Trusted Design

A new Android RAT turning infected devices into potential residential proxy nodes

概要

Mirax is a newly identified Android Remote Access Trojan operating as Malware-as-a-Service, actively targeting European users, particularly in Spanish-speaking regions. Distributed through Meta advertisements and GitHub-hosted droppers, the malware has reached over 200,000 accounts. It employs sophisticated techniques including dynamically fetched HTML overlays, comprehensive keylogging, and remote device control capabilities. A distinctive feature is its integration of SOCKS5-based residential proxy functionality, transforming infected devices into proxy nodes that enable attackers to route traffic through legitimate residential IP addresses. This capability allows operators to bypass geolocation restrictions and evade fraud detection systems while conducting account takeovers and transaction fraud. The malware uses commercial-grade obfuscation through Golden Encryption and establishes persistence through Accessibility Service abuse.

Created: 2026-04-13

Indicators

類似Pulses

類似するPulseは見つかりませんでした。

このPulseに関連する脅威アクター (事実ベース)

Magic Hound

Score: 30.31
Matched TTPs:
  • T1056.001 - Keylogging
  • T1027.013 - Encrypted/Encoded File
  • T1598.003 - Spearphishing Link
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1589 - Gather Victim Identity Information
  • T1562.004 - Disable or Modify System Firewall
  • T1049 - System Network Connections Discovery
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1573 - Encrypted Channel
  • T1018 - Remote System Discovery
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT39

Score: 7.90
Matched TTPs:
  • T1056.001 - Keylogging
  • T1027.013 - Encrypted/Encoded File
  • T1190 - Exploit Public-Facing Application
  • T1018 - Remote System Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

APT38

Score: 21.67
Matched TTPs:
  • T1056.001 - Keylogging
  • T1562.004 - Disable or Modify System Firewall
  • T1049 - System Network Connections Discovery
  • T1218.005 - Mshta
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1036.003 - Rename Legitimate Utilities
  • T1565.002 - Transmitted Data Manipulation
  • T1204.001 - Malicious Link
MITREへのリンク →

Volt Typhoon

Score: 33.82
Matched TTPs:
  • T1056.001 - Keylogging
  • T1190 - Exploit Public-Facing Application
  • T1010 - Application Window Discovery
  • T1589 - Gather Victim Identity Information
  • T1555.003 - Credentials from Web Browsers
  • T1049 - System Network Connections Discovery
  • T1584.005 - Botnet
  • T1591 - Gather Victim Org Information
  • T1068 - Exploitation for Privilege Escalation
  • T1018 - Remote System Discovery
  • T1596.005 - Scan Databases
  • T1003.003 - NTDS
  • T1680 - Local Storage Discovery
MITREへのリンク →

Ajax Security Team

Score: 6.51
Matched TTPs:
  • T1056.001 - Keylogging
  • T1555.003 - Credentials from Web Browsers
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT28

Score: 26.78
Matched TTPs:
  • T1056.001 - Keylogging
  • T1027.013 - Encrypted/Encoded File
  • T1598.003 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1591 - Gather Victim Org Information
  • T1068 - Exploitation for Privilege Escalation
  • T1137.002 - Office Test
  • T1003.003 - NTDS
  • T1204.001 - Malicious Link
MITREへのリンク →

Darkhotel

Score: 6.56
Matched TTPs:
  • T1056.001 - Keylogging
  • T1027.013 - Encrypted/Encoded File
  • T1091 - Replication Through Removable Media
MITREへのリンク →

menuPass

Score: 16.49
Matched TTPs:
  • T1056.001 - Keylogging
  • T1027.013 - Encrypted/Encoded File
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1049 - System Network Connections Discovery
  • T1036.003 - Rename Legitimate Utilities
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
MITREへのリンク →

APT5

Score: 11.58
Matched TTPs:
  • T1056.001 - Keylogging
  • T1003.002 - Security Account Manager
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1049 - System Network Connections Discovery
MITREへのリンク →

Tonto Team

Score: 4.03
Matched TTPs:
  • T1056.001 - Keylogging
  • T1068 - Exploitation for Privilege Escalation
MITREへのリンク →

Threat Group-3390

Score: 14.94
Matched TTPs:
  • T1056.001 - Keylogging
  • T1027.013 - Encrypted/Encoded File
  • T1003.002 - Security Account Manager
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1049 - System Network Connections Discovery
  • T1068 - Exploitation for Privilege Escalation
  • T1018 - Remote System Discovery
MITREへのリンク →

Lazarus Group

Score: 36.61
Matched TTPs:
  • T1056.001 - Keylogging
  • T1027.013 - Encrypted/Encoded File
  • T1560.003 - Archive via Custom Method
  • T1587.001 - Malware
  • T1010 - Application Window Discovery
  • T1562.004 - Disable or Modify System Firewall
  • T1049 - System Network Connections Discovery
  • T1218.005 - Mshta
  • T1491.001 - Internal Defacement
  • T1591 - Gather Victim Org Information
  • T1562.001 - Disable or Modify Tools
  • T1036.003 - Rename Legitimate Utilities
  • T1680 - Local Storage Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Group5

Score: 3.53
Matched TTPs:
  • T1056.001 - Keylogging
  • T1027.013 - Encrypted/Encoded File
MITREへのリンク →

PLATINUM

Score: 4.03
Matched TTPs:
  • T1056.001 - Keylogging
  • T1068 - Exploitation for Privilege Escalation
MITREへのリンク →

FIN4

Score: 3.30
Matched TTPs:
  • T1056.001 - Keylogging
  • T1204.001 - Malicious Link
MITREへのリンク →

Sandworm Team

Score: 33.08
Matched TTPs:
  • T1056.001 - Keylogging
  • T1587.001 - Malware
  • T1213.006 - Databases
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1555.003 - Credentials from Web Browsers
  • T1049 - System Network Connections Discovery
  • T1584.005 - Botnet
  • T1486 - Data Encrypted for Impact
  • T1499 - Endpoint Denial of Service
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
  • T1204.001 - Malicious Link
MITREへのリンク →

Kimsuky

Score: 50.01
Matched TTPs:
  • T1056.001 - Keylogging
  • T1560.003 - Archive via Custom Method
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1555.003 - Credentials from Web Browsers
  • T1218.005 - Mshta
  • T1591 - Gather Victim Org Information
  • T1534 - Internal Spearphishing
  • T1562.001 - Disable or Modify Tools
  • T1593.001 - Social Media
  • T1656 - Impersonation
  • T1111 - Multi-Factor Authentication Interception
  • T1204.001 - Malicious Link
  • T1680 - Local Storage Discovery
  • T1588.005 - Exploits
MITREへのリンク →

OilRig

Score: 25.99
Matched TTPs:
  • T1056.001 - Keylogging
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1562.004 - Disable or Modify System Firewall
  • T1555.003 - Credentials from Web Browsers
  • T1049 - System Network Connections Discovery
  • T1068 - Exploitation for Privilege Escalation
  • T1555.004 - Windows Credential Manager
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT42

Score: 16.75
Matched TTPs:
  • T1056.001 - Keylogging
  • T1608.001 - Upload Malware
  • T1070.008 - Clear Mailbox Data
  • T1555.003 - Credentials from Web Browsers
  • T1656 - Impersonation
  • T1111 - Multi-Factor Authentication Interception
MITREへのリンク →

HEXANE

Score: 26.14
Matched TTPs:
  • T1056.001 - Keylogging
  • T1583.002 - DNS Server
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1010 - Application Window Discovery
  • T1589 - Gather Victim Identity Information
  • T1555.003 - Credentials from Web Browsers
  • T1049 - System Network Connections Discovery
  • T1534 - Internal Spearphishing
  • T1018 - Remote System Discovery
MITREへのリンク →

APT32

Score: 23.25
Matched TTPs:
  • T1056.001 - Keylogging
  • T1027.013 - Encrypted/Encoded File
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1589 - Gather Victim Identity Information
  • T1049 - System Network Connections Discovery
  • T1218.005 - Mshta
  • T1068 - Exploitation for Privilege Escalation
  • T1036.003 - Rename Legitimate Utilities
  • T1018 - Remote System Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

APT3

Score: 11.91
Matched TTPs:
  • T1056.001 - Keylogging
  • T1555.003 - Credentials from Web Browsers
  • T1546.008 - Accessibility Features
  • T1049 - System Network Connections Discovery
  • T1018 - Remote System Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN13

Score: 19.23
Matched TTPs:
  • T1056.001 - Keylogging
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1589 - Gather Victim Identity Information
  • T1049 - System Network Connections Discovery
  • T1134.003 - Make and Impersonate Token
  • T1003.003 - NTDS
MITREへのリンク →

Ke3chang

Score: 22.09
Matched TTPs:
  • T1056.001 - Keylogging
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1558.001 - Golden Ticket
  • T1049 - System Network Connections Discovery
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
MITREへのリンク →

APT41

Score: 38.06
Matched TTPs:
  • T1056.001 - Keylogging
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1555.003 - Credentials from Web Browsers
  • T1484.001 - Group Policy Modification
  • T1546.008 - Accessibility Features
  • T1049 - System Network Connections Discovery
  • T1486 - Data Encrypted for Impact
  • T1595.003 - Wordlist Scanning
  • T1656 - Impersonation
  • T1213.003 - Code Repositories
  • T1018 - Remote System Discovery
  • T1596.005 - Scan Databases
  • T1003.003 - NTDS
MITREへのリンク →

Inception

Score: 5.99
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1555.003 - Credentials from Web Browsers
  • T1218.005 - Mshta
MITREへのリンク →

Dark Caracal

Score: 4.12
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Leviathan

Score: 10.71
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1534 - Internal Spearphishing
  • T1204.001 - Malicious Link
MITREへのリンク →

Sidewinder

Score: 11.37
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1598.003 - Spearphishing Link
  • T1218.005 - Mshta
  • T1598.002 - Spearphishing Attachment
  • T1204.001 - Malicious Link
MITREへのリンク →

Saint Bear

Score: 9.76
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1608.001 - Upload Malware
  • T1562.001 - Disable or Modify Tools
  • T1656 - Impersonation
  • T1204.001 - Malicious Link
MITREへのリンク →

APT33

Score: 7.10
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1555.003 - Credentials from Web Browsers
  • T1068 - Exploitation for Privilege Escalation
  • T1204.001 - Malicious Link
MITREへのリンク →

BITTER

Score: 9.28
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1608.001 - Upload Malware
  • T1068 - Exploitation for Privilege Escalation
  • T1573 - Encrypted Channel
MITREへのリンク →

TA505

Score: 11.12
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1608.001 - Upload Malware
  • T1555.003 - Credentials from Web Browsers
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1204.001 - Malicious Link
MITREへのリンク →

Higaisa

Score: 4.43
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1680 - Local Storage Discovery
MITREへのリンク →

Fox Kitten

Score: 10.23
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
MITREへのリンク →

TA2541

Score: 9.06
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1608.001 - Upload Malware
  • T1218.005 - Mshta
  • T1562.001 - Disable or Modify Tools
  • T1204.001 - Malicious Link
MITREへのリンク →

Malteiro

Score: 3.65
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1555.003 - Credentials from Web Browsers
MITREへのリンク →

Storm-1811

Score: 9.49
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1486 - Data Encrypted for Impact
  • T1656 - Impersonation
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Blue Mockingbird

Score: 3.06
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1190 - Exploit Public-Facing Application
MITREへのリンク →

Tropic Trooper

Score: 16.95
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1091 - Replication Through Removable Media
  • T1049 - System Network Connections Discovery
  • T1052.001 - Exfiltration over USB
  • T1573 - Encrypted Channel
  • T1680 - Local Storage Discovery
MITREへのリンク →

Contagious Interview

Score: 25.69
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1589 - Gather Victim Identity Information
  • T1204.005 - Malicious Library
  • T1562.001 - Disable or Modify Tools
  • T1593.001 - Social Media
  • T1656 - Impersonation
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Whitefly

Score: 3.69
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1068 - Exploitation for Privilege Escalation
MITREへのリンク →

Moses Staff

Score: 7.50
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
MITREへのリンク →

TeamTNT

Score: 17.99
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1070.002 - Clear Linux or Mac System Logs
  • T1608.001 - Upload Malware
  • T1562.004 - Disable or Modify System Firewall
  • T1049 - System Network Connections Discovery
  • T1562.001 - Disable or Modify Tools
  • T1680 - Local Storage Discovery
MITREへのリンク →

Putter Panda

Score: 3.39
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Moonstone Sleet

Score: 16.27
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1591 - Gather Victim Org Information
  • T1486 - Data Encrypted for Impact
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

FIN6

Score: 19.13
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1213.006 - Databases
  • T1555.003 - Credentials from Web Browsers
  • T1562.001 - Disable or Modify Tools
  • T1068 - Exploitation for Privilege Escalation
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

CopyKittens

Score: 3.15
Matched TTPs:
  • T1560.003 - Archive via Custom Method
MITREへのリンク →

Mustang Panda

Score: 33.37
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1176.002 - IDE Extensions
  • T1049 - System Network Connections Discovery
  • T1218.005 - Mshta
  • T1052.001 - Exfiltration over USB
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
  • T1204.001 - Malicious Link
MITREへのリンク →

UNC3886

Score: 12.95
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1562.001 - Disable or Modify Tools
  • T1068 - Exploitation for Privilege Escalation
MITREへのリンク →

Lotus Blossom

Score: 6.43
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1049 - System Network Connections Discovery
  • T1018 - Remote System Discovery
MITREへのリンク →

Mustard Tempest

Score: 7.87
Matched TTPs:
  • T1583.008 - Malvertising
  • T1608.001 - Upload Malware
  • T1204.001 - Malicious Link
MITREへのリンク →

Daggerfly

Score: 7.24
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1036.003 - Rename Legitimate Utilities
  • T1204.001 - Malicious Link
MITREへのリンク →

GALLIUM

Score: 10.62
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1049 - System Network Connections Discovery
  • T1036.003 - Rename Legitimate Utilities
  • T1018 - Remote System Discovery
MITREへのリンク →

APT29

Score: 33.13
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1649 - Steal or Forge Authentication Certificates
  • T1218.005 - Mshta
  • T1068 - Exploitation for Privilege Escalation
  • T1573 - Encrypted Channel
  • T1027.006 - HTML Smuggling
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Dragonfly

Score: 16.37
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1598.003 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1598.002 - Spearphishing Attachment
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
MITREへのリンク →

Agrius

Score: 7.40
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1562.001 - Disable or Modify Tools
  • T1018 - Remote System Discovery
MITREへのリンク →

Wizard Spider

Score: 17.79
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1518.002 - Backup Software Discovery
  • T1562.001 - Disable or Modify Tools
  • T1555.004 - Windows Credential Manager
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
  • T1204.001 - Malicious Link
MITREへのリンク →

Ember Bear

Score: 11.53
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1562.001 - Disable or Modify Tools
  • T1018 - Remote System Discovery
  • T1588.005 - Exploits
MITREへのリンク →

Sea Turtle

Score: 20.72
Matched TTPs:
  • T1583.002 - DNS Server
  • T1213.006 - Databases
  • T1070.002 - Clear Linux or Mac System Logs
  • T1190 - Exploit Public-Facing Application
  • T1608.003 - Install Digital Certificate
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Axiom

Score: 12.22
Matched TTPs:
  • T1583.002 - DNS Server
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1584.005 - Botnet
MITREへのリンク →

Indrik Spider

Score: 11.40
Matched TTPs:
  • T1587.001 - Malware
  • T1484.001 - Group Policy Modification
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1018 - Remote System Discovery
MITREへのリンク →

LuminousMoth

Score: 12.31
Matched TTPs:
  • T1587.001 - Malware
  • T1091 - Replication Through Removable Media
  • T1608.001 - Upload Malware
  • T1608.005 - Link Target
  • T1204.001 - Malicious Link
MITREへのリンク →

Salt Typhoon

Score: 9.53
Matched TTPs:
  • T1587.001 - Malware
  • T1070.002 - Clear Linux or Mac System Logs
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
MITREへのリンク →

Play

Score: 6.90
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.001 - Disable or Modify Tools
  • T1018 - Remote System Discovery
MITREへのリンク →

Aoqin Dragon

Score: 5.13
Matched TTPs:
  • T1587.001 - Malware
  • T1091 - Replication Through Removable Media
MITREへのリンク →

RedCurl

Score: 5.51
Matched TTPs:
  • T1587.001 - Malware
  • T1555.003 - Credentials from Web Browsers
  • T1204.001 - Malicious Link
MITREへのリンク →

Turla

Score: 21.49
Matched TTPs:
  • T1587.001 - Malware
  • T1213.006 - Databases
  • T1049 - System Network Connections Discovery
  • T1562.001 - Disable or Modify Tools
  • T1584.006 - Web Services
  • T1068 - Exploitation for Privilege Escalation
  • T1555.004 - Windows Credential Manager
  • T1018 - Remote System Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN7

Score: 24.08
Matched TTPs:
  • T1587.001 - Malware
  • T1091 - Replication Through Removable Media
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1218.005 - Mshta
  • T1608.005 - Link Target
  • T1591 - Gather Victim Org Information
  • T1486 - Data Encrypted for Impact
  • T1204.001 - Malicious Link
MITREへのリンク →

Medusa Group

Score: 20.91
Matched TTPs:
  • T1652 - Device Driver Discovery
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1650 - Acquire Access
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
MITREへのリンク →

Scattered Spider

Score: 39.32
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1598.003 - Spearphishing Link
  • T1070.008 - Clear Mailbox Data
  • T1589 - Gather Victim Identity Information
  • T1598.004 - Spearphishing Voice
  • T1562.001 - Disable or Modify Tools
  • T1068 - Exploitation for Privilege Escalation
  • T1486 - Data Encrypted for Impact
  • T1656 - Impersonation
  • T1213.003 - Code Repositories
  • T1018 - Remote System Discovery
  • T1538 - Cloud Service Dashboard
  • T1003.003 - NTDS
MITREへのリンク →

Storm-0501

Score: 11.56
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1190 - Exploit Public-Facing Application
  • T1484.001 - Group Policy Modification
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Rocke

Score: 18.53
Matched TTPs:
  • T1070.002 - Clear Linux or Mac System Logs
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1055.002 - Portable Executable Injection
  • T1562.001 - Disable or Modify Tools
  • T1027.004 - Compile After Delivery
  • T1018 - Remote System Discovery
MITREへのリンク →

Silent Librarian

Score: 6.30
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.005 - Link Target
MITREへのリンク →

ZIRCONIUM

Score: 7.97
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1555.003 - Credentials from Web Browsers
  • T1068 - Exploitation for Privilege Escalation
  • T1204.001 - Malicious Link
MITREへのリンク →

Star Blizzard

Score: 13.65
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1589 - Gather Victim Identity Information
  • T1598.002 - Spearphishing Attachment
MITREへのリンク →

CURIUM

Score: 8.60
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1584.006 - Web Services
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Patchwork

Score: 8.70
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1555.003 - Credentials from Web Browsers
  • T1204.001 - Malicious Link
  • T1680 - Local Storage Discovery
MITREへのリンク →

HAFNIUM

Score: 14.91
Matched TTPs:
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1584.005 - Botnet
  • T1068 - Exploitation for Privilege Escalation
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
MITREへのリンク →

Gamaredon Group

Score: 21.59
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1608.001 - Upload Malware
  • T1218.005 - Mshta
  • T1491.001 - Internal Defacement
  • T1534 - Internal Spearphishing
  • T1562.001 - Disable or Modify Tools
  • T1027.004 - Compile After Delivery
  • T1204.001 - Malicious Link
MITREへのリンク →

LAPSUS$

Score: 26.72
Matched TTPs:
  • T1586.002 - Email Accounts
  • T1589 - Gather Victim Identity Information
  • T1555.003 - Credentials from Web Browsers
  • T1598.004 - Spearphishing Voice
  • T1068 - Exploitation for Privilege Escalation
  • T1656 - Impersonation
  • T1213.003 - Code Repositories
  • T1111 - Multi-Factor Authentication Interception
  • T1003.003 - NTDS
MITREへのリンク →

TA577

Score: 4.03
Matched TTPs:
  • T1586.002 - Email Accounts
  • T1204.001 - Malicious Link
MITREへのリンク →

Earth Lusca

Score: 14.04
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1049 - System Network Connections Discovery
  • T1218.005 - Mshta
  • T1584.006 - Web Services
  • T1018 - Remote System Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

LazyScripter

Score: 5.67
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1218.005 - Mshta
  • T1204.001 - Malicious Link
MITREへのリンク →

SideCopy

Score: 7.94
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1218.005 - Mshta
  • T1598.002 - Spearphishing Attachment
MITREへのリンク →

BlackByte

Score: 21.54
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1491.001 - Internal Defacement
  • T1134.003 - Make and Impersonate Token
  • T1562.001 - Disable or Modify Tools
  • T1068 - Exploitation for Privilege Escalation
  • T1486 - Data Encrypted for Impact
  • T1018 - Remote System Discovery
MITREへのリンク →

EXOTIC LILY

Score: 9.70
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1593.001 - Social Media
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

BackdoorDiplomacy

Score: 3.20
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1049 - System Network Connections Discovery
MITREへのリンク →

Cinnamon Tempest

Score: 5.09
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1484.001 - Group Policy Modification
MITREへのリンク →

ToddyCat

Score: 12.44
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1049 - System Network Connections Discovery
  • T1018 - Remote System Discovery
  • T1680 - Local Storage Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Winter Vivern

Score: 6.45
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1584.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

Volatile Cedar

Score: 5.60
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1595.003 - Wordlist Scanning
MITREへのリンク →

INC Ransom

Score: 7.34
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1049 - System Network Connections Discovery
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

MuddyWater

Score: 18.51
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1218.003 - CMSTP
  • T1555.003 - Credentials from Web Browsers
  • T1049 - System Network Connections Discovery
  • T1218.005 - Mshta
  • T1562.001 - Disable or Modify Tools
  • T1027.004 - Compile After Delivery
  • T1204.001 - Malicious Link
MITREへのリンク →

Akira

Score: 10.22
Matched TTPs:
  • T1558 - Steal or Forge Kerberos Tickets
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1018 - Remote System Discovery
MITREへのリンク →

Cobalt Group

Score: 7.59
Matched TTPs:
  • T1218.003 - CMSTP
  • T1068 - Exploitation for Privilege Escalation
  • T1204.001 - Malicious Link
MITREへのリンク →

Velvet Ant

Score: 5.87
Matched TTPs:
  • T1562.004 - Disable or Modify System Firewall
  • T1049 - System Network Connections Discovery
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Stealth Falcon

Score: 5.67
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1555.004 - Windows Credential Manager
MITREへのリンク →

Leafminer

Score: 8.13
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1055.013 - Process Doppelgänging
  • T1018 - Remote System Discovery
MITREへのリンク →

Molerats

Score: 3.41
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1204.001 - Malicious Link
MITREへのリンク →

Deep Panda

Score: 4.83
Matched TTPs:
  • T1546.008 - Accessibility Features
  • T1018 - Remote System Discovery
MITREへのリンク →

Chimera

Score: 16.61
Matched TTPs:
  • T1049 - System Network Connections Discovery
  • T1556.001 - Domain Controller Authentication
  • T1111 - Multi-Factor Authentication Interception
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
  • T1680 - Local Storage Discovery
MITREへのリンク →

Gorgon Group

Score: 5.93
Matched TTPs:
  • T1055.002 - Portable Executable Injection
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Confucius

Score: 6.53
Matched TTPs:
  • T1218.005 - Mshta
  • T1204.001 - Malicious Link
  • T1680 - Local Storage Discovery
MITREへのリンク →

BRONZE BUTLER

Score: 3.34
Matched TTPs:
  • T1562.001 - Disable or Modify Tools
  • T1018 - Remote System Discovery
MITREへのリンク →

FIN8

Score: 7.34
Matched TTPs:
  • T1068 - Exploitation for Privilege Escalation
  • T1486 - Data Encrypted for Impact
  • T1018 - Remote System Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

Equation

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

Strider

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

Windshift

Score: 3.88
Matched TTPs:
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.70
Matched TTPs:
  • T1593.001 - Social Media
  • T1608.001 - Upload Malware
  • T1587.001 - Malware
  • T1591 - Gather Victim Org Information
  • T1534 - Internal Spearphishing
  • T1586.002 - Email Accounts
  • T1562.001 - Disable or Modify Tools
  • T1190 - Exploit Public-Facing Application
  • T1204.001 - Malicious Link
  • T1562.004 - Disable or Modify System Firewall
  • T1680 - Local Storage Discovery
  • T1111 - Multi-Factor Authentication Interception
  • T1218.005 - Mshta
  • T1656 - Impersonation
  • T1598.003 - Spearphishing Link
  • T1056.001 - Keylogging
  • T1555.003 - Credentials from Web Browsers
  • T1560.003 - Archive via Custom Method
  • T1588.005 - Exploits
MITREへのリンク →

Scattered Spider

Score: 0.55
Matched TTPs:
  • T1018 - Remote System Discovery
  • T1656 - Impersonation
  • T1598.003 - Spearphishing Link
  • T1070.008 - Clear Mailbox Data
  • T1484.002 - Trust Modification
  • T1589 - Gather Victim Identity Information
  • T1213.003 - Code Repositories
  • T1538 - Cloud Service Dashboard
  • T1068 - Exploitation for Privilege Escalation
  • T1598.004 - Spearphishing Voice
  • T1003.003 - NTDS
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る