Trusted Design

New backdoor targeting Ukrainian entities with possible links to Laundry Bear

概要

A new campaign targeting Ukrainian entities has been identified, attributed to actors linked to Russia. The campaign uses judicial and charity-themed lures to deploy a JavaScript-based backdoor called DRILLAPP, which runs through the Edge browser. This backdoor enables various actions including file manipulation, microphone access, and webcam capture. Two variants of the campaign have been observed, with the second variant introducing additional capabilities. The attackers utilize the browser's capabilities to evade detection and gain access to sensitive resources. The campaign shares tactics with a previously reported Laundry Bear operation, leading to a low-confidence attribution to this group.

Created: 2026-04-16

Indicators

類似Pulses

類似するPulseは見つかりませんでした。

このPulseに関連する脅威アクター (事実ベース)

HAFNIUM

Score: 8.45
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1018 - Remote System Discovery
MITREへのリンク →

menuPass

Score: 14.69
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1056.001 - Keylogging
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1036.003 - Rename Legitimate Utilities
  • T1018 - Remote System Discovery
MITREへのリンク →

Wizard Spider

Score: 21.78
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.002 - Security Account Manager
  • T1055 - Process Injection
  • T1518.002 - Backup Software Discovery
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1555.004 - Windows Credential Manager
  • T1018 - Remote System Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

APT33

Score: 9.80
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1555.003 - Credentials from Web Browsers
  • T1552.001 - Credentials In Files
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1204.001 - Malicious Link
MITREへのリンク →

Fox Kitten

Score: 16.70
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1090 - Proxy
  • T1102 - Web Service
  • T1552.001 - Credentials In Files
  • T1078 - Valid Accounts
  • T1018 - Remote System Discovery
MITREへのリンク →

CopyKittens

Score: 4.78
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1090 - Proxy
  • T1588.002 - Tool
MITREへのリンク →

Volt Typhoon

Score: 19.58
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1056.001 - Keylogging
  • T1007 - System Service Discovery
  • T1190 - Exploit Public-Facing Application
  • T1010 - Application Window Discovery
  • T1555.003 - Credentials from Web Browsers
  • T1090 - Proxy
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1018 - Remote System Discovery
MITREへのリンク →

APT1

Score: 7.42
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1007 - System Service Discovery
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

Mustang Panda

Score: 21.44
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1598.003 - Spearphishing Link
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1102 - Web Service
  • T1218.005 - Mshta
  • T1588.002 - Tool
  • T1052.001 - Exfiltration over USB
  • T1018 - Remote System Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

Play

Score: 8.68
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1018 - Remote System Discovery
MITREへのリンク →

Chimera

Score: 7.93
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1007 - System Service Discovery
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1018 - Remote System Discovery
MITREへのリンク →

Sea Turtle

Score: 17.34
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1583.002 - DNS Server
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1608.003 - Install Digital Certificate
  • T1027.004 - Compile After Delivery
MITREへのリンク →

APT39

Score: 14.02
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1056.001 - Keylogging
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1056 - Input Capture
  • T1018 - Remote System Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

RedCurl

Score: 10.05
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1555.003 - Credentials from Web Browsers
  • T1102 - Web Service
  • T1552.001 - Credentials In Files
  • T1204.001 - Malicious Link
MITREへのリンク →

APT5

Score: 13.89
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1056.001 - Keylogging
  • T1003.002 - Security Account Manager
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1055 - Process Injection
MITREへのリンク →

Agrius

Score: 8.99
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1562.001 - Disable or Modify Tools
  • T1018 - Remote System Discovery
MITREへのリンク →

GALLIUM

Score: 12.76
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1036.003 - Rename Legitimate Utilities
  • T1018 - Remote System Discovery
MITREへのリンク →

APT41

Score: 35.20
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1056.001 - Keylogging
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1055 - Process Injection
  • T1555.003 - Credentials from Web Browsers
  • T1546.008 - Accessibility Features
  • T1090 - Proxy
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1599 - Network Boundary Bridging
  • T1486 - Data Encrypted for Impact
  • T1195.002 - Compromise Software Supply Chain
  • T1213.003 - Code Repositories
  • T1018 - Remote System Discovery
MITREへのリンク →

MuddyWater

Score: 21.74
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1190 - Exploit Public-Facing Application
  • T1218.003 - CMSTP
  • T1555.003 - Credentials from Web Browsers
  • T1552.001 - Credentials In Files
  • T1218.005 - Mshta
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1027.004 - Compile After Delivery
  • T1204.001 - Malicious Link
MITREへのリンク →

APT28

Score: 18.96
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1056.001 - Keylogging
  • T1598.003 - Spearphishing Link
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1598 - Phishing for Information
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Turla

Score: 28.45
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1007 - System Service Discovery
  • T1055 - Process Injection
  • T1090 - Proxy
  • T1588.001 - Malware
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1584.006 - Web Services
  • T1555.004 - Windows Credential Manager
  • T1189 - Drive-by Compromise
  • T1018 - Remote System Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

Sowbug

Score: 3.53
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1056.001 - Keylogging
MITREへのリンク →

BRONZE BUTLER

Score: 10.07
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1007 - System Service Discovery
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1189 - Drive-by Compromise
  • T1018 - Remote System Discovery
MITREへのリンク →

UNC3886

Score: 11.08
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1588.001 - Malware
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
MITREへのリンク →

Kimsuky

Score: 45.79
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1056.001 - Keylogging
  • T1598.003 - Spearphishing Link
  • T1007 - System Service Discovery
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1055 - Process Injection
  • T1562.004 - Disable or Modify System Firewall
  • T1185 - Browser Session Hijacking
  • T1555.003 - Credentials from Web Browsers
  • T1552.001 - Credentials In Files
  • T1218.005 - Mshta
  • T1534 - Internal Spearphishing
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1593.001 - Social Media
  • T1598 - Phishing for Information
  • T1204.001 - Malicious Link
MITREへのリンク →

APT3

Score: 14.29
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1056.001 - Keylogging
  • T1555.003 - Credentials from Web Browsers
  • T1546.008 - Accessibility Features
  • T1552.001 - Credentials In Files
  • T1018 - Remote System Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN8

Score: 11.63
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1018 - Remote System Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

Ke3chang

Score: 17.77
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1056.001 - Keylogging
  • T1003.002 - Security Account Manager
  • T1583.005 - Botnet
  • T1007 - System Service Discovery
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1018 - Remote System Discovery
MITREへのリンク →

Lotus Blossom

Score: 7.83
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1588.002 - Tool
  • T1134 - Access Token Manipulation
  • T1018 - Remote System Discovery
MITREへのリンク →

FIN13

Score: 15.10
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1056.001 - Keylogging
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1552.001 - Credentials In Files
  • T1134.003 - Make and Impersonate Token
  • T1588.002 - Tool
MITREへのリンク →

Earth Lusca

Score: 23.84
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1007 - System Service Discovery
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1090 - Proxy
  • T1588.001 - Malware
  • T1218.005 - Mshta
  • T1588.002 - Tool
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1018 - Remote System Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

Magic Hound

Score: 26.98
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1056.001 - Keylogging
  • T1598.003 - Spearphishing Link
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1090 - Proxy
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1189 - Drive-by Compromise
  • T1018 - Remote System Discovery
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Aquatic Panda

Score: 9.22
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1007 - System Service Discovery
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

INC Ransom

Score: 9.47
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Akira

Score: 13.24
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1558 - Steal or Forge Kerberos Tickets
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1018 - Remote System Discovery
MITREへのリンク →

ToddyCat

Score: 9.47
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1018 - Remote System Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT38

Score: 20.47
Matched TTPs:
  • T1056.001 - Keylogging
  • T1055 - Process Injection
  • T1562.004 - Disable or Modify System Firewall
  • T1218.005 - Mshta
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1036.003 - Rename Legitimate Utilities
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Ajax Security Team

Score: 6.51
Matched TTPs:
  • T1056.001 - Keylogging
  • T1555.003 - Credentials from Web Browsers
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Darkhotel

Score: 3.70
Matched TTPs:
  • T1056.001 - Keylogging
  • T1189 - Drive-by Compromise
MITREへのリンク →

Threat Group-3390

Score: 19.51
Matched TTPs:
  • T1056.001 - Keylogging
  • T1003.002 - Security Account Manager
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1195.002 - Compromise Software Supply Chain
  • T1189 - Drive-by Compromise
  • T1018 - Remote System Discovery
MITREへのリンク →

Lazarus Group

Score: 22.11
Matched TTPs:
  • T1056.001 - Keylogging
  • T1010 - Application Window Discovery
  • T1562.004 - Disable or Modify System Firewall
  • T1218.005 - Mshta
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1036.003 - Rename Legitimate Utilities
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

PLATINUM

Score: 6.16
Matched TTPs:
  • T1056.001 - Keylogging
  • T1055 - Process Injection
  • T1189 - Drive-by Compromise
MITREへのリンク →

FIN4

Score: 4.72
Matched TTPs:
  • T1056.001 - Keylogging
  • T1078 - Valid Accounts
  • T1204.001 - Malicious Link
MITREへのリンク →

Sandworm Team

Score: 27.21
Matched TTPs:
  • T1056.001 - Keylogging
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1555.003 - Credentials from Web Browsers
  • T1090 - Proxy
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1195.002 - Compromise Software Supply Chain
  • T1499 - Endpoint Denial of Service
  • T1018 - Remote System Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

OilRig

Score: 25.79
Matched TTPs:
  • T1056.001 - Keylogging
  • T1007 - System Service Discovery
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1562.004 - Disable or Modify System Firewall
  • T1555.003 - Credentials from Web Browsers
  • T1552.001 - Credentials In Files
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1555.004 - Windows Credential Manager
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT42

Score: 13.18
Matched TTPs:
  • T1056.001 - Keylogging
  • T1608.001 - Upload Malware
  • T1555.003 - Credentials from Web Browsers
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1056 - Input Capture
MITREへのリンク →

HEXANE

Score: 22.33
Matched TTPs:
  • T1056.001 - Keylogging
  • T1583.002 - DNS Server
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1010 - Application Window Discovery
  • T1555.003 - Credentials from Web Browsers
  • T1534 - Internal Spearphishing
  • T1588.002 - Tool
  • T1018 - Remote System Discovery
MITREへのリンク →

APT32

Score: 25.52
Matched TTPs:
  • T1056.001 - Keylogging
  • T1598.003 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1055 - Process Injection
  • T1102 - Web Service
  • T1218.005 - Mshta
  • T1588.002 - Tool
  • T1036.003 - Rename Legitimate Utilities
  • T1189 - Drive-by Compromise
  • T1018 - Remote System Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

Contagious Interview

Score: 19.23
Matched TTPs:
  • T1588.007 - Artificial Intelligence
  • T1608.001 - Upload Malware
  • T1090 - Proxy
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1593.001 - Social Media
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Daggerfly

Score: 11.93
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1195.002 - Compromise Software Supply Chain
  • T1036.003 - Rename Legitimate Utilities
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

APT29

Score: 32.12
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1649 - Steal or Forge Authentication Certificates
  • T1098.005 - Device Registration
  • T1218.005 - Mshta
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1027.006 - HTML Smuggling
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Dragonfly

Score: 24.03
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1598.003 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1598.002 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1195.002 - Compromise Software Supply Chain
  • T1189 - Drive-by Compromise
  • T1018 - Remote System Discovery
MITREへのリンク →

Ember Bear

Score: 12.38
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1588.001 - Malware
  • T1552.001 - Credentials In Files
  • T1562.001 - Disable or Modify Tools
  • T1018 - Remote System Discovery
MITREへのリンク →

Axiom

Score: 11.79
Matched TTPs:
  • T1583.002 - DNS Server
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1078 - Valid Accounts
  • T1189 - Drive-by Compromise
MITREへのリンク →

Scattered Spider

Score: 41.95
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1598.003 - Spearphishing Link
  • T1598.004 - Spearphishing Voice
  • T1090 - Proxy
  • T1588.001 - Malware
  • T1552.001 - Credentials In Files
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1598 - Phishing for Information
  • T1556.009 - Conditional Access Policies
  • T1213.003 - Code Repositories
  • T1018 - Remote System Discovery
  • T1538 - Cloud Service Dashboard
MITREへのリンク →

Storm-0501

Score: 12.08
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1190 - Exploit Public-Facing Application
  • T1486 - Data Encrypted for Impact
  • T1556.009 - Conditional Access Policies
MITREへのリンク →

Sidewinder

Score: 9.78
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1218.005 - Mshta
  • T1598.002 - Spearphishing Attachment
  • T1204.001 - Malicious Link
MITREへのリンク →

Silent Librarian

Score: 8.58
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.005 - Link Target
  • T1588.002 - Tool
  • T1078 - Valid Accounts
MITREへのリンク →

ZIRCONIUM

Score: 9.31
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1555.003 - Credentials from Web Browsers
  • T1598 - Phishing for Information
  • T1204.001 - Malicious Link
MITREへのリンク →

Star Blizzard

Score: 12.99
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1598.002 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1078 - Valid Accounts
MITREへのリンク →

Moonstone Sleet

Score: 15.66
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1486 - Data Encrypted for Impact
  • T1195.002 - Compromise Software Supply Chain
  • T1598 - Phishing for Information
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

CURIUM

Score: 13.40
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Patchwork

Score: 8.49
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1555.003 - Credentials from Web Browsers
  • T1588.002 - Tool
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Transparent Tribe

Score: 6.16
Matched TTPs:
  • T1608.004 - Drive-by Target
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

LuminousMoth

Score: 13.52
Matched TTPs:
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1608.005 - Link Target
  • T1588.002 - Tool
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN7

Score: 23.91
Matched TTPs:
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1218.005 - Mshta
  • T1608.005 - Link Target
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1195.002 - Compromise Software Supply Chain
  • T1204.001 - Malicious Link
MITREへのリンク →

Mustard Tempest

Score: 8.13
Matched TTPs:
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

TeamTNT

Score: 18.22
Matched TTPs:
  • T1007 - System Service Discovery
  • T1608.001 - Upload Malware
  • T1562.004 - Disable or Modify System Firewall
  • T1610 - Deploy Container
  • T1102 - Web Service
  • T1552.001 - Credentials In Files
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Indrik Spider

Score: 12.15
Matched TTPs:
  • T1007 - System Service Discovery
  • T1552.001 - Credentials In Files
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1018 - Remote System Discovery
MITREへのリンク →

LAPSUS$

Score: 19.77
Matched TTPs:
  • T1586.002 - Email Accounts
  • T1555.003 - Credentials from Web Browsers
  • T1598.004 - Spearphishing Voice
  • T1090 - Proxy
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1213.003 - Code Repositories
MITREへのリンク →

IndigoZebra

Score: 3.52
Matched TTPs:
  • T1586.002 - Email Accounts
  • T1588.002 - Tool
MITREへのリンク →

TA577

Score: 4.03
Matched TTPs:
  • T1586.002 - Email Accounts
  • T1204.001 - Malicious Link
MITREへのリンク →

Leviathan

Score: 12.31
Matched TTPs:
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1534 - Internal Spearphishing
  • T1078 - Valid Accounts
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

TA2541

Score: 13.24
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1055 - Process Injection
  • T1588.001 - Malware
  • T1218.005 - Mshta
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1204.001 - Malicious Link
MITREへのリンク →

LazyScripter

Score: 10.66
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1102 - Web Service
  • T1218.005 - Mshta
  • T1204.001 - Malicious Link
MITREへのリンク →

Gamaredon Group

Score: 22.89
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1055 - Process Injection
  • T1090 - Proxy
  • T1102 - Web Service
  • T1218.005 - Mshta
  • T1534 - Internal Spearphishing
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1027.004 - Compile After Delivery
  • T1204.001 - Malicious Link
MITREへのリンク →

SideCopy

Score: 7.94
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1218.005 - Mshta
  • T1598.002 - Spearphishing Attachment
MITREへのリンク →

TA505

Score: 15.35
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1555.003 - Credentials from Web Browsers
  • T1588.001 - Malware
  • T1552.001 - Credentials In Files
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1204.001 - Malicious Link
MITREへのリンク →

BlackByte

Score: 19.48
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1055 - Process Injection
  • T1562.004 - Disable or Modify System Firewall
  • T1134.003 - Make and Impersonate Token
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1018 - Remote System Discovery
MITREへのリンク →

Saint Bear

Score: 5.13
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1562.001 - Disable or Modify Tools
  • T1204.001 - Malicious Link
MITREへのリンク →

EXOTIC LILY

Score: 12.22
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1102 - Web Service
  • T1593.001 - Social Media
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Rocke

Score: 17.43
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1055.002 - Portable Executable Injection
  • T1102 - Web Service
  • T1562.001 - Disable or Modify Tools
  • T1027.004 - Compile After Delivery
  • T1018 - Remote System Discovery
MITREへのリンク →

BackdoorDiplomacy

Score: 4.78
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

GOLD SOUTHFIELD

Score: 4.40
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1195.002 - Compromise Software Supply Chain
MITREへのリンク →

BlackTech

Score: 3.68
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1204.001 - Malicious Link
MITREへのリンク →

Medusa Group

Score: 16.30
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1650 - Acquire Access
  • T1018 - Remote System Discovery
MITREへのリンク →

Cinnamon Tempest

Score: 6.08
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1090 - Proxy
  • T1588.002 - Tool
  • T1078 - Valid Accounts
MITREへのリンク →

Blue Mockingbird

Score: 8.50
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1090 - Proxy
  • T1588.002 - Tool
  • T1134 - Access Token Manipulation
MITREへのリンク →

Winter Vivern

Score: 8.22
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Moses Staff

Score: 4.66
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1588.002 - Tool
MITREへのリンク →

Salt Typhoon

Score: 9.20
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1602.002 - Network Device Configuration Dump
  • T1562.004 - Disable or Modify System Firewall
  • T1588.002 - Tool
MITREへのリンク →

Silence

Score: 6.27
Matched TTPs:
  • T1055 - Process Injection
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1018 - Remote System Discovery
MITREへのリンク →

Cobalt Group

Score: 11.73
Matched TTPs:
  • T1055 - Process Injection
  • T1218.003 - CMSTP
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1204.001 - Malicious Link
MITREへのリンク →

APT37

Score: 6.28
Matched TTPs:
  • T1055 - Process Injection
  • T1555.003 - Credentials from Web Browsers
  • T1189 - Drive-by Compromise
MITREへのリンク →

Velvet Ant

Score: 6.60
Matched TTPs:
  • T1055 - Process Injection
  • T1562.004 - Disable or Modify System Firewall
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Carbanak

Score: 4.61
Matched TTPs:
  • T1562.004 - Disable or Modify System Firewall
  • T1588.002 - Tool
  • T1078 - Valid Accounts
MITREへのリンク →

Stealth Falcon

Score: 5.67
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1555.004 - Windows Credential Manager
MITREへのリンク →

Leafminer

Score: 8.73
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1552.001 - Credentials In Files
  • T1588.002 - Tool
  • T1189 - Drive-by Compromise
  • T1018 - Remote System Discovery
MITREへのリンク →

Molerats

Score: 3.41
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1204.001 - Malicious Link
MITREへのリンク →

Inception

Score: 7.77
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1102 - Web Service
  • T1218.005 - Mshta
  • T1588.002 - Tool
MITREへのリンク →

FIN6

Score: 16.56
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1134 - Access Token Manipulation
  • T1018 - Remote System Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Deep Panda

Score: 4.83
Matched TTPs:
  • T1546.008 - Accessibility Features
  • T1018 - Remote System Discovery
MITREへのリンク →

Windigo

Score: 4.11
Matched TTPs:
  • T1090 - Proxy
  • T1189 - Drive-by Compromise
MITREへのリンク →

POLONIUM

Score: 4.61
Matched TTPs:
  • T1090 - Proxy
  • T1588.002 - Tool
  • T1078 - Valid Accounts
MITREへのリンク →

Metador

Score: 3.31
Matched TTPs:
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

Andariel

Score: 4.22
Matched TTPs:
  • T1588.001 - Malware
  • T1189 - Drive-by Compromise
MITREへのリンク →

Equation

Score: 8.67
Matched TTPs:
  • T1542.002 - Component Firmware
  • T1564.005 - Hidden File System
MITREへのリンク →

Gorgon Group

Score: 6.78
Matched TTPs:
  • T1055.002 - Portable Executable Injection
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Confucius

Score: 3.70
Matched TTPs:
  • T1218.005 - Mshta
  • T1204.001 - Malicious Link
MITREへのリンク →

Storm-1811

Score: 9.56
Matched TTPs:
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
  • T1056 - Input Capture
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

FIN5

Score: 3.82
Matched TTPs:
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1018 - Remote System Discovery
MITREへのリンク →

Tropic Trooper

Score: 4.13
Matched TTPs:
  • T1052.001 - Exfiltration over USB
MITREへのリンク →

Windshift

Score: 5.65
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Dark Caracal

Score: 4.29
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Elderwood

Score: 3.13
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Machete

Score: 3.13
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Strider

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.70
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1560.001 - Archive via Utility
  • T1185 - Browser Session Hijacking
  • T1562.004 - Disable or Modify System Firewall
  • T1562.001 - Disable or Modify Tools
  • T1608.001 - Upload Malware
  • T1598.003 - Spearphishing Link
  • T1204.001 - Malicious Link
  • T1218.005 - Mshta
  • T1555.003 - Credentials from Web Browsers
  • T1055 - Process Injection
  • T1586.002 - Email Accounts
  • T1593.001 - Social Media
  • T1534 - Internal Spearphishing
  • T1007 - System Service Discovery
  • T1598 - Phishing for Information
  • T1056.001 - Keylogging
  • T1552.001 - Credentials In Files
  • T1588.002 - Tool
MITREへのリンク →

Scattered Spider

Score: 0.64
Matched TTPs:
  • T1562.001 - Disable or Modify Tools
  • T1556.009 - Conditional Access Policies
  • T1484.002 - Trust Modification
  • T1538 - Cloud Service Dashboard
  • T1018 - Remote System Discovery
  • T1090 - Proxy
  • T1598.004 - Spearphishing Voice
  • T1588.001 - Malware
  • T1598 - Phishing for Information
  • T1598.003 - Spearphishing Link
  • T1213.003 - Code Repositories
  • T1552.001 - Credentials In Files
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る