Analysis of the Spear-Phishing and KakaoTalk-Linked Threat Campaign
概要
The Konni Group conducted a sophisticated multi-stage attack campaign, initiating with a spear-phishing email disguised as a North Korean human rights lecturer appointment. The attack progressed through execution of a malicious LNK file, installation of remote access malware, and long-term persistence for data theft. A key feature was the unauthorized access to victims' KakaoTalk PC applications, used to distribute additional malicious files to selected contacts. The campaign employed multiple RAT families, including EndRAT, RftRAT, and RemcosRAT, with a distributed C2 infrastructure across Finland, Japan, and the Netherlands. The threat actor's tactics included trust-based propagation, account session abuse, and modular payload deployment, highlighting the need for advanced behavior-based detection and multi-layered defense strategies.
Created: 2026-04-17
Indicators
類似Pulses
類似するPulseは見つかりませんでした。
このPulseに関連する脅威アクター (事実ベース)
Score: 9.75
Matched TTPs:
- T1560.001 - Archive via Utility
- T1583.005 - Botnet
- T1190 - Exploit Public-Facing Application
- T1083 - File and Directory Discovery
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 15.14
Matched TTPs:
- T1560.001 - Archive via Utility
- T1056.001 - Keylogging
- T1003.002 - Security Account Manager
- T1190 - Exploit Public-Facing Application
- T1083 - File and Directory Discovery
- T1078 - Valid Accounts
- T1036.003 - Rename Legitimate Utilities
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 17.59
Matched TTPs:
- T1560.001 - Archive via Utility
- T1003.002 - Security Account Manager
- T1518.002 - Backup Software Discovery
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1018 - Remote System Discovery
- T1550.002 - Pass the Hash
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 6.90
Matched TTPs:
- T1560.001 - Archive via Utility
- T1552.001 - Credentials In Files
- T1078 - Valid Accounts
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 13.14
Matched TTPs:
- T1560.001 - Archive via Utility
- T1190 - Exploit Public-Facing Application
- T1546.008 - Accessibility Features
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1078 - Valid Accounts
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 27.64
Matched TTPs:
- T1560.001 - Archive via Utility
- T1056.001 - Keylogging
- T1584.003 - Virtual Private Server
- T1190 - Exploit Public-Facing Application
- T1010 - Application Window Discovery
- T1589 - Gather Victim Identity Information
- T1083 - File and Directory Discovery
- T1078 - Valid Accounts
- T1587.004 - Exploits
- T1591.004 - Identify Roles
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 4.34
Matched TTPs:
- T1560.001 - Archive via Utility
- T1550.002 - Pass the Hash
MITREへのリンク →
Score: 21.83
Matched TTPs:
- T1560.001 - Archive via Utility
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1091 - Replication Through Removable Media
- T1608.001 - Upload Malware
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1052.001 - Exfiltration over USB
- T1018 - Remote System Discovery
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 11.22
Matched TTPs:
- T1560.001 - Archive via Utility
- T1587.001 - Malware
- T1190 - Exploit Public-Facing Application
- T1083 - File and Directory Discovery
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 19.51
Matched TTPs:
- T1560.001 - Archive via Utility
- T1071.004 - DNS
- T1083 - File and Directory Discovery
- T1078 - Valid Accounts
- T1110.004 - Credential Stuffing
- T1111 - Multi-Factor Authentication Interception
- T1018 - Remote System Discovery
- T1550.002 - Pass the Hash
MITREへのリンク →
Score: 20.11
Matched TTPs:
- T1560.001 - Archive via Utility
- T1583.002 - DNS Server
- T1070.002 - Clear Linux or Mac System Logs
- T1190 - Exploit Public-Facing Application
- T1078 - Valid Accounts
- T1608.003 - Install Digital Certificate
- T1027.004 - Compile After Delivery
MITREへのリンク →
Score: 13.37
Matched TTPs:
- T1560.001 - Archive via Utility
- T1056.001 - Keylogging
- T1071.004 - DNS
- T1190 - Exploit Public-Facing Application
- T1083 - File and Directory Discovery
- T1078 - Valid Accounts
- T1018 - Remote System Discovery
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 8.87
Matched TTPs:
- T1560.001 - Archive via Utility
- T1587.001 - Malware
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 12.73
Matched TTPs:
- T1560.001 - Archive via Utility
- T1056.001 - Keylogging
- T1003.002 - Security Account Manager
- T1583.005 - Botnet
- T1190 - Exploit Public-Facing Application
- T1083 - File and Directory Discovery
MITREへのリンク →
Score: 8.99
Matched TTPs:
- T1560.001 - Archive via Utility
- T1003.002 - Security Account Manager
- T1190 - Exploit Public-Facing Application
- T1562.001 - Disable or Modify Tools
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 14.65
Matched TTPs:
- T1560.001 - Archive via Utility
- T1003.002 - Security Account Manager
- T1190 - Exploit Public-Facing Application
- T1078 - Valid Accounts
- T1036.003 - Rename Legitimate Utilities
- T1018 - Remote System Discovery
- T1550.002 - Pass the Hash
MITREへのリンク →
Score: 35.08
Matched TTPs:
- T1560.001 - Archive via Utility
- T1056.001 - Keylogging
- T1568.002 - Domain Generation Algorithms
- T1003.002 - Security Account Manager
- T1071.004 - DNS
- T1190 - Exploit Public-Facing Application
- T1546.008 - Accessibility Features
- T1083 - File and Directory Discovery
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1595.003 - Wordlist Scanning
- T1213.003 - Code Repositories
- T1018 - Remote System Discovery
- T1550.002 - Pass the Hash
MITREへのリンク →
Score: 16.01
Matched TTPs:
- T1560.001 - Archive via Utility
- T1190 - Exploit Public-Facing Application
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1218.005 - Mshta
- T1562.001 - Disable or Modify Tools
- T1027.004 - Compile After Delivery
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 25.30
Matched TTPs:
- T1560.001 - Archive via Utility
- T1056.001 - Keylogging
- T1598.003 - Spearphishing Link
- T1091 - Replication Through Removable Media
- T1190 - Exploit Public-Facing Application
- T1083 - File and Directory Discovery
- T1078 - Valid Accounts
- T1598 - Phishing for Information
- T1498 - Network Denial of Service
- T1550.002 - Pass the Hash
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 13.82
Matched TTPs:
- T1560.001 - Archive via Utility
- T1587.001 - Malware
- T1584.003 - Virtual Private Server
- T1083 - File and Directory Discovery
- T1562.001 - Disable or Modify Tools
- T1018 - Remote System Discovery
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 4.83
Matched TTPs:
- T1560.001 - Archive via Utility
- T1056.001 - Keylogging
- T1083 - File and Directory Discovery
MITREへのリンク →
Score: 6.23
Matched TTPs:
- T1560.001 - Archive via Utility
- T1083 - File and Directory Discovery
- T1562.001 - Disable or Modify Tools
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 20.00
Matched TTPs:
- T1560.001 - Archive via Utility
- T1587.001 - Malware
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1083 - File and Directory Discovery
- T1205.001 - Port Knocking
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1587.004 - Exploits
MITREへのリンク →
Score: 40.46
Matched TTPs:
- T1560.001 - Archive via Utility
- T1056.001 - Keylogging
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1218.005 - Mshta
- T1534 - Internal Spearphishing
- T1562.001 - Disable or Modify Tools
- T1593.001 - Social Media
- T1598 - Phishing for Information
- T1111 - Multi-Factor Authentication Interception
- T1550.002 - Pass the Hash
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 13.54
Matched TTPs:
- T1560.001 - Archive via Utility
- T1056.001 - Keylogging
- T1546.008 - Accessibility Features
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1018 - Remote System Discovery
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 8.26
Matched TTPs:
- T1560.001 - Archive via Utility
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1018 - Remote System Discovery
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 20.54
Matched TTPs:
- T1560.001 - Archive via Utility
- T1056.001 - Keylogging
- T1003.002 - Security Account Manager
- T1071.004 - DNS
- T1587.001 - Malware
- T1583.005 - Botnet
- T1190 - Exploit Public-Facing Application
- T1083 - File and Directory Discovery
- T1078 - Valid Accounts
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 8.28
Matched TTPs:
- T1560.001 - Archive via Utility
- T1083 - File and Directory Discovery
- T1134 - Access Token Manipulation
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 23.32
Matched TTPs:
- T1560.001 - Archive via Utility
- T1056.001 - Keylogging
- T1003.002 - Security Account Manager
- T1587.001 - Malware
- T1190 - Exploit Public-Facing Application
- T1589 - Gather Victim Identity Information
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1134.003 - Make and Impersonate Token
- T1550.002 - Pass the Hash
MITREへのリンク →
Score: 10.28
Matched TTPs:
- T1560.001 - Archive via Utility
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1218.005 - Mshta
- T1018 - Remote System Discovery
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 27.21
Matched TTPs:
- T1560.001 - Archive via Utility
- T1056.001 - Keylogging
- T1598.003 - Spearphishing Link
- T1190 - Exploit Public-Facing Application
- T1589 - Gather Victim Identity Information
- T1562.004 - Disable or Modify System Firewall
- T1083 - File and Directory Discovery
- T1562.001 - Disable or Modify Tools
- T1486 - Data Encrypted for Impact
- T1573 - Encrypted Channel
- T1018 - Remote System Discovery
- T1204.001 - Malicious Link
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 6.14
Matched TTPs:
- T1560.001 - Archive via Utility
- T1562.001 - Disable or Modify Tools
- T1550.002 - Pass the Hash
MITREへのリンク →
Score: 8.63
Matched TTPs:
- T1560.001 - Archive via Utility
- T1190 - Exploit Public-Facing Application
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
MITREへのリンク →
Score: 13.24
Matched TTPs:
- T1560.001 - Archive via Utility
- T1558 - Steal or Forge Kerberos Tickets
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 10.77
Matched TTPs:
- T1560.001 - Archive via Utility
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1083 - File and Directory Discovery
- T1018 - Remote System Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 16.70
Matched TTPs:
- T1056.001 - Keylogging
- T1562.004 - Disable or Modify System Firewall
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1562.001 - Disable or Modify Tools
- T1486 - Data Encrypted for Impact
- T1036.003 - Rename Legitimate Utilities
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 4.46
Matched TTPs:
- T1056.001 - Keylogging
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 6.27
Matched TTPs:
- T1056.001 - Keylogging
- T1091 - Replication Through Removable Media
- T1083 - File and Directory Discovery
MITREへのリンク →
Score: 10.94
Matched TTPs:
- T1056.001 - Keylogging
- T1003.002 - Security Account Manager
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1078 - Valid Accounts
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 22.89
Matched TTPs:
- T1056.001 - Keylogging
- T1587.001 - Malware
- T1010 - Application Window Discovery
- T1562.004 - Disable or Modify System Firewall
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1036.003 - Rename Legitimate Utilities
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 4.72
Matched TTPs:
- T1056.001 - Keylogging
- T1078 - Valid Accounts
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 22.44
Matched TTPs:
- T1056.001 - Keylogging
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1083 - File and Directory Discovery
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1499 - Endpoint Denial of Service
- T1018 - Remote System Discovery
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 23.05
Matched TTPs:
- T1056.001 - Keylogging
- T1071.004 - DNS
- T1587.001 - Malware
- T1556.002 - Password Filter DLL
- T1608.001 - Upload Malware
- T1562.004 - Disable or Modify System Firewall
- T1552.001 - Credentials In Files
- T1078 - Valid Accounts
- T1204.001 - Malicious Link
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 11.66
Matched TTPs:
- T1056.001 - Keylogging
- T1608.001 - Upload Malware
- T1070.008 - Clear Mailbox Data
- T1111 - Multi-Factor Authentication Interception
MITREへのリンク →
Score: 23.31
Matched TTPs:
- T1056.001 - Keylogging
- T1583.002 - DNS Server
- T1608.001 - Upload Malware
- T1010 - Application Window Discovery
- T1589 - Gather Victim Identity Information
- T1534 - Internal Spearphishing
- T1591.004 - Identify Roles
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 21.87
Matched TTPs:
- T1056.001 - Keylogging
- T1598.003 - Spearphishing Link
- T1608.001 - Upload Malware
- T1589 - Gather Victim Identity Information
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1036.003 - Rename Legitimate Utilities
- T1018 - Remote System Discovery
- T1550.002 - Pass the Hash
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 6.47
Matched TTPs:
- T1568.002 - Domain Generation Algorithms
- T1218.005 - Mshta
MITREへのリンク →
Score: 7.87
Matched TTPs:
- T1583.008 - Malvertising
- T1608.001 - Upload Malware
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 7.24
Matched TTPs:
- T1003.002 - Security Account Manager
- T1036.003 - Rename Legitimate Utilities
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 34.33
Matched TTPs:
- T1003.002 - Security Account Manager
- T1587.001 - Malware
- T1190 - Exploit Public-Facing Application
- T1546.008 - Accessibility Features
- T1649 - Steal or Forge Authentication Certificates
- T1098.005 - Device Registration
- T1218.005 - Mshta
- T1078 - Valid Accounts
- T1573 - Encrypted Channel
- T1027.006 - HTML Smuggling
- T1204.001 - Malicious Link
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 16.75
Matched TTPs:
- T1003.002 - Security Account Manager
- T1598.003 - Spearphishing Link
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1083 - File and Directory Discovery
- T1598.002 - Spearphishing Attachment
- T1078 - Valid Accounts
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 15.42
Matched TTPs:
- T1003.002 - Security Account Manager
- T1071.004 - DNS
- T1190 - Exploit Public-Facing Application
- T1552.001 - Credentials In Files
- T1562.001 - Disable or Modify Tools
- T1018 - Remote System Discovery
- T1550.002 - Pass the Hash
MITREへのリンク →
Score: 19.10
Matched TTPs:
- T1583.002 - DNS Server
- T1190 - Exploit Public-Facing Application
- T1546.008 - Accessibility Features
- T1078 - Valid Accounts
- T1553 - Subvert Trust Controls
- T1001.002 - Steganography
MITREへのリンク →
Score: 8.42
Matched TTPs:
- T1071.004 - DNS
- T1608.001 - Upload Malware
- T1218.005 - Mshta
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 4.11
Matched TTPs:
- T1071.004 - DNS
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 14.83
Matched TTPs:
- T1071.004 - DNS
- T1091 - Replication Through Removable Media
- T1083 - File and Directory Discovery
- T1052.001 - Exfiltration over USB
- T1573 - Encrypted Channel
MITREへのリンク →
Score: 5.47
Matched TTPs:
- T1071.004 - DNS
- T1083 - File and Directory Discovery
- T1078 - Valid Accounts
MITREへのリンク →
Score: 28.59
Matched TTPs:
- T1071.004 - DNS
- T1587.001 - Malware
- T1091 - Replication Through Removable Media
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1218.005 - Mshta
- T1608.005 - Link Target
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1591.004 - Identify Roles
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 14.83
Matched TTPs:
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1608.001 - Upload Malware
- T1486 - Data Encrypted for Impact
- T1598 - Phishing for Information
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 11.72
Matched TTPs:
- T1587.001 - Malware
- T1552.001 - Credentials In Files
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 17.82
Matched TTPs:
- T1587.001 - Malware
- T1608.001 - Upload Malware
- T1589 - Gather Victim Identity Information
- T1083 - File and Directory Discovery
- T1562.001 - Disable or Modify Tools
- T1593.001 - Social Media
- T1204.001 - Malicious Link
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 13.61
Matched TTPs:
- T1587.001 - Malware
- T1091 - Replication Through Removable Media
- T1608.001 - Upload Malware
- T1083 - File and Directory Discovery
- T1608.005 - Link Target
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 14.07
Matched TTPs:
- T1587.001 - Malware
- T1070.002 - Clear Linux or Mac System Logs
- T1190 - Exploit Public-Facing Application
- T1602.002 - Network Device Configuration Dump
- T1562.004 - Disable or Modify System Firewall
MITREへのリンク →
Score: 6.43
Matched TTPs:
- T1587.001 - Malware
- T1091 - Replication Through Removable Media
- T1083 - File and Directory Discovery
MITREへのリンク →
Score: 5.91
Matched TTPs:
- T1587.001 - Malware
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
MITREへのリンク →
Score: 20.19
Matched TTPs:
- T1587.001 - Malware
- T1070.002 - Clear Linux or Mac System Logs
- T1608.001 - Upload Malware
- T1562.004 - Disable or Modify System Firewall
- T1610 - Deploy Container
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1562.001 - Disable or Modify Tools
MITREへのリンク →
Score: 48.80
Matched TTPs:
- T1484.002 - Trust Modification
- T1598.003 - Spearphishing Link
- T1070.008 - Clear Mailbox Data
- T1589 - Gather Victim Identity Information
- T1598.004 - Spearphishing Voice
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1204 - User Execution
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1598 - Phishing for Information
- T1556.009 - Conditional Access Policies
- T1213.003 - Code Repositories
- T1018 - Remote System Discovery
- T1538 - Cloud Service Dashboard
MITREへのリンク →
Score: 12.08
Matched TTPs:
- T1484.002 - Trust Modification
- T1190 - Exploit Public-Facing Application
- T1486 - Data Encrypted for Impact
- T1556.009 - Conditional Access Policies
MITREへのリンク →
Score: 14.39
Matched TTPs:
- T1070.002 - Clear Linux or Mac System Logs
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1562.001 - Disable or Modify Tools
- T1027.004 - Compile After Delivery
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 11.08
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1598.002 - Spearphishing Attachment
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 7.73
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1608.005 - Link Target
- T1078 - Valid Accounts
MITREへのリンク →
Score: 7.26
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1598 - Phishing for Information
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 12.41
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1608.001 - Upload Malware
- T1589 - Gather Victim Identity Information
- T1598.002 - Spearphishing Attachment
- T1078 - Valid Accounts
MITREへのリンク →
Score: 4.98
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 5.12
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1083 - File and Directory Discovery
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 8.26
Matched TTPs:
- T1556.002 - Password Filter DLL
- T1564.005 - Hidden File System
MITREへのリンク →
Score: 19.05
Matched TTPs:
- T1091 - Replication Through Removable Media
- T1608.001 - Upload Malware
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1534 - Internal Spearphishing
- T1562.001 - Disable or Modify Tools
- T1027.004 - Compile After Delivery
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 7.47
Matched TTPs:
- T1608.001 - Upload Malware
- T1218.005 - Mshta
- T1562.001 - Disable or Modify Tools
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 7.94
Matched TTPs:
- T1608.001 - Upload Malware
- T1218.005 - Mshta
- T1598.002 - Spearphishing Attachment
MITREへのリンク →
Score: 9.99
Matched TTPs:
- T1608.001 - Upload Malware
- T1552.001 - Credentials In Files
- T1562.001 - Disable or Modify Tools
- T1486 - Data Encrypted for Impact
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 17.02
Matched TTPs:
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1134.003 - Make and Impersonate Token
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 5.59
Matched TTPs:
- T1608.001 - Upload Malware
- T1573 - Encrypted Channel
MITREへのリンク →
Score: 5.13
Matched TTPs:
- T1608.001 - Upload Malware
- T1562.001 - Disable or Modify Tools
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 9.70
Matched TTPs:
- T1608.001 - Upload Malware
- T1593.001 - Social Media
- T1204.001 - Malicious Link
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 16.75
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1083 - File and Directory Discovery
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1650 - Acquire Access
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 5.31
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1134 - Access Token Manipulation
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1083 - File and Directory Discovery
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 11.72
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1534 - Internal Spearphishing
- T1078 - Valid Accounts
- T1587.004 - Exploits
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 5.60
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1595.003 - Wordlist Scanning
MITREへのリンク →
Score: 23.71
Matched TTPs:
- T1589 - Gather Victim Identity Information
- T1598.004 - Spearphishing Voice
- T1204 - User Execution
- T1078 - Valid Accounts
- T1591.004 - Identify Roles
- T1213.003 - Code Repositories
- T1111 - Multi-Factor Authentication Interception
MITREへのリンク →
Score: 3.77
Matched TTPs:
- T1562.004 - Disable or Modify System Firewall
- T1078 - Valid Accounts
MITREへのリンク →
Score: 5.44
Matched TTPs:
- T1562.004 - Disable or Modify System Firewall
- T1083 - File and Directory Discovery
- T1562.001 - Disable or Modify Tools
MITREへのリンク →
Score: 9.90
Matched TTPs:
- T1055.013 - Process Doppelgänging
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 4.83
Matched TTPs:
- T1546.008 - Accessibility Features
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 3.64
Matched TTPs:
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
MITREへのリンク →
Score: 3.82
Matched TTPs:
- T1083 - File and Directory Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 5.00
Matched TTPs:
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1205.001 - Port Knocking
MITREへのリンク →
Score: 11.13
Matched TTPs:
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1134 - Access Token Manipulation
- T1018 - Remote System Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 4.86
Matched TTPs:
- T1486 - Data Encrypted for Impact
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1564.005 - Hidden File System
MITREへのリンク →
Score: 3.88
Matched TTPs:
- T1204.001 - Malicious Link
- T1566.003 - Spearphishing via Service
MITREへのリンク →
このPulseに関連する脅威アクター (推論ベース)
Score: 0.70
Matched TTPs:
- T1589 - Gather Victim Identity Information
- T1204 - User Execution
- T1484.002 - Trust Modification
- T1556.009 - Conditional Access Policies
- T1598.004 - Spearphishing Voice
- T1018 - Remote System Discovery
- T1070.008 - Clear Mailbox Data
- T1078 - Valid Accounts
- T1083 - File and Directory Discovery
- T1538 - Cloud Service Dashboard
- T1552.001 - Credentials In Files
- T1213.003 - Code Repositories
- T1486 - Data Encrypted for Impact
- T1598 - Phishing for Information
- T1598.003 - Spearphishing Link
- T1562.001 - Disable or Modify Tools
MITREへのリンク →
Score: 0.58
Matched TTPs:
- T1608.001 - Upload Malware
- T1056.001 - Keylogging
- T1593.001 - Social Media
- T1550.002 - Pass the Hash
- T1218.005 - Mshta
- T1587.001 - Malware
- T1598 - Phishing for Information
- T1083 - File and Directory Discovery
- T1562.004 - Disable or Modify System Firewall
- T1204.001 - Malicious Link
- T1552.001 - Credentials In Files
- T1111 - Multi-Factor Authentication Interception
- T1534 - Internal Spearphishing
- T1598.003 - Spearphishing Link
- T1562.001 - Disable or Modify Tools
- T1190 - Exploit Public-Facing Application
- T1560.001 - Archive via Utility
MITREへのリンク →
Related CVEs
このPulseに見つかったCVEはありません。
Pulse – 脅威アクター グラフ
← Pulse一覧に戻る
Trusted Design