Trusted Design

Trojan Emotet

概要

Trojan Emotet || Loaded through an infected document that set up a shell connection and downloaded a primary (Trojan.Emotet) and secondary Trojan || Searches for Windows Mail specific files Tries to harvest and steal browser information (history, passwords, etc) Tries to steal Instant Messenger accounts or passwords Tries to steal Mail credentials (via file access) Tries to steal Mail credentials (via file registry) May use bcdedit to modify the Windows boot settings Drops executables to the windows directory (C:\Windows) and starts them

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Scattered Spider

Score: 10.79
Matched TTPs:
  • T1666 - Modify Cloud Resource Hierarchy
  • T1552.003 - Shell History
  • T1597 - Search Closed Sources
  • T1548.006 - TCC Manipulation
MITREへのリンク →

FIN4

Score: 7.24
Matched TTPs:
  • T1666 - Modify Cloud Resource Hierarchy
  • T1087.002 - Domain Account
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
MITREへのリンク →

Malteiro

Score: 4.19
Matched TTPs:
  • T1087.002 - Domain Account
  • T1598.003 - Spearphishing Link
  • T1552.003 - Shell History
MITREへのリンク →

APT12

Score: 3.16
Matched TTPs:
  • T1087.002 - Domain Account
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
MITREへのリンク →

Kimsuky

Score: 20.52
Matched TTPs:
  • T1087.002 - Domain Account
  • T1176.001 - Browser Extensions
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1552.003 - Shell History
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1597 - Search Closed Sources
  • T1537 - Transfer Data to Cloud Account
  • T1526 - Cloud Service Discovery
  • T1490 - Inhibit System Recovery
MITREへのリンク →

Machete

Score: 8.16
Matched TTPs:
  • T1087.002 - Domain Account
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1685.002 - Disable or Modify Cloud Log
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Elderwood

Score: 8.42
Matched TTPs:
  • T1087.002 - Domain Account
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

Transparent Tribe

Score: 6.37
Matched TTPs:
  • T1087.002 - Domain Account
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Dragonfly

Score: 16.96
Matched TTPs:
  • T1087.002 - Domain Account
  • T1598.003 - Spearphishing Link
  • T1573 - Encrypted Channel
  • T1218.010 - Regsvr32
  • T1578.002 - Create Cloud Instance
  • T1059.012 - Hypervisor CLI
  • T1200 - Hardware Additions
  • T1548.006 - TCC Manipulation
MITREへのリンク →

Contagious Interview

Score: 9.65
Matched TTPs:
  • T1087.002 - Domain Account
  • T1552.003 - Shell History
  • T1597 - Search Closed Sources
  • T1221 - Template Injection
MITREへのリンク →

RTM

Score: 3.43
Matched TTPs:
  • T1087.002 - Domain Account
  • T1598.003 - Spearphishing Link
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Aoqin Dragon

Score: 4.33
Matched TTPs:
  • T1087.002 - Domain Account
  • T1218.010 - Regsvr32
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

CURIUM

Score: 3.43
Matched TTPs:
  • T1087.002 - Domain Account
  • T1598.003 - Spearphishing Link
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Tropic Trooper

Score: 14.75
Matched TTPs:
  • T1087.002 - Domain Account
  • T1176.001 - Browser Extensions
  • T1598.003 - Spearphishing Link
  • T1003.001 - LSASS Memory
  • T1218.010 - Regsvr32
  • T1200 - Hardware Additions
  • T1490 - Inhibit System Recovery
MITREへのリンク →

Dark Caracal

Score: 4.61
Matched TTPs:
  • T1087.002 - Domain Account
  • T1059.012 - Hypervisor CLI
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

RedCurl

Score: 3.11
Matched TTPs:
  • T1087.002 - Domain Account
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
MITREへのリンク →

DarkHydrus

Score: 4.81
Matched TTPs:
  • T1087.002 - Domain Account
  • T1598.003 - Spearphishing Link
  • T1200 - Hardware Additions
MITREへのリンク →

PLATINUM

Score: 7.97
Matched TTPs:
  • T1087.002 - Domain Account
  • T1598.003 - Spearphishing Link
  • T1059.012 - Hypervisor CLI
  • T1686 - Disable or Modify System Firewall
MITREへのリンク →

menuPass

Score: 4.00
Matched TTPs:
  • T1087.002 - Domain Account
  • T1598.003 - Spearphishing Link
  • T1548.006 - TCC Manipulation
MITREへのリンク →

FIN8

Score: 6.26
Matched TTPs:
  • T1087.002 - Domain Account
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1526 - Cloud Service Discovery
MITREへのリンク →

Threat Group-3390

Score: 18.14
Matched TTPs:
  • T1087.002 - Domain Account
  • T1176.001 - Browser Extensions
  • T1598.003 - Spearphishing Link
  • T1573 - Encrypted Channel
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1537 - Transfer Data to Cloud Account
  • T1526 - Cloud Service Discovery
  • T1546.017 - Udev Rules
MITREへのリンク →

BITTER

Score: 3.16
Matched TTPs:
  • T1087.002 - Domain Account
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
MITREへのリンク →

APT37

Score: 4.92
Matched TTPs:
  • T1087.002 - Domain Account
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

LazyScripter

Score: 3.11
Matched TTPs:
  • T1087.002 - Domain Account
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
MITREへのリンク →

PROMETHIUM

Score: 7.16
Matched TTPs:
  • T1087.002 - Domain Account
  • T1176.001 - Browser Extensions
  • T1059.012 - Hypervisor CLI
  • T1490 - Inhibit System Recovery
MITREへのリンク →

TA505

Score: 14.09
Matched TTPs:
  • T1087.002 - Domain Account
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1685.002 - Disable or Modify Cloud Log
  • T1138 - Application Shimming
  • T1597 - Search Closed Sources
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

APT39

Score: 9.70
Matched TTPs:
  • T1087.002 - Domain Account
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1499.002 - Service Exhaustion Flood
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

Higaisa

Score: 6.31
Matched TTPs:
  • T1087.002 - Domain Account
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1546.017 - Udev Rules
MITREへのリンク →

Rancor

Score: 4.95
Matched TTPs:
  • T1087.002 - Domain Account
  • T1598.003 - Spearphishing Link
  • T1685.002 - Disable or Modify Cloud Log
MITREへのリンク →

Wizard Spider

Score: 19.80
Matched TTPs:
  • T1087.002 - Domain Account
  • T1176.001 - Browser Extensions
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1003.001 - LSASS Memory
  • T1597 - Search Closed Sources
  • T1556.009 - Conditional Access Policies
  • T1526 - Cloud Service Discovery
  • T1548.006 - TCC Manipulation
MITREへのリンク →

OilRig

Score: 17.85
Matched TTPs:
  • T1087.002 - Domain Account
  • T1176.001 - Browser Extensions
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1592.002 - Software
  • T1556.009 - Conditional Access Policies
  • T1526 - Cloud Service Discovery
MITREへのリンク →

Sandworm Team

Score: 9.87
Matched TTPs:
  • T1087.002 - Domain Account
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1573 - Encrypted Channel
  • T1218.010 - Regsvr32
  • T1548.006 - TCC Manipulation
MITREへのリンク →

Magic Hound

Score: 13.55
Matched TTPs:
  • T1087.002 - Domain Account
  • T1543.003 - Windows Service
  • T1070.003 - Clear Command History
  • T1597 - Search Closed Sources
  • T1578.002 - Create Cloud Instance
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Cobalt Group

Score: 13.60
Matched TTPs:
  • T1087.002 - Domain Account
  • T1176.001 - Browser Extensions
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1518.002 - Backup Software Discovery
  • T1573 - Encrypted Channel
  • T1218.010 - Regsvr32
MITREへのリンク →

Storm-1811

Score: 5.86
Matched TTPs:
  • T1087.002 - Domain Account
  • T1543.003 - Windows Service
  • T1578.002 - Create Cloud Instance
MITREへのリンク →

Inception

Score: 6.31
Matched TTPs:
  • T1087.002 - Domain Account
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1200 - Hardware Additions
MITREへのリンク →

EXOTIC LILY

Score: 4.60
Matched TTPs:
  • T1087.002 - Domain Account
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
MITREへのリンク →

Saint Bear

Score: 7.01
Matched TTPs:
  • T1087.002 - Domain Account
  • T1598.003 - Spearphishing Link
  • T1597 - Search Closed Sources
  • T1218.010 - Regsvr32
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

Lazarus Group

Score: 10.10
Matched TTPs:
  • T1087.002 - Domain Account
  • T1176.001 - Browser Extensions
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1597 - Search Closed Sources
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

FIN6

Score: 5.80
Matched TTPs:
  • T1087.002 - Domain Account
  • T1598.003 - Spearphishing Link
  • T1597 - Search Closed Sources
  • T1548.006 - TCC Manipulation
MITREへのリンク →

Patchwork

Score: 8.42
Matched TTPs:
  • T1087.002 - Domain Account
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

TA459

Score: 3.16
Matched TTPs:
  • T1087.002 - Domain Account
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
MITREへのリンク →

FIN7

Score: 15.18
Matched TTPs:
  • T1087.002 - Domain Account
  • T1176.001 - Browser Extensions
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1011.001 - Exfiltration Over Bluetooth
  • T1573 - Encrypted Channel
  • T1490 - Inhibit System Recovery
MITREへのリンク →

Moonstone Sleet

Score: 4.59
Matched TTPs:
  • T1087.002 - Domain Account
  • T1598.003 - Spearphishing Link
  • T1573 - Encrypted Channel
MITREへのリンク →

APT28

Score: 19.49
Matched TTPs:
  • T1087.002 - Domain Account
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1200 - Hardware Additions
  • T1588.003 - Code Signing Certificates
  • T1548.006 - TCC Manipulation
  • T1546.007 - Netsh Helper DLL
MITREへのリンク →

Gorgon Group

Score: 3.46
Matched TTPs:
  • T1087.002 - Domain Account
  • T1598.003 - Spearphishing Link
  • T1597 - Search Closed Sources
MITREへのリンク →

APT19

Score: 5.36
Matched TTPs:
  • T1087.002 - Domain Account
  • T1176.001 - Browser Extensions
  • T1598.003 - Spearphishing Link
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

TA2541

Score: 10.11
Matched TTPs:
  • T1087.002 - Domain Account
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1597 - Search Closed Sources
  • T1537 - Transfer Data to Cloud Account
  • T1546.017 - Udev Rules
MITREへのリンク →

Earth Lusca

Score: 5.94
Matched TTPs:
  • T1087.002 - Domain Account
  • T1176.001 - Browser Extensions
  • T1543.003 - Windows Service
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Mofang

Score: 6.26
Matched TTPs:
  • T1087.002 - Domain Account
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1546.017 - Udev Rules
MITREへのリンク →

Leviathan

Score: 9.52
Matched TTPs:
  • T1087.002 - Domain Account
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1546.017 - Udev Rules
MITREへのリンク →

Tonto Team

Score: 3.16
Matched TTPs:
  • T1087.002 - Domain Account
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
MITREへのリンク →

Andariel

Score: 4.92
Matched TTPs:
  • T1087.002 - Domain Account
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

BRONZE BUTLER

Score: 6.72
Matched TTPs:
  • T1087.002 - Domain Account
  • T1598.003 - Spearphishing Link
  • T1597 - Search Closed Sources
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

APT38

Score: 16.34
Matched TTPs:
  • T1087.002 - Domain Account
  • T1176.001 - Browser Extensions
  • T1598.003 - Spearphishing Link
  • T1685.002 - Disable or Modify Cloud Log
  • T1138 - Application Shimming
  • T1597 - Search Closed Sources
  • T1059.012 - Hypervisor CLI
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

MuddyWater

Score: 14.15
Matched TTPs:
  • T1087.002 - Domain Account
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1518.002 - Backup Software Discovery
  • T1597 - Search Closed Sources
  • T1218.010 - Regsvr32
  • T1059.013 - Container CLI/API
MITREへのリンク →

Mustang Panda

Score: 10.10
Matched TTPs:
  • T1087.002 - Domain Account
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1526 - Cloud Service Discovery
  • T1548.006 - TCC Manipulation
MITREへのリンク →

Molerats

Score: 9.55
Matched TTPs:
  • T1087.002 - Domain Account
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1685.002 - Disable or Modify Cloud Log
  • T1546.017 - Udev Rules
MITREへのリンク →

admin@338

Score: 3.16
Matched TTPs:
  • T1087.002 - Domain Account
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
MITREへのリンク →

Gamaredon Group

Score: 13.38
Matched TTPs:
  • T1087.002 - Domain Account
  • T1598.003 - Spearphishing Link
  • T1597 - Search Closed Sources
  • T1059.013 - Container CLI/API
  • T1200 - Hardware Additions
  • T1546.017 - Udev Rules
MITREへのリンク →

Darkhotel

Score: 4.92
Matched TTPs:
  • T1087.002 - Domain Account
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

APT32

Score: 10.97
Matched TTPs:
  • T1087.002 - Domain Account
  • T1176.001 - Browser Extensions
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1490 - Inhibit System Recovery
MITREへのリンク →

The White Company

Score: 5.21
Matched TTPs:
  • T1087.002 - Domain Account
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

APT33

Score: 4.60
Matched TTPs:
  • T1087.002 - Domain Account
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
MITREへのリンク →

Sidewinder

Score: 4.60
Matched TTPs:
  • T1087.002 - Domain Account
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
MITREへのリンク →

APT29

Score: 16.45
Matched TTPs:
  • T1087.002 - Domain Account
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1177 - LSASS Driver
  • T1138 - Application Shimming
  • T1218.010 - Regsvr32
  • T1537 - Transfer Data to Cloud Account
  • T1490 - Inhibit System Recovery
MITREへのリンク →

Confucius

Score: 7.75
Matched TTPs:
  • T1087.002 - Domain Account
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1200 - Hardware Additions
MITREへのリンク →

BlackTech

Score: 7.75
Matched TTPs:
  • T1087.002 - Domain Account
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1526 - Cloud Service Discovery
MITREへのリンク →

Windshift

Score: 4.88
Matched TTPs:
  • T1087.002 - Domain Account
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Medusa Group

Score: 15.19
Matched TTPs:
  • T1176.001 - Browser Extensions
  • T1552.003 - Shell History
  • T1597 - Search Closed Sources
  • T1537 - Transfer Data to Cloud Account
  • T1548.006 - TCC Manipulation
  • T1094 - Custom Command and Control Protocol
MITREへのリンク →

Aquatic Panda

Score: 3.73
Matched TTPs:
  • T1176.001 - Browser Extensions
  • T1597 - Search Closed Sources
MITREへのリンク →

APT41

Score: 14.91
Matched TTPs:
  • T1176.001 - Browser Extensions
  • T1598.003 - Spearphishing Link
  • T1177 - LSASS Driver
  • T1573 - Encrypted Channel
  • T1218.010 - Regsvr32
  • T1537 - Transfer Data to Cloud Account
  • T1548.006 - TCC Manipulation
MITREへのリンク →

TeamTNT

Score: 5.79
Matched TTPs:
  • T1176.001 - Browser Extensions
  • T1597 - Search Closed Sources
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

BlackByte

Score: 7.86
Matched TTPs:
  • T1176.001 - Browser Extensions
  • T1070.003 - Clear Command History
  • T1597 - Search Closed Sources
MITREへのリンク →

Ke3chang

Score: 4.28
Matched TTPs:
  • T1176.001 - Browser Extensions
  • T1548.006 - TCC Manipulation
MITREへのリンク →

APT3

Score: 13.84
Matched TTPs:
  • T1176.001 - Browser Extensions
  • T1543.003 - Windows Service
  • T1177 - LSASS Driver
  • T1218.010 - Regsvr32
  • T1578.002 - Create Cloud Instance
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

Agrius

Score: 3.73
Matched TTPs:
  • T1176.001 - Browser Extensions
  • T1597 - Search Closed Sources
MITREへのリンク →

Cinnamon Tempest

Score: 4.46
Matched TTPs:
  • T1176.001 - Browser Extensions
  • T1552.003 - Shell History
MITREへのリンク →

Mustard Tempest

Score: 7.75
Matched TTPs:
  • T1543.003 - Windows Service
  • T1059.012 - Hypervisor CLI
  • T1543.002 - Systemd Service
MITREへのリンク →

ZIRCONIUM

Score: 6.79
Matched TTPs:
  • T1543.003 - Windows Service
  • T1685.002 - Disable or Modify Cloud Log
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

Turla

Score: 15.14
Matched TTPs:
  • T1543.003 - Windows Service
  • T1003.001 - LSASS Memory
  • T1597 - Search Closed Sources
  • T1556.009 - Conditional Access Policies
  • T1059.012 - Hypervisor CLI
  • T1490 - Inhibit System Recovery
MITREへのリンク →

Deep Panda

Score: 3.29
Matched TTPs:
  • T1177 - LSASS Driver
MITREへのリンク →

Axiom

Score: 9.83
Matched TTPs:
  • T1177 - LSASS Driver
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Fox Kitten

Score: 5.63
Matched TTPs:
  • T1177 - LSASS Driver
  • T1548.006 - TCC Manipulation
MITREへのリンク →

INC Ransom

Score: 7.61
Matched TTPs:
  • T1552.003 - Shell History
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1597 - Search Closed Sources
MITREへのリンク →

FIN13

Score: 4.86
Matched TTPs:
  • T1552.003 - Shell History
  • T1548.006 - TCC Manipulation
MITREへのリンク →

Storm-0501

Score: 4.58
Matched TTPs:
  • T1552.003 - Shell History
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

AppleJeus

Score: 5.81
Matched TTPs:
  • T1552.003 - Shell History
  • T1562.013 - Disable or Modify Network Device Firewall
MITREへのリンク →

Akira

Score: 4.32
Matched TTPs:
  • T1552.003 - Shell History
  • T1597 - Search Closed Sources
MITREへのリンク →

Play

Score: 6.99
Matched TTPs:
  • T1552.003 - Shell History
  • T1597 - Search Closed Sources
  • T1490 - Inhibit System Recovery
MITREへのリンク →

Sea Turtle

Score: 11.07
Matched TTPs:
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1218.010 - Regsvr32
  • T1059.013 - Container CLI/API
  • T1490 - Inhibit System Recovery
MITREへのリンク →

GOLD SOUTHFIELD

Score: 6.21
Matched TTPs:
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1573 - Encrypted Channel
MITREへのリンク →

UNC3886

Score: 3.29
Matched TTPs:
  • T1597 - Search Closed Sources
  • T1218.010 - Regsvr32
MITREへのリンク →

Velvet Ant

Score: 4.46
Matched TTPs:
  • T1597 - Search Closed Sources
  • T1490 - Inhibit System Recovery
MITREへのリンク →

Ember Bear

Score: 3.29
Matched TTPs:
  • T1597 - Search Closed Sources
  • T1218.010 - Regsvr32
MITREへのリンク →

Rocke

Score: 7.47
Matched TTPs:
  • T1597 - Search Closed Sources
  • T1059.013 - Container CLI/API
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

Daggerfly

Score: 4.69
Matched TTPs:
  • T1573 - Encrypted Channel
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Stealth Falcon

Score: 3.62
Matched TTPs:
  • T1556.009 - Conditional Access Policies
MITREへのリンク →

Volt Typhoon

Score: 4.39
Matched TTPs:
  • T1537 - Transfer Data to Cloud Account
  • T1548.006 - TCC Manipulation
MITREへのリンク →

HAFNIUM

Score: 5.01
Matched TTPs:
  • T1548.006 - TCC Manipulation
  • T1490 - Inhibit System Recovery
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

APT28

Score: 0.75
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1087.002 - Domain Account
  • T1546.007 - Netsh Helper DLL
  • T1059.012 - Hypervisor CLI
  • T1548.006 - TCC Manipulation
  • T1598.003 - Spearphishing Link
  • T1200 - Hardware Additions
  • T1588.003 - Code Signing Certificates
MITREへのリンク →

Wizard Spider

Score: 0.75
Matched TTPs:
  • T1543.003 - Windows Service
  • T1556.009 - Conditional Access Policies
  • T1003.001 - LSASS Memory
  • T1176.001 - Browser Extensions
  • T1087.002 - Domain Account
  • T1548.006 - TCC Manipulation
  • T1526 - Cloud Service Discovery
  • T1598.003 - Spearphishing Link
  • T1597 - Search Closed Sources
MITREへのリンク →

Kimsuky

Score: 0.75
Matched TTPs:
  • T1490 - Inhibit System Recovery
  • T1543.003 - Windows Service
  • T1176.001 - Browser Extensions
  • T1087.002 - Domain Account
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1526 - Cloud Service Discovery
  • T1552.003 - Shell History
  • T1598.003 - Spearphishing Link
  • T1537 - Transfer Data to Cloud Account
  • T1597 - Search Closed Sources
MITREへのリンク →

Threat Group-3390

Score: 0.71
Matched TTPs:
  • T1573 - Encrypted Channel
  • T1546.017 - Udev Rules
  • T1176.001 - Browser Extensions
  • T1218.010 - Regsvr32
  • T1087.002 - Domain Account
  • T1059.012 - Hypervisor CLI
  • T1526 - Cloud Service Discovery
  • T1598.003 - Spearphishing Link
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

OilRig

Score: 0.65
Matched TTPs:
  • T1543.003 - Windows Service
  • T1592.002 - Software
  • T1176.001 - Browser Extensions
  • T1218.010 - Regsvr32
  • T1087.002 - Domain Account
  • T1526 - Cloud Service Discovery
  • T1598.003 - Spearphishing Link
  • T1556.009 - Conditional Access Policies
MITREへのリンク →

Dragonfly

Score: 0.65
Matched TTPs:
  • T1573 - Encrypted Channel
  • T1578.002 - Create Cloud Instance
  • T1218.010 - Regsvr32
  • T1087.002 - Domain Account
  • T1059.012 - Hypervisor CLI
  • T1548.006 - TCC Manipulation
  • T1598.003 - Spearphishing Link
  • T1200 - Hardware Additions
MITREへのリンク →

FIN7

Score: 0.62
Matched TTPs:
  • T1573 - Encrypted Channel
  • T1490 - Inhibit System Recovery
  • T1543.003 - Windows Service
  • T1176.001 - Browser Extensions
  • T1087.002 - Domain Account
  • T1011.001 - Exfiltration Over Bluetooth
  • T1598.003 - Spearphishing Link
MITREへのリンク →

APT29

Score: 0.62
Matched TTPs:
  • T1490 - Inhibit System Recovery
  • T1543.003 - Windows Service
  • T1218.010 - Regsvr32
  • T1087.002 - Domain Account
  • T1138 - Application Shimming
  • T1177 - LSASS Driver
  • T1598.003 - Spearphishing Link
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

Turla

Score: 0.62
Matched TTPs:
  • T1490 - Inhibit System Recovery
  • T1543.003 - Windows Service
  • T1003.001 - LSASS Memory
  • T1059.012 - Hypervisor CLI
  • T1597 - Search Closed Sources
  • T1556.009 - Conditional Access Policies
MITREへのリンク →

APT38

Score: 0.62
Matched TTPs:
  • T1176.001 - Browser Extensions
  • T1087.002 - Domain Account
  • T1597 - Search Closed Sources
  • T1059.012 - Hypervisor CLI
  • T1138 - Application Shimming
  • T1598.003 - Spearphishing Link
  • T1537 - Transfer Data to Cloud Account
  • T1685.002 - Disable or Modify Cloud Log
MITREへのリンク →

Medusa Group

Score: 0.60
Matched TTPs:
  • T1176.001 - Browser Extensions
  • T1094 - Custom Command and Control Protocol
  • T1548.006 - TCC Manipulation
  • T1552.003 - Shell History
  • T1537 - Transfer Data to Cloud Account
  • T1597 - Search Closed Sources
MITREへのリンク →

APT41

Score: 0.58
Matched TTPs:
  • T1573 - Encrypted Channel
  • T1176.001 - Browser Extensions
  • T1218.010 - Regsvr32
  • T1548.006 - TCC Manipulation
  • T1177 - LSASS Driver
  • T1598.003 - Spearphishing Link
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

TA505

Score: 0.58
Matched TTPs:
  • T1543.003 - Windows Service
  • T1087.002 - Domain Account
  • T1597 - Search Closed Sources
  • T1138 - Application Shimming
  • T1598.003 - Spearphishing Link
  • T1537 - Transfer Data to Cloud Account
  • T1685.002 - Disable or Modify Cloud Log
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る