify Roles
- T1111 - Multi-Factor Authentication Interception
- T1213.005 - Messaging Applications
MITREへのリンク →
Score: 64.65
Matched TTPs:
- T1584.008 - Network Devices
- T1497.001 - System Checks
- T1007 - System Service Discovery
- T1590.004 - Network Topology
- T1584.003 - Virtual Private Server
- T1190 - Exploit Public-Facing Application
- T1589 - Gather Victim Identity Information
- T1112 - Modify Registry
- T1590.006 - Network Security Appliances
- T1584.005 - Botnet
- T1591 - Gather Victim Org Information
- T1590 - Gather Victim Network Information
- T1593 - Search Open Websites/Domains
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1012 - Query Registry
- T1078.002 - Domain Accounts
- T1591.004 - Identify Roles
- T1070.004 - File Deletion
- T1584.004 - Server
- T1518 - Software Discovery
- T1105 - Ingress Tool Transfer
- T1596.005 - Scan Databases
MITREへのリンク →
Score: 59.17
Matched TTPs:
- T1584.008 - Network Devices
- T1598.003 - Spearphishing Link
- T1040 - Network Sniffing
- T1586.002 - Email Accounts
- T1190 - Exploit Public-Facing Application
- T1557.004 - Evil Twin
- T1595.002 - Vulnerability Scanning
- T1596 - Search Open Technical Databases
- T1583.006 - Web Services
- T1591 - Gather Victim Org Information
- T1210 - Exploitation of Remote Services
- T1199 - Trusted Relationship
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1589.001 - Credentials
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
- T1598 - Phishing for Information
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1669 - Wi-Fi Networks
- T1211 - Exploitation for Defense Evasion
MITREへのリンク →
Score: 18.15
Matched TTPs:
- T1584.008 - Network Devices
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1583.006 - Web Services
- T1102.002 - Bidirectional Communication
- T1012 - Query Registry
- T1598 - Phishing for Information
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 32.20
Matched TTPs:
- T1584.008 - Network Devices
- T1586.001 - Social Media Accounts
- T1586.002 - Email Accounts
- T1190 - Exploit Public-Facing Application
- T1595.002 - Vulnerability Scanning
- T1102.003 - One-Way Communication
- T1534 - Internal Spearphishing
- T1078 - Valid Accounts
- T1589.001 - Credentials
- T1203 - Exploitation for Client Execution
- T1584.004 - Server
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 11.78
Matched TTPs:
- T1583.008 - Malvertising
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1105 - Ingress Tool Transfer
- T1584.001 - Domains
MITREへのリンク →
Score: 23.85
Matched TTPs:
- T1587.001 - Malware
- T1590.004 - Network Topology
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1589 - Gather Victim Identity Information
- T1078.001 - Default Accounts
- T1657 - Financial Theft
- T1588.002 - Tool
- T1105 - Ingress Tool Transfer
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 21.60
Matched TTPs:
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1591 - Gather Victim Org Information
- T1598 - Phishing for Information
- T1105 - Ingress Tool Transfer
- T1587 - Develop Capabilities
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 51.56
Matched TTPs:
- T1587.001 - Malware
- T1082 - System Information Discovery
- T1070 - Indicator Removal
- T1583.006 - Web Services
- T1491.001 - Internal Defacement
- T1591 - Gather Victim Org Information
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
- T1001.003 - Protocol or Service Impersonation
- T1012 - Query Registry
- T1070.004 - File Deletion
- T1584.004 - Server
- T1105 - Ingress Tool Transfer
- T1027.007 - Dynamic API Resolution
- T1008 - Fallback Channels
- T1566.003 - Spearphishing via Service
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
- T1529 - System Shutdown/Reboot
MITREへのリンク →
Score: 45.10
Matched TTPs:
- T1587.001 - Malware
- T1497.001 - System Checks
- T1007 - System Service Discovery
- T1082 - System Information Discovery
- T1586.002 - Email Accounts
- T1608.001 - Upload Malware
- T1195 - Supply Chain Compromise
- T1112 - Modify Registry
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
- T1573.002 - Asymmetric Cryptography
- T1012 - Query Registry
- T1078.002 - Domain Accounts
- T1555.004 - Windows Credential Manager
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1008 - Fallback Channels
- T1566.003 - Spearphishing via Service
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 30.89
Matched TTPs:
- T1587.001 - Malware
- T1040 - Network Sniffing
- T1190 - Exploit Public-Facing Application
- T1078.001 - Default Accounts
- T1681 - Search Threat Vendor Data
- T1588.001 - Malware
- T1212 - Exploitation for Credential Access
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
- T1070.004 - File Deletion
- T1008 - Fallback Channels
MITREへのリンク →
Score: 9.98
Matched TTPs:
- T1587.001 - Malware
- T1608.001 - Upload Malware
- T1112 - Modify Registry
- T1588.001 - Malware
- T1588.002 - Tool
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 22.42
Matched TTPs:
- T1587.001 - Malware
- T1040 - Network Sniffing
- T1590.004 - Network Topology
- T1190 - Exploit Public-Facing Application
- T1602.002 - Network Device Configuration Dump
- T1588.002 - Tool
- T1136 - Create Account
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 37.62
Matched TTPs:
- T1587.001 - Malware
- T1586.003 - Cloud Accounts
- T1586.002 - Email Accounts
- T1190 - Exploit Public-Facing Application
- T1595.002 - Vulnerability Scanning
- T1649 - Steal or Forge Authentication Certificates
- T1583.006 - Web Services
- T1621 - Multi-Factor Authentication Request Generation
- T1199 - Trusted Relationship
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1566.003 - Spearphishing via Service
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 20.37
Matched TTPs:
- T1587.001 - Malware
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1657 - Financial Theft
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1078.002 - Domain Accounts
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 4.44
Matched TTPs:
- T1587.001 - Malware
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 20.68
Matched TTPs:
- T1587.001 - Malware
- T1082 - System Information Discovery
- T1102 - Web Service
- T1199 - Trusted Relationship
- T1056.002 - GUI Input Capture
- T1573.002 - Asymmetric Cryptography
- T1537 - Transfer Data to Cloud Account
- T1070.004 - File Deletion
MITREへのリンク →
Score: 6.40
Matched TTPs:
- T1587.001 - Malware
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1588.002 - Tool
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 41.48
Matched TTPs:
- T1587.001 - Malware
- T1007 - System Service Discovery
- T1082 - System Information Discovery
- T1584.003 - Virtual Private Server
- T1112 - Modify Registry
- T1588.001 - Malware
- T1102 - Web Service
- T1583.006 - Web Services
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1584.006 - Web Services
- T1102.002 - Bidirectional Communication
- T1012 - Query Registry
- T1518.001 - Security Software Discovery
- T1555.004 - Windows Credential Manager
- T1584.004 - Server
- T1105 - Ingress Tool Transfer
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 14.19
Matched TTPs:
- T1587.001 - Malware
- T1583.005 - Botnet
- T1007 - System Service Discovery
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 57.96
Matched TTPs:
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1586.002 - Email Accounts
- T1608.001 - Upload Malware
- T1176.002 - IDE Extensions
- T1070 - Indicator Removal
- T1102 - Web Service
- T1608 - Stage Capabilities
- T1583.006 - Web Services
- T1593 - Search Open Websites/Domains
- T1678 - Delay Execution
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
- T1001.003 - Protocol or Service Impersonation
- T1070.004 - File Deletion
- T1518 - Software Discovery
- T1622 - Debugger Evasion
- T1105 - Ingress Tool Transfer
- T1027.007 - Dynamic API Resolution
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 18.77
Matched TTPs:
- T1587.001 - Malware
- T1007 - System Service Discovery
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1595.002 - Vulnerability Scanning
- T1102 - Web Service
- T1562.001 - Disable or Modify Tools
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 34.10
Matched TTPs:
- T1587.001 - Malware
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1583.006 - Web Services
- T1497.002 - User Activity Based Checks
- T1591 - Gather Victim Org Information
- T1210 - Exploitation of Remote Services
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1102.002 - Bidirectional Communication
- T1591.004 - Identify Roles
- T1105 - Ingress Tool Transfer
- T1008 - Fallback Channels
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 47.23
Matched TTPs:
- T1484.002 - Trust Modification
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1589 - Gather Victim Identity Information
- T1598.004 - Spearphishing Voice
- T1588.001 - Malware
- T1657 - Financial Theft
- T1621 - Multi-Factor Authentication Request Generation
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1656 - Impersonation
- T1598 - Phishing for Information
- T1136 - Create Account
- T1538 - Cloud Service Dashboard
- T1105 - Ingress Tool Transfer
- T1213.005 - Messaging Applications
MITREへのリンク →
Score: 18.00
Matched TTPs:
- T1484.002 - Trust Modification
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1482 - Domain Trust Discovery
- T1657 - Financial Theft
- T1518.001 - Security Software Discovery
- T1537 - Transfer Data to Cloud Account
MITREへのリンク →
Score: 5.60
Matched TTPs:
- T1497.001 - System Checks
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 16.79
Matched TTPs:
- T1497.001 - System Checks
- T1082 - System Information Discovery
- T1497 - Virtualization/Sandbox Evasion
- T1497.002 - User Activity Based Checks
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 35.92
Matched TTPs:
- T1497.001 - System Checks
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1112 - Modify Registry
- T1102 - Web Service
- T1583.006 - Web Services
- T1491.001 - Internal Defacement
- T1102.003 - One-Way Communication
- T1534 - Internal Spearphishing
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1102.002 - Bidirectional Communication
- T1012 - Query Registry
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 14.20
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1598.002 - Spearphishing Attachment
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1518 - Software Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 4.73
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1588.002 - Tool
- T1078 - Valid Accounts
MITREへのリンク →
Score: 27.08
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1589 - Gather Victim Identity Information
- T1112 - Modify Registry
- T1102 - Web Service
- T1583.006 - Web Services
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
- T1012 - Query Registry
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 58.59
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1562 - Impair Defenses
- T1586.002 - Email Accounts
- T1190 - Exploit Public-Facing Application
- T1589 - Gather Victim Identity Information
- T1595.002 - Vulnerability Scanning
- T1112 - Modify Registry
- T1078.001 - Default Accounts
- T1482 - Domain Trust Discovery
- T1583.006 - Web Services
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1592.002 - Software
- T1589.001 - Credentials
- T1102.002 - Bidirectional Communication
- T1078.002 - Domain Accounts
- T1036.010 - Masquerade Account Name
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1591.001 - Determine Physical Locations
- T1566.003 - Spearphishing via Service
- T1584.001 - Domains
MITREへのリンク →
Score: 9.81
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1584.006 - Web Services
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 33.18
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1190 - Exploit Public-Facing Application
- T1595.002 - Vulnerability Scanning
- T1112 - Modify Registry
- T1591.002 - Business Relationships
- T1598.002 - Spearphishing Attachment
- T1210 - Exploitation of Remote Services
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
- T1012 - Query Registry
- T1036.010 - Masquerade Account Name
- T1070.004 - File Deletion
- T1584.004 - Server
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 15.18
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1112 - Modify Registry
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 29.37
Matched TTPs:
- T1583.005 - Botnet
- T1190 - Exploit Public-Facing Application
- T1593.003 - Code Repositories
- T1592.004 - Client Configurations
- T1584.005 - Botnet
- T1583.006 - Web Services
- T1590 - Gather Victim Network Information
- T1199 - Trusted Relationship
- T1105 - Ingress Tool Transfer
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 16.74
Matched TTPs:
- T1583.005 - Botnet
- T1190 - Exploit Public-Facing Application
- T1562.006 - Indicator Blocking
- T1070 - Indicator Removal
- T1078.002 - Domain Accounts
- T1070.004 - File Deletion
MITREへのリンク →
Score: 14.85
Matched TTPs:
- T1007 - System Service Discovery
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1203 - Exploitation for Client Execution
- T1070.004 - File Deletion
- T1518 - Software Discovery
- T1105 - Ingress Tool Transfer
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 23.44
Matched TTPs:
- T1007 - System Service Discovery
- T1082 - System Information Discovery
- T1021 - Remote Services
- T1595.002 - Vulnerability Scanning
- T1112 - Modify Registry
- T1588.001 - Malware
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078.002 - Domain Accounts
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 30.54
Matched TTPs:
- T1007 - System Service Discovery
- T1482 - Domain Trust Discovery
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1110.004 - Credential Stuffing
- T1589.001 - Credentials
- T1012 - Query Registry
- T1078.002 - Domain Accounts
- T1556.001 - Domain Controller Authentication
- T1070.004 - File Deletion
- T1111 - Multi-Factor Authentication Interception
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 27.84
Matched TTPs:
- T1007 - System Service Discovery
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1595.002 - Vulnerability Scanning
- T1112 - Modify Registry
- T1482 - Domain Trust Discovery
- T1588.001 - Malware
- T1583.006 - Web Services
- T1210 - Exploitation of Remote Services
- T1588.002 - Tool
- T1584.006 - Web Services
- T1584.004 - Server
MITREへのリンク →
Score: 5.22
Matched TTPs:
- T1007 - System Service Discovery
- T1082 - System Information Discovery
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 9.12
Matched TTPs:
- T1007 - System Service Discovery
- T1588.001 - Malware
- T1588.002 - Tool
- T1584.001 - Domains
MITREへのリンク →
Score: 14.38
Matched TTPs:
- T1040 - Network Sniffing
- T1562.001 - Disable or Modify Tools
- T1573.002 - Asymmetric Cryptography
- T1078.003 - Local Accounts
- T1211 - Exploitation for Defense Evasion
MITREへのリンク →
Score: 10.32
Matched TTPs:
- T1040 - Network Sniffing
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
- T1105 - Ingress Tool Transfer
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 8.42
Matched TTPs:
- T1040 - Network Sniffing
- T1588.002 - Tool
- T1200 - Hardware Additions
MITREへのリンク →
Score: 3.95
Matched TTPs:
- T1082 - System Information Discovery
- T1518 - Software Discovery
MITREへのリンク →
Score: 29.18
Matched TTPs:
- T1082 - System Information Discovery
- T1562 - Impair Defenses
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1112 - Modify Registry
- T1482 - Domain Trust Discovery
- T1491.001 - Internal Defacement
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1012 - Query Registry
- T1078.002 - Domain Accounts
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 37.41
Matched TTPs:
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1595.002 - Vulnerability Scanning
- T1112 - Modify Registry
- T1562.006 - Indicator Blocking
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
- T1012 - Query Registry
- T1656 - Impersonation
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1596.005 - Scan Databases
- T1480.001 - Environmental Keying
- T1008 - Fallback Channels
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 9.89
Matched TTPs:
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1112 - Modify Registry
- T1588.002 - Tool
- T1574.012 - COR_PROFILER
MITREへのリンク →
Score: 22.79
Matched TTPs:
- T1082 - System Information Discovery
- T1586.002 - Email Accounts
- T1608.001 - Upload Malware
- T1589 - Gather Victim Identity Information
- T1534 - Internal Spearphishing
- T1588.002 - Tool
- T1102.002 - Bidirectional Communication
- T1591.004 - Identify Roles
- T1518 - Software Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 15.72
Matched TTPs:
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1588.001 - Malware
- T1583.006 - Web Services
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1573.002 - Asymmetric Cryptography
- T1518.001 - Security Software Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 14.34
Matched TTPs:
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1102 - Web Service
- T1562.001 - Disable or Modify Tools
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 9.50
Matched TTPs:
- T1082 - System Information Discovery
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
- T1105 - Ingress Tool Transfer
- T1529 - System Shutdown/Reboot
MITREへのリンク →
Score: 8.82
Matched TTPs:
- T1082 - System Information Discovery
- T1102 - Web Service
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
- T1518 - Software Discovery
MITREへのリンク →
Score: 6.54
Matched TTPs:
- T1082 - System Information Discovery
- T1203 - Exploitation for Client Execution
- T1001.003 - Protocol or Service Impersonation
MITREへのリンク →
Score: 5.63
Matched TTPs:
- T1082 - System Information Discovery
- T1657 - Financial Theft
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 13.36
Matched TTPs:
- T1082 - System Information Discovery
- T1112 - Modify Registry
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1529 - System Shutdown/Reboot
MITREへのリンク →
Score: 19.39
Matched TTPs:
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1583.006 - Web Services
- T1210 - Exploitation of Remote Services
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1518 - Software Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 10.77
Matched TTPs:
- T1082 - System Information Discovery
- T1203 - Exploitation for Client Execution
- T1078.002 - Domain Accounts
- T1036.010 - Masquerade Account Name
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 7.05
Matched TTPs:
- T1082 - System Information Discovery
- T1012 - Query Registry
- T1584.004 - Server
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 23.30
Matched TTPs:
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1112 - Modify Registry
- T1070 - Indicator Removal
- T1102 - Web Service
- T1588.002 - Tool
- T1573.002 - Asymmetric Cryptography
- T1656 - Impersonation
- T1518.001 - Security Software Discovery
- T1111 - Multi-Factor Authentication Interception
MITREへのリンク →
Score: 15.51
Matched TTPs:
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1598.002 - Spearphishing Attachment
- T1518.001 - Security Software Discovery
- T1518 - Software Discovery
- T1105 - Ingress Tool Transfer
- T1584.001 - Domains
MITREへのリンク →
Score: 3.88
Matched TTPs:
- T1082 - System Information Discovery
- T1112 - Modify Registry
- T1588.002 - Tool
MITREへのリンク →
Score: 4.79
Matched TTPs:
- T1082 - System Information Discovery
- T1078 - Valid Accounts
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 20.31
Matched TTPs:
- T1082 - System Information Discovery
- T1112 - Modify Registry
- T1482 - Domain Trust Discovery
- T1102 - Web Service
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1573.002 - Asymmetric Cryptography
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 14.91
Matched TTPs:
- T1082 - System Information Discovery
- T1203 - Exploitation for Client Execution
- T1573.002 - Asymmetric Cryptography
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1518 - Software Discovery
- T1105 - Ingress Tool Transfer
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 14.20
Matched TTPs:
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1595.002 - Vulnerability Scanning
- T1056.003 - Web Portal Capture
- T1584.006 - Web Services
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 26.41
Matched TTPs:
- T1082 - System Information Discovery
- T1021 - Remote Services
- T1112 - Modify Registry
- T1210 - Exploitation of Remote Services
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1078.002 - Domain Accounts
- T1518.001 - Security Software Discovery
- T1555.004 - Windows Credential Manager
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 9.15
Matched TTPs:
- T1082 - System Information Discovery
- T1518.001 - Security Software Discovery
- T1518 - Software Discovery
- T1105 - Ingress Tool Transfer
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 32.21
Matched TTPs:
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1608.002 - Upload Tool
- T1112 - Modify Registry
- T1657 - Financial Theft
- T1583.006 - Web Services
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1573.002 - Asymmetric Cryptography
- T1518.001 - Security Software Discovery
- T1650 - Acquire Access
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1529 - System Shutdown/Reboot
MITREへのリンク →
Score: 7.06
Matched TTPs:
- T1082 - System Information Discovery
- T1012 - Query Registry
- T1555.004 - Windows Credential Manager
MITREへのリンク →
Score: 6.30
Matched TTPs:
- T1586.002 - Email Accounts
- T1583.006 - Web Services
- T1588.002 - Tool
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 9.74
Matched TTPs:
- T1608.001 - Upload Malware
- T1588.001 - Malware
- T1102 - Web Service
- T1583.006 - Web Services
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 23.06
Matched TTPs:
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1608.002 - Upload Tool
- T1112 - Modify Registry
- T1210 - Exploitation of Remote Services
- T1199 - Trusted Relationship
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
- T1012 - Query Registry
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 11.97
Matched TTPs:
- T1608.001 - Upload Malware
- T1112 - Modify Registry
- T1588.001 - Malware
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078.002 - Domain Accounts
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 5.09
Matched TTPs:
- T1608.001 - Upload Malware
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 15.98
Matched TTPs:
- T1608.001 - Upload Malware
- T1112 - Modify Registry
- T1497 - Virtualization/Sandbox Evasion
- T1583.006 - Web Services
- T1562.001 - Disable or Modify Tools
- T1203 - Exploitation for Client Execution
- T1656 - Impersonation
MITREへのリンク →
Score: 16.90
Matched TTPs:
- T1608.001 - Upload Malware
- T1102 - Web Service
- T1597 - Search Closed Sources
- T1593.001 - Social Media
- T1203 - Exploitation for Client Execution
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 5.55
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1588.001 - Malware
- T1588.002 - Tool
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 7.50
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1199 - Trusted Relationship
- T1566 - Phishing
MITREへのリンク →
Score: 3.81
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 15.02
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1102 - Web Service
- T1210 - Exploitation of Remote Services
- T1078 - Valid Accounts
- T1012 - Query Registry
- T1105 - Ingress Tool Transfer
- T1213.005 - Messaging Applications
MITREへのリンク →
Score: 9.33
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1657 - Financial Theft
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1078.002 - Domain Accounts
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 11.39
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1210 - Exploitation of Remote Services
- T1199 - Trusted Relationship
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 8.18
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1078.002 - Domain Accounts
- T1518.001 - Security Software Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 4.52
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 4.84
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1595.002 - Vulnerability Scanning
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 17.35
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1657 - Financial Theft
- T1588.002 - Tool
- T1566 - Phishing
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1537 - Transfer Data to Cloud Account
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 11.29
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1584.005 - Botnet
- T1566 - Phishing
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 10.53
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1102.002 - Bidirectional Communication
- T1012 - Query Registry
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 4.54
Matched TTPs:
- T1659 - Content Injection
MITREへのリンク →
Score: 6.26
Matched TTPs:
- T1112 - Modify Registry
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 7.84
Matched TTPs:
- T1112 - Modify Registry
- T1482 - Domain Trust Discovery
- T1588.002 - Tool
- T1012 - Query Registry
MITREへのリンク →
Score: 5.25
Matched TTPs:
- T1112 - Modify Registry
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 12.81
Matched TTPs:
- T1482 - Domain Trust Discovery
- T1657 - Financial Theft
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1531 - Account Access Removal
MITREへのリンク →
Score: 18.27
Matched TTPs:
- T1482 - Domain Trust Discovery
- T1588.002 - Tool
- T1566.004 - Spearphishing Voice
- T1656 - Impersonation
- T1036.010 - Masquerade Account Name
- T1105 - Ingress Tool Transfer
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 5.47
Matched TTPs:
- T1588.001 - Malware
- T1588.002 - Tool
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 8.57
Matched TTPs:
- T1588.001 - Malware
- T1592.002 - Software
- T1203 - Exploitation for Client Execution
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 8.67
Matched TTPs:
- T1542.002 - Component Firmware
- T1480.001 - Environmental Keying
MITREへのリンク →
Score: 15.99
Matched TTPs:
- T1102 - Web Service
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1573.002 - Asymmetric Cryptography
- T1070.004 - File Deletion
- T1566.003 - Spearphishing via Service
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 5.81
Matched TTPs:
- T1657 - Financial Theft
- T1566 - Phishing
MITREへのリンク →
Score: 4.28
Matched TTPs:
- T1583.006 - Web Services
- T1203 - Exploitation for Client Execution
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 9.43
Matched TTPs:
- T1583.006 - Web Services
- T1199 - Trusted Relationship
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1102.002 - Bidirectional Communication
MITREへのリンク →
Score: 5.02
Matched TTPs:
- T1210 - Exploitation of Remote Services
- T1203 - Exploitation for Client Execution
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 5.56
Matched TTPs:
- T1056.002 - GUI Input Capture
- T1078 - Valid Accounts
MITREへのリンク →
Score: 9.15
Matched TTPs:
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
- T1573.002 - Asymmetric Cryptography
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 3.65
Matched TTPs:
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1070.004 - File Deletion
MITREへのリンク →
Score: 3.60
Matched TTPs:
- T1588.002 - Tool
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 6.32
Matched TTPs:
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1070.004 - File Deletion
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 4.67
Matched TTPs:
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1102.002 - Bidirectional Communication
MITREへのリンク →
Score: 3.89
Matched TTPs:
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 4.77
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
MITREへのリンク →
Score: 4.78
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1584.001 - Domains
MITREへのリンク →
Score: 4.19
Matched TTPs:
- T1078.002 - Domain Accounts
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 3.30
Matched TTPs:
- T1105 - Ingress Tool Transfer
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
このPulseに関連する脅威アクター (推論ベース)
Score: 0.82
Matched TTPs:
- T1102.001 - Dead Drop Resolver
- T1656 - Impersonation
- T1105 - Ingress Tool Transfer
- T1586.002 - Email Accounts
- T1587 - Develop Capabilities
- T1608.001 - Upload Malware
- T1596 - Search Open Technical Databases
- T1593 - Search Open Websites/Domains
- T1012 - Query Registry
- T1007 - System Service Discovery
- T1584.001 - Domains
- T1518.001 - Security Software Discovery
- T1598 - Phishing for Information
- T1111 - Multi-Factor Authentication Interception
- T1583.006 - Web Services
- T1657 - Financial Theft
- T1562.001 - Disable or Modify Tools
- T1588.002 - Tool
- T1591 - Gather Victim Org Information
- T1112 - Modify Registry
- T1078.003 - Local Accounts
- T1040 - Network Sniffing
- T1190 - Exploit Public-Facing Application
- T1588.005 - Exploits
- T1102.002 - Bidirectional Communication
- T1598.003 - Spearphishing Link
- T1534 - Internal Spearphishing
- T1082 - System Information Discovery
- T1566 - Phishing
- T1583 - Acquire Infrastructure
- T1587.001 - Malware
- T1593.001 - Social Media
- T1070.004 - File Deletion
MITREへのリンク →
Score: 0.67
Matched TTPs:
- T1491.002 - External Defacement
- T1105 - Ingress Tool Transfer
- T1592.002 - Software
- T1608.001 - Upload Malware
- T1593 - Search Open Websites/Domains
- T1591.002 - Business Relationships
- T1199 - Trusted Relationship
- T1078.002 - Domain Accounts
- T1586.001 - Social Media Accounts
- T1588.002 - Tool
- T1040 - Network Sniffing
- T1078 - Valid Accounts
- T1190 - Exploit Public-Facing Application
- T1203 - Exploitation for Client Execution
- T1102.002 - Bidirectional Communication
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1195 - Supply Chain Compromise
- T1584.005 - Botnet
- T1595.002 - Vulnerability Scanning
- T1499 - Endpoint Denial of Service
- T1584.004 - Server
- T1583 - Acquire Infrastructure
- T1587.001 - Malware
- T1070.004 - File Deletion
MITREへのリンク →
Score: 0.66
Matched TTPs:
- T1531 - Account Access Removal
- T1656 - Impersonation
- T1598.004 - Spearphishing Voice
- T1586.002 - Email Accounts
- T1591.002 - Business Relationships
- T1199 - Trusted Relationship
- T1589 - Gather Victim Identity Information
- T1111 - Multi-Factor Authentication Interception
- T1588.001 - Malware
- T1584.002 - DNS Server
- T1588.002 - Tool
- T1591.004 - Identify Roles
- T1213.005 - Messaging Applications
- T1078 - Valid Accounts
- T1593.003 - Code Repositories
- T1589.001 - Credentials
- T1552.008 - Chat Messages
- T1597.002 - Purchase Technical Data
- T1621 - Multi-Factor Authentication Request Generation
MITREへのリンク →
Score: 0.65
Matched TTPs:
- T1590.006 - Network Security Appliances
- T1105 - Ingress Tool Transfer
- T1593 - Search Open Websites/Domains
- T1012 - Query Registry
- T1007 - System Service Discovery
- T1590 - Gather Victim Network Information
- T1589 - Gather Victim Identity Information
- T1078.002 - Domain Accounts
- T1518 - Software Discovery
- T1588.002 - Tool
- T1591 - Gather Victim Org Information
- T1112 - Modify Registry
- T1591.004 - Identify Roles
- T1078 - Valid Accounts
- T1584.003 - Virtual Private Server
- T1190 - Exploit Public-Facing Application
- T1590.004 - Network Topology
- T1596.005 - Scan Databases
- T1497.001 - System Checks
- T1584.008 - Network Devices
- T1584.005 - Botnet
- T1584.004 - Server
- T1070.004 - File Deletion
MITREへのリンク →
Score: 0.62
Matched TTPs:
- T1105 - Ingress Tool Transfer
- T1586.002 - Email Accounts
- T1596 - Search Open Technical Databases
- T1210 - Exploitation of Remote Services
- T1669 - Wi-Fi Networks
- T1199 - Trusted Relationship
- T1598 - Phishing for Information
- T1583.006 - Web Services
- T1211 - Exploitation for Defense Evasion
- T1588.002 - Tool
- T1591 - Gather Victim Org Information
- T1040 - Network Sniffing
- T1078 - Valid Accounts
- T1190 - Exploit Public-Facing Application
- T1203 - Exploitation for Client Execution
- T1102.002 - Bidirectional Communication
- T1557.004 - Evil Twin
- T1598.003 - Spearphishing Link
- T1584.008 - Network Devices
- T1595.002 - Vulnerability Scanning
- T1589.001 - Credentials
- T1070.004 - File Deletion
MITREへのリンク →
Score: 0.61
Matched TTPs:
- T1591.001 - Determine Physical Locations
- T1078.001 - Default Accounts
- T1105 - Ingress Tool Transfer
- T1592.002 - Software
- T1586.002 - Email Accounts
- T1584.001 - Domains
- T1589 - Gather Victim Identity Information
- T1078.002 - Domain Accounts
- T1583.006 - Web Services
- T1562.001 - Disable or Modify Tools
- T1588.002 - Tool
- T1112 - Modify Registry
- T1190 - Exploit Public-Facing Application
- T1102.002 - Bidirectional Communication
- T1598.003 - Spearphishing Link
- T1562 - Impair Defenses
- T1082 - System Information Discovery
- T1595.002 - Vulnerability Scanning
- T1566.003 - Spearphishing via Service
- T1482 - Domain Trust Discovery
- T1036.010 - Masquerade Account Name
- T1589.001 - Credentials
- T1070.004 - File Deletion
MITREへのリンク →
Score: 0.60
Matched TTPs:
- T1681 - Search Threat Vendor Data
- T1656 - Impersonation
- T1587 - Develop Capabilities
- T1608.001 - Upload Malware
- T1593 - Search Open Websites/Domains
- T1589 - Gather Victim Identity Information
- T1204.004 - Malicious Copy and Paste
- T1583.006 - Web Services
- T1657 - Financial Theft
- T1562.001 - Disable or Modify Tools
- T1588.002 - Tool
- T1593.003 - Code Repositories
- T1497 - Virtualization/Sandbox Evasion
- T1082 - System Information Discovery
- T1566.003 - Spearphishing via Service
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
- T1588.007 - Artificial Intelligence
- T1583 - Acquire Infrastructure
- T1587.001 - Malware
- T1593.001 - Social Media
- T1070.004 - File Deletion
MITREへのリンク →
Score: 0.58
Matched TTPs:
- T1001.003 - Protocol or Service Impersonation
- T1105 - Ingress Tool Transfer
- T1608 - Stage Capabilities
- T1586.002 - Email Accounts
- T1608.001 - Upload Malware
- T1593 - Search Open Websites/Domains
- T1583.006 - Web Services
- T1070 - Indicator Removal
- T1518 - Software Discovery
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
- T1598.003 - Spearphishing Link
- T1102 - Web Service
- T1082 - System Information Discovery
- T1027.007 - Dynamic API Resolution
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
- T1622 - Debugger Evasion
- T1587.001 - Malware
- T1176.002 - IDE Extensions
- T1678 - Delay Execution
- T1070.004 - File Deletion
MITREへのリンク →
Score: 0.55
Matched TTPs:
- T1001.003 - Protocol or Service Impersonation
- T1105 - Ingress Tool Transfer
- T1529 - System Shutdown/Reboot
- T1491.001 - Internal Defacement
- T1012 - Query Registry
- T1583.006 - Web Services
- T1070 - Indicator Removal
- T1562.001 - Disable or Modify Tools
- T1588.002 - Tool
- T1591 - Gather Victim Org Information
- T1078 - Valid Accounts
- T1008 - Fallback Channels
- T1203 - Exploitation for Client Execution
- T1102.002 - Bidirectional Communication
- T1082 - System Information Discovery
- T1566.003 - Spearphishing via Service
- T1027.007 - Dynamic API Resolution
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
- T1584.004 - Server
- T1587.001 - Malware
- T1070.004 - File Deletion
MITREへのリンク →
Related CVEs
このPulseに見つかったCVEはありません。
Pulse – 脅威アクター グラフ
← Pulse一覧に戻る
Trusted Design