REFUNDEE: Inside a Shadow Panel Phishing-as-a-Service Operation
概要
An open directory discovery at refundonex[.]com exposed a complete Phishing-as-a-Service and RAT-as-a-Service platform targeting Spanish and Portuguese-speaking victims. The investigation uncovered 3,788 files including weaponized LNK, VBS, and AES-encrypted PowerShell payloads delivering a remote access trojan. The platform, called Shadow Panel, operates from Bulgarian infrastructure and offers capabilities including remote shell execution, screenshot capture, file management, browser credential theft, clipboard hijacking for cryptocurrency wallets, and multi-operator support. The C2 panel's frontend JavaScript was publicly accessible, revealing 29 API endpoints and the complete architecture. Infrastructure analysis linked the operation to nikola4010@proton[.]me through WHOIS data and historical malicious domain associations dating back to 2021, indicating a long-running cybercriminal operation with minimal detection coverage.
Created: 2026-04-13
Indicators
類似Pulses
類似するPulseは見つかりませんでした。
このPulseに関連する脅威アクター (事実ベース)
Score: 13.61
Matched TTPs:
- T1560.001 - Archive via Utility
- T1583.005 - Botnet
- T1190 - Exploit Public-Facing Application
- T1505.003 - Web Shell
- T1083 - File and Directory Discovery
- T1068 - Exploitation for Privilege Escalation
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 20.24
Matched TTPs:
- T1560.001 - Archive via Utility
- T1056.001 - Keylogging
- T1027.013 - Encrypted/Encoded File
- T1003.002 - Security Account Manager
- T1190 - Exploit Public-Facing Application
- T1083 - File and Directory Discovery
- T1049 - System Network Connections Discovery
- T1078 - Valid Accounts
- T1036.003 - Rename Legitimate Utilities
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 20.77
Matched TTPs:
- T1560.001 - Archive via Utility
- T1003.002 - Security Account Manager
- T1082 - System Information Discovery
- T1518.002 - Backup Software Discovery
- T1041 - Exfiltration Over C2 Channel
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1018 - Remote System Discovery
- T1550.002 - Pass the Hash
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 10.59
Matched TTPs:
- T1560.001 - Archive via Utility
- T1027.013 - Encrypted/Encoded File
- T1552.001 - Credentials In Files
- T1078 - Valid Accounts
- T1068 - Exploitation for Privilege Escalation
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 26.57
Matched TTPs:
- T1560.001 - Archive via Utility
- T1027.013 - Encrypted/Encoded File
- T1190 - Exploit Public-Facing Application
- T1505.003 - Web Shell
- T1546.008 - Accessibility Features
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1110 - Brute Force
- T1078 - Valid Accounts
- T1585 - Establish Accounts
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 7.09
Matched TTPs:
- T1560.001 - Archive via Utility
- T1560.003 - Archive via Custom Method
- T1090 - Proxy
MITREへのリンク →
Score: 41.56
Matched TTPs:
- T1560.001 - Archive via Utility
- T1113 - Screen Capture
- T1056.001 - Keylogging
- T1007 - System Service Discovery
- T1584.003 - Virtual Private Server
- T1190 - Exploit Public-Facing Application
- T1589 - Gather Victim Identity Information
- T1505.003 - Web Shell
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1049 - System Network Connections Discovery
- T1078 - Valid Accounts
- T1068 - Exploitation for Privilege Escalation
- T1587.004 - Exploits
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
- T1518 - Software Discovery
- T1596.005 - Scan Databases
MITREへのリンク →
Score: 11.88
Matched TTPs:
- T1560.001 - Archive via Utility
- T1114.001 - Local Email Collection
- T1007 - System Service Discovery
- T1049 - System Network Connections Discovery
- T1550.002 - Pass the Hash
MITREへのリンク →
Score: 42.94
Matched TTPs:
- T1560.001 - Archive via Utility
- T1557 - Adversary-in-the-Middle
- T1560.003 - Archive via Custom Method
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1091 - Replication Through Removable Media
- T1608.001 - Upload Malware
- T1505.003 - Web Shell
- T1083 - File and Directory Discovery
- T1049 - System Network Connections Discovery
- T1218.005 - Mshta
- T1041 - Exfiltration Over C2 Channel
- T1052.001 - Exfiltration over USB
- T1219.002 - Remote Desktop Software
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
- T1518 - Software Discovery
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 12.43
Matched TTPs:
- T1560.001 - Archive via Utility
- T1587.001 - Malware
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1083 - File and Directory Discovery
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 28.05
Matched TTPs:
- T1560.001 - Archive via Utility
- T1114.001 - Local Email Collection
- T1007 - System Service Discovery
- T1083 - File and Directory Discovery
- T1049 - System Network Connections Discovery
- T1041 - Exfiltration Over C2 Channel
- T1078 - Valid Accounts
- T1556.001 - Domain Controller Authentication
- T1111 - Multi-Factor Authentication Interception
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
- T1550.002 - Pass the Hash
MITREへのリンク →
Score: 21.77
Matched TTPs:
- T1560.001 - Archive via Utility
- T1557 - Adversary-in-the-Middle
- T1583.002 - DNS Server
- T1114.001 - Local Email Collection
- T1190 - Exploit Public-Facing Application
- T1505.003 - Web Shell
- T1078 - Valid Accounts
- T1608.003 - Install Digital Certificate
MITREへのリンク →
Score: 30.22
Matched TTPs:
- T1560.001 - Archive via Utility
- T1113 - Screen Capture
- T1056.001 - Keylogging
- T1027.013 - Encrypted/Encoded File
- T1115 - Clipboard Data
- T1190 - Exploit Public-Facing Application
- T1505.003 - Web Shell
- T1083 - File and Directory Discovery
- T1041 - Exfiltration Over C2 Channel
- T1110 - Brute Force
- T1078 - Valid Accounts
- T1056 - Input Capture
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 17.87
Matched TTPs:
- T1560.001 - Archive via Utility
- T1114.001 - Local Email Collection
- T1587.001 - Malware
- T1082 - System Information Discovery
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1573.002 - Asymmetric Cryptography
- T1046 - Network Service Discovery
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 16.23
Matched TTPs:
- T1560.001 - Archive via Utility
- T1056.001 - Keylogging
- T1003.002 - Security Account Manager
- T1583.005 - Botnet
- T1190 - Exploit Public-Facing Application
- T1505.003 - Web Shell
- T1083 - File and Directory Discovery
- T1049 - System Network Connections Discovery
MITREへのリンク →
Score: 17.02
Matched TTPs:
- T1560.001 - Archive via Utility
- T1003.002 - Security Account Manager
- T1190 - Exploit Public-Facing Application
- T1505.003 - Web Shell
- T1041 - Exfiltration Over C2 Channel
- T1110 - Brute Force
- T1562.001 - Disable or Modify Tools
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 20.13
Matched TTPs:
- T1560.001 - Archive via Utility
- T1003.002 - Security Account Manager
- T1190 - Exploit Public-Facing Application
- T1505.003 - Web Shell
- T1049 - System Network Connections Discovery
- T1041 - Exfiltration Over C2 Channel
- T1078 - Valid Accounts
- T1036.003 - Rename Legitimate Utilities
- T1018 - Remote System Discovery
- T1550.002 - Pass the Hash
MITREへのリンク →
Score: 44.72
Matched TTPs:
- T1560.001 - Archive via Utility
- T1056.001 - Keylogging
- T1003.002 - Security Account Manager
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1546.008 - Accessibility Features
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1049 - System Network Connections Discovery
- T1071.002 - File Transfer Protocols
- T1110 - Brute Force
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1595.003 - Wordlist Scanning
- T1656 - Impersonation
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
- T1550.002 - Pass the Hash
- T1596.005 - Scan Databases
MITREへのリンク →
Score: 22.33
Matched TTPs:
- T1560.001 - Archive via Utility
- T1113 - Screen Capture
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1083 - File and Directory Discovery
- T1049 - System Network Connections Discovery
- T1552.001 - Credentials In Files
- T1218.005 - Mshta
- T1041 - Exfiltration Over C2 Channel
- T1562.001 - Disable or Modify Tools
- T1518 - Software Discovery
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 33.89
Matched TTPs:
- T1560.001 - Archive via Utility
- T1113 - Screen Capture
- T1056.001 - Keylogging
- T1027.013 - Encrypted/Encoded File
- T1598.003 - Spearphishing Link
- T1091 - Replication Through Removable Media
- T1190 - Exploit Public-Facing Application
- T1505.003 - Web Shell
- T1083 - File and Directory Discovery
- T1110 - Brute Force
- T1078 - Valid Accounts
- T1068 - Exploitation for Privilege Escalation
- T1189 - Drive-by Compromise
- T1498 - Network Denial of Service
- T1550.002 - Pass the Hash
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 31.63
Matched TTPs:
- T1560.001 - Archive via Utility
- T1587.001 - Malware
- T1007 - System Service Discovery
- T1082 - System Information Discovery
- T1584.003 - Virtual Private Server
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1049 - System Network Connections Discovery
- T1110 - Brute Force
- T1562.001 - Disable or Modify Tools
- T1584.006 - Web Services
- T1068 - Exploitation for Privilege Escalation
- T1189 - Drive-by Compromise
- T1018 - Remote System Discovery
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 6.03
Matched TTPs:
- T1560.001 - Archive via Utility
- T1056.001 - Keylogging
- T1082 - System Information Discovery
- T1083 - File and Directory Discovery
MITREへのリンク →
Score: 15.55
Matched TTPs:
- T1560.001 - Archive via Utility
- T1113 - Screen Capture
- T1007 - System Service Discovery
- T1083 - File and Directory Discovery
- T1562.001 - Disable or Modify Tools
- T1189 - Drive-by Compromise
- T1018 - Remote System Discovery
- T1518 - Software Discovery
MITREへのリンク →
Score: 21.11
Matched TTPs:
- T1560.001 - Archive via Utility
- T1560.003 - Archive via Custom Method
- T1587.001 - Malware
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1083 - File and Directory Discovery
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1068 - Exploitation for Privilege Escalation
- T1587.004 - Exploits
MITREへのリンク →
Score: 63.17
Matched TTPs:
- T1560.001 - Archive via Utility
- T1113 - Screen Capture
- T1557 - Adversary-in-the-Middle
- T1056.001 - Keylogging
- T1560.003 - Archive via Custom Method
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1007 - System Service Discovery
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1505.003 - Web Shell
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1218.005 - Mshta
- T1041 - Exfiltration Over C2 Channel
- T1071.002 - File Transfer Protocols
- T1562.001 - Disable or Modify Tools
- T1593.001 - Social Media
- T1656 - Impersonation
- T1585 - Establish Accounts
- T1219.002 - Remote Desktop Software
- T1111 - Multi-Factor Authentication Interception
- T1550.002 - Pass the Hash
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 18.45
Matched TTPs:
- T1560.001 - Archive via Utility
- T1056.001 - Keylogging
- T1082 - System Information Discovery
- T1546.008 - Accessibility Features
- T1083 - File and Directory Discovery
- T1049 - System Network Connections Discovery
- T1552.001 - Credentials In Files
- T1041 - Exfiltration Over C2 Channel
- T1018 - Remote System Discovery
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 14.31
Matched TTPs:
- T1560.001 - Archive via Utility
- T1082 - System Information Discovery
- T1078 - Valid Accounts
- T1068 - Exploitation for Privilege Escalation
- T1486 - Data Encrypted for Impact
- T1573.002 - Asymmetric Cryptography
- T1018 - Remote System Discovery
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 25.23
Matched TTPs:
- T1560.001 - Archive via Utility
- T1056.001 - Keylogging
- T1003.002 - Security Account Manager
- T1587.001 - Malware
- T1583.005 - Botnet
- T1007 - System Service Discovery
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1083 - File and Directory Discovery
- T1049 - System Network Connections Discovery
- T1041 - Exfiltration Over C2 Channel
- T1078 - Valid Accounts
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 14.93
Matched TTPs:
- T1560.001 - Archive via Utility
- T1560.003 - Archive via Custom Method
- T1083 - File and Directory Discovery
- T1049 - System Network Connections Discovery
- T1134 - Access Token Manipulation
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 29.79
Matched TTPs:
- T1560.001 - Archive via Utility
- T1056.001 - Keylogging
- T1003.002 - Security Account Manager
- T1587.001 - Malware
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1589 - Gather Victim Identity Information
- T1505.003 - Web Shell
- T1083 - File and Directory Discovery
- T1049 - System Network Connections Discovery
- T1552.001 - Credentials In Files
- T1134.003 - Make and Impersonate Token
- T1046 - Network Service Discovery
- T1550.002 - Pass the Hash
MITREへのリンク →
Score: 22.26
Matched TTPs:
- T1560.001 - Archive via Utility
- T1007 - System Service Discovery
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1090 - Proxy
- T1049 - System Network Connections Discovery
- T1218.005 - Mshta
- T1584.006 - Web Services
- T1189 - Drive-by Compromise
- T1018 - Remote System Discovery
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 41.33
Matched TTPs:
- T1560.001 - Archive via Utility
- T1113 - Screen Capture
- T1056.001 - Keylogging
- T1027.013 - Encrypted/Encoded File
- T1114.001 - Local Email Collection
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1589 - Gather Victim Identity Information
- T1562.004 - Disable or Modify System Firewall
- T1505.003 - Web Shell
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1049 - System Network Connections Discovery
- T1562.001 - Disable or Modify Tools
- T1486 - Data Encrypted for Impact
- T1189 - Drive-by Compromise
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
- T1204.001 - Malicious Link
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 9.87
Matched TTPs:
- T1560.001 - Archive via Utility
- T1007 - System Service Discovery
- T1082 - System Information Discovery
- T1562.001 - Disable or Modify Tools
- T1550.002 - Pass the Hash
MITREへのリンク →
Score: 12.13
Matched TTPs:
- T1560.001 - Archive via Utility
- T1190 - Exploit Public-Facing Application
- T1049 - System Network Connections Discovery
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 13.24
Matched TTPs:
- T1560.001 - Archive via Utility
- T1558 - Steal or Forge Kerberos Tickets
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 12.50
Matched TTPs:
- T1560.001 - Archive via Utility
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1083 - File and Directory Discovery
- T1049 - System Network Connections Discovery
- T1018 - Remote System Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 28.71
Matched TTPs:
- T1113 - Screen Capture
- T1003.002 - Security Account Manager
- T1598.003 - Spearphishing Link
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1505.003 - Web Shell
- T1083 - File and Directory Discovery
- T1598.002 - Spearphishing Attachment
- T1071.002 - File Transfer Protocols
- T1110 - Brute Force
- T1078 - Valid Accounts
- T1189 - Drive-by Compromise
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 19.61
Matched TTPs:
- T1113 - Screen Capture
- T1082 - System Information Discovery
- T1091 - Replication Through Removable Media
- T1608.001 - Upload Malware
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1041 - Exfiltration Over C2 Channel
- T1562.001 - Disable or Modify Tools
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 44.39
Matched TTPs:
- T1113 - Screen Capture
- T1056.001 - Keylogging
- T1027.013 - Encrypted/Encoded File
- T1587.001 - Malware
- T1115 - Clipboard Data
- T1007 - System Service Discovery
- T1082 - System Information Discovery
- T1556.002 - Password Filter DLL
- T1608.001 - Upload Malware
- T1562.004 - Disable or Modify System Firewall
- T1505.003 - Web Shell
- T1049 - System Network Connections Discovery
- T1552.001 - Credentials In Files
- T1110 - Brute Force
- T1078 - Valid Accounts
- T1068 - Exploitation for Privilege Escalation
- T1573.002 - Asymmetric Cryptography
- T1046 - Network Service Discovery
- T1204.001 - Malicious Link
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 6.72
Matched TTPs:
- T1113 - Screen Capture
- T1090 - Proxy
- T1068 - Exploitation for Privilege Escalation
MITREへのリンク →
Score: 3.76
Matched TTPs:
- T1113 - Screen Capture
- T1190 - Exploit Public-Facing Application
MITREへのリンク →
Score: 24.78
Matched TTPs:
- T1113 - Screen Capture
- T1056.001 - Keylogging
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1070.008 - Clear Mailbox Data
- T1056 - Input Capture
- T1573.002 - Asymmetric Cryptography
- T1656 - Impersonation
- T1111 - Multi-Factor Authentication Interception
MITREへのリンク →
Score: 18.27
Matched TTPs:
- T1113 - Screen Capture
- T1114.001 - Local Email Collection
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1083 - File and Directory Discovery
- T1041 - Exfiltration Over C2 Channel
- T1584.006 - Web Services
- T1189 - Drive-by Compromise
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 5.25
Matched TTPs:
- T1113 - Screen Capture
- T1078 - Valid Accounts
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 5.82
Matched TTPs:
- T1113 - Screen Capture
- T1056.001 - Keylogging
- T1027.013 - Encrypted/Encoded File
MITREへのリンク →
Score: 9.47
Matched TTPs:
- T1113 - Screen Capture
- T1027.013 - Encrypted/Encoded File
- T1083 - File and Directory Discovery
- T1189 - Drive-by Compromise
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 25.72
Matched TTPs:
- T1113 - Screen Capture
- T1587.001 - Malware
- T1082 - System Information Discovery
- T1091 - Replication Through Removable Media
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1218.005 - Mshta
- T1608.005 - Link Target
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 29.54
Matched TTPs:
- T1056.001 - Keylogging
- T1115 - Clipboard Data
- T1082 - System Information Discovery
- T1562.004 - Disable or Modify System Firewall
- T1505.003 - Web Shell
- T1083 - File and Directory Discovery
- T1049 - System Network Connections Discovery
- T1218.005 - Mshta
- T1110 - Brute Force
- T1562.001 - Disable or Modify Tools
- T1486 - Data Encrypted for Impact
- T1036.003 - Rename Legitimate Utilities
- T1189 - Drive-by Compromise
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 4.46
Matched TTPs:
- T1056.001 - Keylogging
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 10.83
Matched TTPs:
- T1056.001 - Keylogging
- T1027.013 - Encrypted/Encoded File
- T1082 - System Information Discovery
- T1091 - Replication Through Removable Media
- T1083 - File and Directory Discovery
- T1189 - Drive-by Compromise
MITREへのリンク →
Score: 5.80
Matched TTPs:
- T1056.001 - Keylogging
- T1505.003 - Web Shell
- T1068 - Exploitation for Privilege Escalation
MITREへのリンク →
Score: 21.66
Matched TTPs:
- T1056.001 - Keylogging
- T1027.013 - Encrypted/Encoded File
- T1003.002 - Security Account Manager
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1505.003 - Web Shell
- T1049 - System Network Connections Discovery
- T1078 - Valid Accounts
- T1068 - Exploitation for Privilege Escalation
- T1189 - Drive-by Compromise
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 32.23
Matched TTPs:
- T1056.001 - Keylogging
- T1027.013 - Encrypted/Encoded File
- T1560.003 - Archive via Custom Method
- T1587.001 - Malware
- T1082 - System Information Discovery
- T1562.004 - Disable or Modify System Firewall
- T1083 - File and Directory Discovery
- T1049 - System Network Connections Discovery
- T1218.005 - Mshta
- T1041 - Exfiltration Over C2 Channel
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1036.003 - Rename Legitimate Utilities
- T1189 - Drive-by Compromise
- T1046 - Network Service Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 5.80
Matched TTPs:
- T1056.001 - Keylogging
- T1068 - Exploitation for Privilege Escalation
- T1189 - Drive-by Compromise
MITREへのリンク →
Score: 4.72
Matched TTPs:
- T1056.001 - Keylogging
- T1078 - Valid Accounts
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 31.46
Matched TTPs:
- T1056.001 - Keylogging
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1505.003 - Web Shell
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1049 - System Network Connections Discovery
- T1041 - Exfiltration Over C2 Channel
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1499 - Endpoint Denial of Service
- T1018 - Remote System Discovery
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 20.43
Matched TTPs:
- T1056.001 - Keylogging
- T1583.002 - DNS Server
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1589 - Gather Victim Identity Information
- T1049 - System Network Connections Discovery
- T1110 - Brute Force
- T1018 - Remote System Discovery
- T1518 - Software Discovery
MITREへのリンク →
Score: 35.77
Matched TTPs:
- T1056.001 - Keylogging
- T1027.013 - Encrypted/Encoded File
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1589 - Gather Victim Identity Information
- T1505.003 - Web Shell
- T1083 - File and Directory Discovery
- T1049 - System Network Connections Discovery
- T1218.005 - Mshta
- T1041 - Exfiltration Over C2 Channel
- T1068 - Exploitation for Privilege Escalation
- T1036.003 - Rename Legitimate Utilities
- T1189 - Drive-by Compromise
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
- T1550.002 - Pass the Hash
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 38.87
Matched TTPs:
- T1588.007 - Artificial Intelligence
- T1027.013 - Encrypted/Encoded File
- T1587.001 - Malware
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1589 - Gather Victim Identity Information
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1041 - Exfiltration Over C2 Channel
- T1562.001 - Disable or Modify Tools
- T1593.001 - Social Media
- T1656 - Impersonation
- T1585 - Establish Accounts
- T1219.002 - Remote Desktop Software
- T1204.001 - Malicious Link
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 9.19
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1082 - System Information Discovery
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1518 - Software Discovery
MITREへのリンク →
Score: 4.72
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1189 - Drive-by Compromise
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 4.72
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1189 - Drive-by Compromise
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 5.52
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1082 - System Information Discovery
- T1083 - File and Directory Discovery
- T1078 - Valid Accounts
MITREへのリンク →
Score: 15.20
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1190 - Exploit Public-Facing Application
- T1505.003 - Web Shell
- T1041 - Exfiltration Over C2 Channel
- T1078 - Valid Accounts
- T1587.004 - Exploits
- T1189 - Drive-by Compromise
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 16.63
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1598.002 - Spearphishing Attachment
- T1518 - Software Discovery
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 9.76
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1608.001 - Upload Malware
- T1562.001 - Disable or Modify Tools
- T1656 - Impersonation
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 5.66
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1608.001 - Upload Malware
- T1068 - Exploitation for Privilege Escalation
MITREへのリンク →
Score: 11.59
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1608.001 - Upload Malware
- T1552.001 - Credentials In Files
- T1562.001 - Disable or Modify Tools
- T1486 - Data Encrypted for Impact
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 4.77
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1082 - System Information Discovery
- T1041 - Exfiltration Over C2 Channel
MITREへのリンク →
Score: 4.56
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1082 - System Information Discovery
- T1189 - Drive-by Compromise
MITREへのリンク →
Score: 13.02
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1218.005 - Mshta
- T1562.001 - Disable or Modify Tools
- T1573.002 - Asymmetric Cryptography
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 16.26
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1486 - Data Encrypted for Impact
- T1056 - Input Capture
- T1656 - Impersonation
- T1219.002 - Remote Desktop Software
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 10.45
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1090 - Proxy
- T1134 - Access Token Manipulation
MITREへのリンク →
Score: 22.02
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1082 - System Information Discovery
- T1091 - Replication Through Removable Media
- T1505.003 - Web Shell
- T1083 - File and Directory Discovery
- T1049 - System Network Connections Discovery
- T1052.001 - Exfiltration over USB
- T1573.002 - Asymmetric Cryptography
- T1046 - Network Service Discovery
- T1518 - Software Discovery
MITREへのリンク →
Score: 3.69
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1068 - Exploitation for Privilege Escalation
MITREへのリンク →
Score: 10.47
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1587.001 - Malware
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1505.003 - Web Shell
MITREへのリンク →
Score: 20.85
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1587.001 - Malware
- T1007 - System Service Discovery
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1562.004 - Disable or Modify System Firewall
- T1083 - File and Directory Discovery
- T1049 - System Network Connections Discovery
- T1552.001 - Credentials In Files
- T1562.001 - Disable or Modify Tools
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 3.39
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1562.001 - Disable or Modify Tools
MITREへのリンク →
Score: 14.19
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1486 - Data Encrypted for Impact
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 20.89
Matched TTPs:
- T1560.003 - Archive via Custom Method
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1068 - Exploitation for Privilege Escalation
- T1573.002 - Asymmetric Cryptography
- T1134 - Access Token Manipulation
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 10.21
Matched TTPs:
- T1003.002 - Security Account Manager
- T1082 - System Information Discovery
- T1036.003 - Rename Legitimate Utilities
- T1189 - Drive-by Compromise
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 34.57
Matched TTPs:
- T1003.002 - Security Account Manager
- T1587.001 - Malware
- T1190 - Exploit Public-Facing Application
- T1505.003 - Web Shell
- T1546.008 - Accessibility Features
- T1649 - Steal or Forge Authentication Certificates
- T1098.005 - Device Registration
- T1218.005 - Mshta
- T1078 - Valid Accounts
- T1068 - Exploitation for Privilege Escalation
- T1027.006 - HTML Smuggling
- T1204.001 - Malicious Link
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 22.16
Matched TTPs:
- T1003.002 - Security Account Manager
- T1190 - Exploit Public-Facing Application
- T1505.003 - Web Shell
- T1552.001 - Credentials In Files
- T1110 - Brute Force
- T1562.001 - Disable or Modify Tools
- T1585 - Establish Accounts
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
- T1550.002 - Pass the Hash
MITREへのリンク →
Score: 11.79
Matched TTPs:
- T1583.002 - DNS Server
- T1190 - Exploit Public-Facing Application
- T1546.008 - Accessibility Features
- T1078 - Valid Accounts
- T1189 - Drive-by Compromise
MITREへのリンク →
Score: 14.25
Matched TTPs:
- T1587.001 - Malware
- T1007 - System Service Discovery
- T1552.001 - Credentials In Files
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 15.58
Matched TTPs:
- T1587.001 - Malware
- T1091 - Replication Through Removable Media
- T1608.001 - Upload Malware
- T1083 - File and Directory Discovery
- T1608.005 - Link Target
- T1041 - Exfiltration Over C2 Channel
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 10.44
Matched TTPs:
- T1587.001 - Malware
- T1190 - Exploit Public-Facing Application
- T1602.002 - Network Device Configuration Dump
- T1562.004 - Disable or Modify System Firewall
MITREへのリンク →
Score: 6.43
Matched TTPs:
- T1587.001 - Malware
- T1091 - Replication Through Removable Media
- T1083 - File and Directory Discovery
MITREへのリンク →
Score: 50.96
Matched TTPs:
- T1484.002 - Trust Modification
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1070.008 - Clear Mailbox Data
- T1589 - Gather Victim Identity Information
- T1598.004 - Spearphishing Voice
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1204 - User Execution
- T1041 - Exfiltration Over C2 Channel
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1068 - Exploitation for Privilege Escalation
- T1486 - Data Encrypted for Impact
- T1656 - Impersonation
- T1219.002 - Remote Desktop Software
- T1018 - Remote System Discovery
- T1538 - Cloud Service Dashboard
MITREへのリンク →
Score: 14.60
Matched TTPs:
- T1484.002 - Trust Modification
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1110 - Brute Force
- T1486 - Data Encrypted for Impact
- T1219.002 - Remote Desktop Software
MITREへのリンク →
Score: 7.73
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1608.005 - Link Target
- T1078 - Valid Accounts
MITREへのリンク →
Score: 9.09
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1041 - Exfiltration Over C2 Channel
- T1068 - Exploitation for Privilege Escalation
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 12.41
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1608.001 - Upload Malware
- T1589 - Gather Victim Identity Information
- T1598.002 - Spearphishing Attachment
- T1078 - Valid Accounts
MITREへのリンク →
Score: 15.31
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1505.003 - Web Shell
- T1041 - Exfiltration Over C2 Channel
- T1584.006 - Web Services
- T1189 - Drive-by Compromise
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 8.09
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1083 - File and Directory Discovery
- T1189 - Drive-by Compromise
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 4.26
Matched TTPs:
- T1007 - System Service Discovery
- T1049 - System Network Connections Discovery
MITREへのリンク →
Score: 6.76
Matched TTPs:
- T1007 - System Service Discovery
- T1082 - System Information Discovery
- T1083 - File and Directory Discovery
- T1049 - System Network Connections Discovery
MITREへのリンク →
Score: 9.36
Matched TTPs:
- T1082 - System Information Discovery
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1189 - Drive-by Compromise
- T1518 - Software Discovery
MITREへのリンク →
Score: 25.83
Matched TTPs:
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1505.003 - Web Shell
- T1134.003 - Make and Impersonate Token
- T1041 - Exfiltration Over C2 Channel
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1068 - Exploitation for Privilege Escalation
- T1486 - Data Encrypted for Impact
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 10.12
Matched TTPs:
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1562.001 - Disable or Modify Tools
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 11.89
Matched TTPs:
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1218.005 - Mshta
- T1598.002 - Spearphishing Attachment
- T1518 - Software Discovery
MITREへのリンク →
Score: 6.30
Matched TTPs:
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1189 - Drive-by Compromise
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 9.60
Matched TTPs:
- T1082 - System Information Discovery
- T1189 - Drive-by Compromise
- T1518 - Software Discovery
- T1204.001 - Malicious Link
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 24.24
Matched TTPs:
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1505.003 - Web Shell
- T1083 - File and Directory Discovery
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1573.002 - Asymmetric Cryptography
- T1650 - Acquire Access
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 3.18
Matched TTPs:
- T1082 - System Information Discovery
- T1041 - Exfiltration Over C2 Channel
MITREへのリンク →
Score: 8.26
Matched TTPs:
- T1556.002 - Password Filter DLL
- T1564.005 - Hidden File System
MITREへのリンク →
Score: 5.67
Matched TTPs:
- T1608.001 - Upload Malware
- T1218.005 - Mshta
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 9.70
Matched TTPs:
- T1608.001 - Upload Malware
- T1593.001 - Social Media
- T1204.001 - Malicious Link
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 6.74
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1505.003 - Web Shell
- T1049 - System Network Connections Discovery
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 4.60
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1046 - Network Service Discovery
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 5.24
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1090 - Proxy
- T1078 - Valid Accounts
MITREへのリンク →
Score: 7.37
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1505.003 - Web Shell
- T1595.003 - Wordlist Scanning
MITREへのリンク →
Score: 23.71
Matched TTPs:
- T1589 - Gather Victim Identity Information
- T1598.004 - Spearphishing Voice
- T1090 - Proxy
- T1204 - User Execution
- T1078 - Valid Accounts
- T1068 - Exploitation for Privilege Escalation
- T1656 - Impersonation
- T1111 - Multi-Factor Authentication Interception
MITREへのリンク →
Score: 3.77
Matched TTPs:
- T1562.004 - Disable or Modify System Firewall
- T1078 - Valid Accounts
MITREへのリンク →
Score: 9.92
Matched TTPs:
- T1562.004 - Disable or Modify System Firewall
- T1083 - File and Directory Discovery
- T1049 - System Network Connections Discovery
- T1562.001 - Disable or Modify Tools
- T1573.002 - Asymmetric Cryptography
MITREへのリンク →
Score: 6.59
Matched TTPs:
- T1505.003 - Web Shell
- T1546.008 - Accessibility Features
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 13.43
Matched TTPs:
- T1055.013 - Process Doppelgänging
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1189 - Drive-by Compromise
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 3.77
Matched TTPs:
- T1090 - Proxy
- T1078 - Valid Accounts
MITREへのリンク →
Score: 8.67
Matched TTPs:
- T1542.002 - Component Firmware
- T1564.005 - Hidden File System
MITREへのリンク →
Score: 6.97
Matched TTPs:
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1041 - Exfiltration Over C2 Channel
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 3.50
Matched TTPs:
- T1049 - System Network Connections Discovery
- T1189 - Drive-by Compromise
MITREへのリンク →
Score: 3.62
Matched TTPs:
- T1071.002 - File Transfer Protocols
MITREへのリンク →
Score: 4.29
Matched TTPs:
- T1110 - Brute Force
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 5.49
Matched TTPs:
- T1110 - Brute Force
- T1078 - Valid Accounts
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 3.19
Matched TTPs:
- T1078 - Valid Accounts
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 7.97
Matched TTPs:
- T1068 - Exploitation for Privilege Escalation
- T1573.002 - Asymmetric Cryptography
- T1046 - Network Service Discovery
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 3.44
Matched TTPs:
- T1585 - Establish Accounts
MITREへのリンク →
Score: 4.29
Matched TTPs:
- T1219.002 - Remote Desktop Software
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 4.69
Matched TTPs:
- T1219.002 - Remote Desktop Software
- T1189 - Drive-by Compromise
MITREへのリンク →
Score: 3.13
Matched TTPs:
- T1189 - Drive-by Compromise
- T1204.001 - Malicious Link
MITREへのリンク →
Score: 3.31
Matched TTPs:
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
MITREへのリンク →
このPulseに関連する脅威アクター (推論ベース)
Score: 0.70
Matched TTPs:
- T1587.001 - Malware
- T1585 - Establish Accounts
- T1007 - System Service Discovery
- T1056.001 - Keylogging
- T1082 - System Information Discovery
- T1071.002 - File Transfer Protocols
- T1505.003 - Web Shell
- T1041 - Exfiltration Over C2 Channel
- T1560.003 - Archive via Custom Method
- T1557 - Adversary-in-the-Middle
- T1598.003 - Spearphishing Link
- T1083 - File and Directory Discovery
- T1190 - Exploit Public-Facing Application
- T1219.002 - Remote Desktop Software
- T1111 - Multi-Factor Authentication Interception
- T1218.005 - Mshta
- T1550.002 - Pass the Hash
- T1562.001 - Disable or Modify Tools
- T1113 - Screen Capture
- T1593.001 - Social Media
- T1608.001 - Upload Malware
- T1560.001 - Archive via Utility
- T1204.001 - Malicious Link
- T1562.004 - Disable or Modify System Firewall
- T1656 - Impersonation
- T1552.001 - Credentials In Files
MITREへのリンク →
Score: 0.56
Matched TTPs:
- T1090 - Proxy
- T1204 - User Execution
- T1082 - System Information Discovery
- T1589 - Gather Victim Identity Information
- T1538 - Cloud Service Dashboard
- T1041 - Exfiltration Over C2 Channel
- T1598.003 - Spearphishing Link
- T1083 - File and Directory Discovery
- T1219.002 - Remote Desktop Software
- T1070.008 - Clear Mailbox Data
- T1018 - Remote System Discovery
- T1562.001 - Disable or Modify Tools
- T1486 - Data Encrypted for Impact
- T1484.002 - Trust Modification
- T1598.004 - Spearphishing Voice
- T1068 - Exploitation for Privilege Escalation
- T1656 - Impersonation
- T1552.001 - Credentials In Files
- T1078 - Valid Accounts
MITREへのリンク →
Related CVEs
このPulseに見つかったCVEはありません。
Pulse – 脅威アクター グラフ
← Pulse一覧に戻る
Trusted Design