Trusted Design

Analysis of Attack Activities Using SSH+TOR Tunnels to Achieve Covert Persistence

概要

APT-C-13 (Sandworm), also known as FROZENBARENTS, is a state-sponsored advanced persistent threat group conducting global cyber espionage operations. The organization recently deployed malicious campaigns using nested SSH and TOR tunnel infrastructure to establish covert remote access channels. Attackers distribute ZIP archives containing weaponized LNK files via spearphishing emails, which extract and execute payloads that create scheduled tasks disguised as legitimate software. The attack establishes dual-encrypted anonymous tunnels using obfs4 protocol to bypass deep packet inspection, while mapping sensitive ports (SMB/445, RDP/3389) to Onion domains for persistent backdoor access. The campaign leverages sophisticated anti-analysis techniques including sandbox detection, file disguise, and process masquerading to evade detection and maintain long-term unauthorized control over compromised systems for intelligence collection.

Created: 2026-05-01

Indicators

類似Pulses

類似するPulseは見つかりませんでした。

このPulseに関連する脅威アクター (事実ベース)

HAFNIUM

Score: 16.53
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1027.008 - Stripped Payloads
  • T1140 - Deobfuscate/Decode Files or Information
  • T1555.003 - Credentials from Web Browsers
  • T1027.016 - Junk Code Insertion
  • T1590.006 - Network Security Appliances
  • T1039 - Data from Network Shared Drive
  • T1134 - Access Token Manipulation
MITREへのリンク →

menuPass

Score: 19.40
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1596.003 - Digital Certificates
  • T1491.002 - External Defacement
  • T1584.008 - Network Devices
  • T1140 - Deobfuscate/Decode Files or Information
  • T1558 - Steal or Forge Kerberos Tickets
  • T1590.006 - Network Security Appliances
  • T1055.004 - Asynchronous Procedure Call
  • T1174 - Password Filter DLL
  • T1134 - Access Token Manipulation
MITREへのリンク →

Wizard Spider

Score: 28.84
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1123 - Audio Capture
  • T1584.008 - Network Devices
  • T1038 - DLL Search Order Hijacking
  • T1183 - Image File Execution Options Injection
  • T1590.006 - Network Security Appliances
  • T1087.004 - Cloud Account
  • T1597 - Search Closed Sources
  • T1556.009 - Conditional Access Policies
  • T1134 - Access Token Manipulation
  • T1668 - Exclusive Control
  • T1556 - Modify Authentication Process
MITREへのリンク →

APT33

Score: 13.30
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1491.002 - External Defacement
  • T1027.016 - Junk Code Insertion
  • T1051 - Shared Webroot
  • T1039 - Data from Network Shared Drive
  • T1556 - Modify Authentication Process
MITREへのリンク →

Fox Kitten

Score: 22.08
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1491.002 - External Defacement
  • T1140 - Deobfuscate/Decode Files or Information
  • T1555.003 - Credentials from Web Browsers
  • T1177 - LSASS Driver
  • T1045 - Software Packing
  • T1051 - Shared Webroot
  • T1097 - Pass the Ticket
  • T1656 - Impersonation
  • T1134 - Access Token Manipulation
MITREへのリンク →

CopyKittens

Score: 7.09
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1016.001 - Internet Connection Discovery
  • T1045 - Software Packing
MITREへのリンク →

Volt Typhoon

Score: 37.97
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1596.003 - Digital Certificates
  • T1123 - Audio Capture
  • T1176 - Software Extensions
  • T1140 - Deobfuscate/Decode Files or Information
  • T1547.005 - Security Support Provider
  • T1555.003 - Credentials from Web Browsers
  • T1590.006 - Network Security Appliances
  • T1045 - Software Packing
  • T1055.004 - Asynchronous Procedure Call
  • T1057 - Process Discovery
  • T1212 - Exploitation for Credential Access
  • T1039 - Data from Network Shared Drive
  • T1488 - Disk Content Wipe
  • T1134 - Access Token Manipulation
  • T1159 - Launch Agent
MITREへのリンク →

APT1

Score: 9.83
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1183 - Image File Execution Options Injection
  • T1590.006 - Network Security Appliances
  • T1055.004 - Asynchronous Procedure Call
  • T1668 - Exclusive Control
MITREへのリンク →

Mustang Panda

Score: 45.43
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1037 - Boot or Logon Initialization Scripts
  • T1016.001 - Internet Connection Discovery
  • T1606.002 - SAML Tokens
  • T1566.002 - Spearphishing Link
  • T1058 - Service Registry Permissions Weakness
  • T1091 - Replication Through Removable Media
  • T1555.003 - Credentials from Web Browsers
  • T1183 - Image File Execution Options Injection
  • T1136.001 - Local Account
  • T1590.006 - Network Security Appliances
  • T1055.004 - Asynchronous Procedure Call
  • T1218.012 - Verclsid
  • T1087.004 - Cloud Account
  • T1136.003 - Cloud Account
  • T1134 - Access Token Manipulation
  • T1159 - Launch Agent
  • T1556 - Modify Authentication Process
MITREへのリンク →

Play

Score: 14.43
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1123 - Audio Capture
  • T1606.002 - SAML Tokens
  • T1140 - Deobfuscate/Decode Files or Information
  • T1590.006 - Network Security Appliances
  • T1552.003 - Shell History
  • T1597 - Search Closed Sources
  • T1134 - Access Token Manipulation
MITREへのリンク →

Chimera

Score: 31.59
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1123 - Audio Capture
  • T1027.016 - Junk Code Insertion
  • T1590.006 - Network Security Appliances
  • T1055.004 - Asynchronous Procedure Call
  • T1087.004 - Cloud Account
  • T1212 - Exploitation for Credential Access
  • T1574 - Hijack Execution Flow
  • T1059.003 - Windows Command Shell
  • T1132.002 - Non-Standard Encoding
  • T1134 - Access Token Manipulation
  • T1668 - Exclusive Control
MITREへのリンク →

Sea Turtle

Score: 25.32
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1037 - Boot or Logon Initialization Scripts
  • T1123 - Audio Capture
  • T1499.003 - Application Exhaustion Flood
  • T1063 - Security Software Discovery
  • T1497.001 - System Checks
  • T1140 - Deobfuscate/Decode Files or Information
  • T1555.003 - Credentials from Web Browsers
  • T1059.013 - Container CLI/API
MITREへのリンク →

APT39

Score: 14.40
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1596.003 - Digital Certificates
  • T1491.002 - External Defacement
  • T1140 - Deobfuscate/Decode Files or Information
  • T1555.003 - Credentials from Web Browsers
  • T1087.004 - Cloud Account
  • T1097 - Pass the Ticket
  • T1134 - Access Token Manipulation
MITREへのリンク →

RedCurl

Score: 6.21
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1606.002 - SAML Tokens
  • T1051 - Shared Webroot
MITREへのリンク →

APT5

Score: 14.94
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1596.003 - Digital Certificates
  • T1584.008 - Network Devices
  • T1027.008 - Stripped Payloads
  • T1140 - Deobfuscate/Decode Files or Information
  • T1555.003 - Credentials from Web Browsers
  • T1055.004 - Asynchronous Procedure Call
MITREへのリンク →

Agrius

Score: 20.19
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1584.008 - Network Devices
  • T1140 - Deobfuscate/Decode Files or Information
  • T1558 - Steal or Forge Kerberos Tickets
  • T1555.003 - Credentials from Web Browsers
  • T1027.016 - Junk Code Insertion
  • T1087.004 - Cloud Account
  • T1097 - Pass the Ticket
  • T1597 - Search Closed Sources
  • T1134 - Access Token Manipulation
MITREへのリンク →

GALLIUM

Score: 22.11
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1123 - Audio Capture
  • T1584.008 - Network Devices
  • T1140 - Deobfuscate/Decode Files or Information
  • T1555.003 - Credentials from Web Browsers
  • T1590.006 - Network Security Appliances
  • T1055.004 - Asynchronous Procedure Call
  • T1087.004 - Cloud Account
  • T1174 - Password Filter DLL
  • T1134 - Access Token Manipulation
  • T1668 - Exclusive Control
MITREへのリンク →

APT41

Score: 50.12
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1596.003 - Digital Certificates
  • T1123 - Audio Capture
  • T1584.008 - Network Devices
  • T1140 - Deobfuscate/Decode Files or Information
  • T1590.006 - Network Security Appliances
  • T1177 - LSASS Driver
  • T1045 - Software Packing
  • T1055.004 - Asynchronous Procedure Call
  • T1041 - Exfiltration Over C2 Channel
  • T1097 - Pass the Ticket
  • T1208 - Kerberoasting
  • T1027 - Obfuscated Files or Information
  • T1030 - Data Transfer Size Limits
  • T1564.003 - Hidden Window
  • T1134 - Access Token Manipulation
  • T1668 - Exclusive Control
  • T1037.001 - Logon Script (Windows)
  • T1055.015 - ListPlanting
MITREへのリンク →

MuddyWater

Score: 25.40
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1140 - Deobfuscate/Decode Files or Information
  • T1518.002 - Backup Software Discovery
  • T1590.006 - Network Security Appliances
  • T1055.004 - Asynchronous Procedure Call
  • T1051 - Shared Webroot
  • T1218.012 - Verclsid
  • T1087.004 - Cloud Account
  • T1597 - Search Closed Sources
  • T1059.013 - Container CLI/API
  • T1159 - Launch Agent
MITREへのリンク →

APT28

Score: 45.24
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1596.003 - Digital Certificates
  • T1491.002 - External Defacement
  • T1123 - Audio Capture
  • T1566.002 - Spearphishing Link
  • T1058 - Service Registry Permissions Weakness
  • T1140 - Deobfuscate/Decode Files or Information
  • T1558 - Steal or Forge Kerberos Tickets
  • T1555.003 - Credentials from Web Browsers
  • T1027.016 - Junk Code Insertion
  • T1057 - Process Discovery
  • T1097 - Pass the Ticket
  • T1039 - Data from Network Shared Drive
  • T1197 - BITS Jobs
  • T1059.012 - Hypervisor CLI
  • T1668 - Exclusive Control
  • T1588.003 - Code Signing Certificates
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Turla

Score: 37.11
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1606.002 - SAML Tokens
  • T1063 - Security Software Discovery
  • T1176 - Software Extensions
  • T1590.006 - Network Security Appliances
  • T1045 - Software Packing
  • T1055.004 - Asynchronous Procedure Call
  • T1212 - Exploitation for Credential Access
  • T1097 - Pass the Ticket
  • T1597 - Search Closed Sources
  • T1218.001 - Compiled HTML File
  • T1039 - Data from Network Shared Drive
  • T1556.009 - Conditional Access Policies
  • T1059.012 - Hypervisor CLI
  • T1134 - Access Token Manipulation
MITREへのリンク →

Sowbug

Score: 3.53
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1596.003 - Digital Certificates
MITREへのリンク →

BRONZE BUTLER

Score: 15.48
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1558 - Steal or Forge Kerberos Tickets
  • T1592.004 - Client Configurations
  • T1597 - Search Closed Sources
  • T1059.012 - Hypervisor CLI
  • T1134 - Access Token Manipulation
  • T1159 - Launch Agent
MITREへのリンク →

UNC3886

Score: 21.83
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1016.001 - Internet Connection Discovery
  • T1606.002 - SAML Tokens
  • T1140 - Deobfuscate/Decode Files or Information
  • T1009 - Binary Padding
  • T1597 - Search Closed Sources
  • T1039 - Data from Network Shared Drive
  • T1488 - Disk Content Wipe
  • T1055.015 - ListPlanting
MITREへのリンク →

Kimsuky

Score: 73.16
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1037 - Boot or Logon Initialization Scripts
  • T1596.003 - Digital Certificates
  • T1123 - Audio Capture
  • T1016.001 - Internet Connection Discovery
  • T1606.002 - SAML Tokens
  • T1566.002 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1140 - Deobfuscate/Decode Files or Information
  • T1009 - Binary Padding
  • T1555.003 - Credentials from Web Browsers
  • T1183 - Image File Execution Options Injection
  • T1590.006 - Network Security Appliances
  • T1051 - Shared Webroot
  • T1218.012 - Verclsid
  • T1552.003 - Shell History
  • T1087.004 - Cloud Account
  • T1057 - Process Discovery
  • T1041 - Exfiltration Over C2 Channel
  • T1055.014 - VDSO Hijacking
  • T1597 - Search Closed Sources
  • T1027.014 - Polymorphic Code
  • T1030 - Data Transfer Size Limits
  • T1197 - BITS Jobs
  • T1656 - Impersonation
  • T1132.002 - Non-Standard Encoding
  • T1668 - Exclusive Control
  • T1003.003 - NTDS
MITREへのリンク →

APT3

Score: 16.06
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1596.003 - Digital Certificates
  • T1590.006 - Network Security Appliances
  • T1177 - LSASS Driver
  • T1055.004 - Asynchronous Procedure Call
  • T1051 - Shared Webroot
  • T1087.004 - Cloud Account
  • T1134 - Access Token Manipulation
MITREへのリンク →

FIN8

Score: 10.32
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1039 - Data from Network Shared Drive
  • T1027 - Obfuscated Files or Information
  • T1134 - Access Token Manipulation
  • T1556 - Modify Authentication Process
MITREへのリンク →

Ke3chang

Score: 22.19
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1596.003 - Digital Certificates
  • T1123 - Audio Capture
  • T1584.008 - Network Devices
  • T1606.002 - SAML Tokens
  • T1027.008 - Stripped Payloads
  • T1140 - Deobfuscate/Decode Files or Information
  • T1590.006 - Network Security Appliances
  • T1055.004 - Asynchronous Procedure Call
  • T1087.004 - Cloud Account
  • T1134 - Access Token Manipulation
MITREへのリンク →

Lotus Blossom

Score: 13.34
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1016.001 - Internet Connection Discovery
  • T1590.006 - Network Security Appliances
  • T1055.004 - Asynchronous Procedure Call
  • T1505 - Server Software Component
  • T1134 - Access Token Manipulation
MITREへのリンク →

FIN13

Score: 38.17
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1596.003 - Digital Certificates
  • T1123 - Audio Capture
  • T1584.008 - Network Devices
  • T1606.002 - SAML Tokens
  • T1140 - Deobfuscate/Decode Files or Information
  • T1558 - Steal or Forge Kerberos Tickets
  • T1547.005 - Security Support Provider
  • T1555.003 - Credentials from Web Browsers
  • T1590.006 - Network Security Appliances
  • T1055.004 - Asynchronous Procedure Call
  • T1051 - Shared Webroot
  • T1552.003 - Shell History
  • T1134.001 - Token Impersonation/Theft
  • T1668 - Exclusive Control
  • T1686.001 - Cloud Firewall
MITREへのリンク →

Earth Lusca

Score: 19.85
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1091 - Replication Through Removable Media
  • T1140 - Deobfuscate/Decode Files or Information
  • T1590.006 - Network Security Appliances
  • T1045 - Software Packing
  • T1055.004 - Asynchronous Procedure Call
  • T1218.012 - Verclsid
  • T1218.001 - Compiled HTML File
  • T1059.012 - Hypervisor CLI
  • T1134 - Access Token Manipulation
MITREへのリンク →

Magic Hound

Score: 41.86
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1596.003 - Digital Certificates
  • T1491.002 - External Defacement
  • T1566.002 - Spearphishing Link
  • T1036.009 - Break Process Trees
  • T1140 - Deobfuscate/Decode Files or Information
  • T1547.005 - Security Support Provider
  • T1009 - Binary Padding
  • T1555.003 - Credentials from Web Browsers
  • T1183 - Image File Execution Options Injection
  • T1590.006 - Network Security Appliances
  • T1045 - Software Packing
  • T1055.004 - Asynchronous Procedure Call
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
  • T1059.012 - Hypervisor CLI
  • T1134 - Access Token Manipulation
  • T1098.002 - Additional Email Delegate Permissions
  • T1547.008 - LSASS Driver
MITREへのリンク →

Aquatic Panda

Score: 6.14
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1597 - Search Closed Sources
  • T1668 - Exclusive Control
MITREへのリンク →

INC Ransom

Score: 14.90
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1036.009 - Break Process Trees
  • T1140 - Deobfuscate/Decode Files or Information
  • T1055.004 - Asynchronous Procedure Call
  • T1552.003 - Shell History
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

Akira

Score: 16.27
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1123 - Audio Capture
  • T1137.005 - Outlook Rules
  • T1552.003 - Shell History
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
  • T1134 - Access Token Manipulation
MITREへのリンク →

ToddyCat

Score: 11.20
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1140 - Deobfuscate/Decode Files or Information
  • T1009 - Binary Padding
  • T1055.004 - Asynchronous Procedure Call
  • T1134 - Access Token Manipulation
  • T1547.008 - LSASS Driver
MITREへのリンク →

APT38

Score: 30.90
Matched TTPs:
  • T1596.003 - Digital Certificates
  • T1009 - Binary Padding
  • T1555.003 - Credentials from Web Browsers
  • T1055.004 - Asynchronous Procedure Call
  • T1218.012 - Verclsid
  • T1590 - Gather Victim Network Information
  • T1097 - Pass the Ticket
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
  • T1174 - Password Filter DLL
  • T1493 - Transmitted Data Manipulation
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Ajax Security Team

Score: 4.46
Matched TTPs:
  • T1596.003 - Digital Certificates
  • T1547.008 - LSASS Driver
MITREへのリンク →

Darkhotel

Score: 9.80
Matched TTPs:
  • T1596.003 - Digital Certificates
  • T1491.002 - External Defacement
  • T1058 - Service Registry Permissions Weakness
  • T1590.006 - Network Security Appliances
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Tonto Team

Score: 8.95
Matched TTPs:
  • T1596.003 - Digital Certificates
  • T1555.003 - Credentials from Web Browsers
  • T1212 - Exploitation for Credential Access
  • T1039 - Data from Network Shared Drive
MITREへのリンク →

Threat Group-3390

Score: 21.87
Matched TTPs:
  • T1596.003 - Digital Certificates
  • T1491.002 - External Defacement
  • T1123 - Audio Capture
  • T1584.008 - Network Devices
  • T1091 - Replication Through Removable Media
  • T1140 - Deobfuscate/Decode Files or Information
  • T1555.003 - Credentials from Web Browsers
  • T1590.006 - Network Security Appliances
  • T1055.004 - Asynchronous Procedure Call
  • T1039 - Data from Network Shared Drive
  • T1059.012 - Hypervisor CLI
  • T1134 - Access Token Manipulation
MITREへのリンク →

Lazarus Group

Score: 42.51
Matched TTPs:
  • T1596.003 - Digital Certificates
  • T1491.002 - External Defacement
  • T1016.001 - Internet Connection Discovery
  • T1606.002 - SAML Tokens
  • T1009 - Binary Padding
  • T1183 - Image File Execution Options Injection
  • T1027.016 - Junk Code Insertion
  • T1590.006 - Network Security Appliances
  • T1055.004 - Asynchronous Procedure Call
  • T1218.012 - Verclsid
  • T1087.004 - Cloud Account
  • T1057 - Process Discovery
  • T1597 - Search Closed Sources
  • T1174 - Password Filter DLL
  • T1059.012 - Hypervisor CLI
  • T1055.015 - ListPlanting
  • T1547.008 - LSASS Driver
  • T1556 - Modify Authentication Process
MITREへのリンク →

Group5

Score: 3.53
Matched TTPs:
  • T1596.003 - Digital Certificates
  • T1491.002 - External Defacement
MITREへのリンク →

PLATINUM

Score: 7.98
Matched TTPs:
  • T1596.003 - Digital Certificates
  • T1558 - Steal or Forge Kerberos Tickets
  • T1039 - Data from Network Shared Drive
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Sandworm Team

Score: 31.66
Matched TTPs:
  • T1596.003 - Digital Certificates
  • T1123 - Audio Capture
  • T1606.002 - SAML Tokens
  • T1063 - Security Software Discovery
  • T1566.002 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1140 - Deobfuscate/Decode Files or Information
  • T1558 - Steal or Forge Kerberos Tickets
  • T1555.003 - Credentials from Web Browsers
  • T1183 - Image File Execution Options Injection
  • T1045 - Software Packing
  • T1055.004 - Asynchronous Procedure Call
  • T1087.004 - Cloud Account
  • T1027 - Obfuscated Files or Information
  • T1134 - Access Token Manipulation
MITREへのリンク →

OilRig

Score: 45.79
Matched TTPs:
  • T1596.003 - Digital Certificates
  • T1491.002 - External Defacement
  • T1123 - Audio Capture
  • T1606.002 - SAML Tokens
  • T1574.014 - AppDomainManager
  • T1091 - Replication Through Removable Media
  • T1558 - Steal or Forge Kerberos Tickets
  • T1009 - Binary Padding
  • T1555.003 - Credentials from Web Browsers
  • T1590.006 - Network Security Appliances
  • T1055.004 - Asynchronous Procedure Call
  • T1051 - Shared Webroot
  • T1212 - Exploitation for Credential Access
  • T1097 - Pass the Ticket
  • T1039 - Data from Network Shared Drive
  • T1556.009 - Conditional Access Policies
  • T1055.015 - ListPlanting
  • T1547.008 - LSASS Driver
  • T1556 - Modify Authentication Process
MITREへのリンク →

APT42

Score: 18.45
Matched TTPs:
  • T1596.003 - Digital Certificates
  • T1091 - Replication Through Removable Media
  • T1583.001 - Domains
  • T1183 - Image File Execution Options Injection
  • T1590.006 - Network Security Appliances
  • T1030 - Data Transfer Size Limits
  • T1132.002 - Non-Standard Encoding
MITREへのリンク →

HEXANE

Score: 32.50
Matched TTPs:
  • T1596.003 - Digital Certificates
  • T1499.003 - Application Exhaustion Flood
  • T1091 - Replication Through Removable Media
  • T1547.005 - Security Support Provider
  • T1183 - Image File Execution Options Injection
  • T1027.016 - Junk Code Insertion
  • T1590.006 - Network Security Appliances
  • T1055.004 - Asynchronous Procedure Call
  • T1055.014 - VDSO Hijacking
  • T1212 - Exploitation for Credential Access
  • T1097 - Pass the Ticket
  • T1134 - Access Token Manipulation
  • T1159 - Launch Agent
MITREへのリンク →

APT32

Score: 43.13
Matched TTPs:
  • T1596.003 - Digital Certificates
  • T1491.002 - External Defacement
  • T1566.002 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1558 - Steal or Forge Kerberos Tickets
  • T1547.005 - Security Support Provider
  • T1555.003 - Credentials from Web Browsers
  • T1590.006 - Network Security Appliances
  • T1592.004 - Client Configurations
  • T1055.004 - Asynchronous Procedure Call
  • T1218.012 - Verclsid
  • T1087.004 - Cloud Account
  • T1039 - Data from Network Shared Drive
  • T1027.014 - Polymorphic Code
  • T1174 - Password Filter DLL
  • T1059.012 - Hypervisor CLI
  • T1134 - Access Token Manipulation
  • T1668 - Exclusive Control
  • T1556 - Modify Authentication Process
MITREへのリンク →

Contagious Interview

Score: 37.98
Matched TTPs:
  • T1044 - File System Permissions Weakness
  • T1491.002 - External Defacement
  • T1606.002 - SAML Tokens
  • T1091 - Replication Through Removable Media
  • T1558 - Steal or Forge Kerberos Tickets
  • T1547.005 - Security Support Provider
  • T1183 - Image File Execution Options Injection
  • T1045 - Software Packing
  • T1552.003 - Shell History
  • T1087.004 - Cloud Account
  • T1597 - Search Closed Sources
  • T1030 - Data Transfer Size Limits
  • T1656 - Impersonation
  • T1547.008 - LSASS Driver
  • T1556 - Modify Authentication Process
MITREへのリンク →

Inception

Score: 9.43
Matched TTPs:
  • T1491.002 - External Defacement
  • T1218.012 - Verclsid
  • T1027.014 - Polymorphic Code
  • T1159 - Launch Agent
MITREへのリンク →

Dark Caracal

Score: 5.88
Matched TTPs:
  • T1491.002 - External Defacement
  • T1059.012 - Hypervisor CLI
  • T1547.008 - LSASS Driver
MITREへのリンク →

Elderwood

Score: 3.36
Matched TTPs:
  • T1491.002 - External Defacement
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Transparent Tribe

Score: 3.36
Matched TTPs:
  • T1491.002 - External Defacement
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

APT18

Score: 3.53
Matched TTPs:
  • T1491.002 - External Defacement
  • T1123 - Audio Capture
MITREへのリンク →

Leviathan

Score: 23.00
Matched TTPs:
  • T1491.002 - External Defacement
  • T1123 - Audio Capture
  • T1140 - Deobfuscate/Decode Files or Information
  • T1555.003 - Credentials from Web Browsers
  • T1183 - Image File Execution Options Injection
  • T1087.004 - Cloud Account
  • T1055.014 - VDSO Hijacking
  • T1027.014 - Polymorphic Code
  • T1488 - Disk Content Wipe
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Sidewinder

Score: 14.23
Matched TTPs:
  • T1491.002 - External Defacement
  • T1566.002 - Spearphishing Link
  • T1590.006 - Network Security Appliances
  • T1218.012 - Verclsid
  • T1657 - Financial Theft
  • T1159 - Launch Agent
MITREへのリンク →

Saint Bear

Score: 8.40
Matched TTPs:
  • T1491.002 - External Defacement
  • T1091 - Replication Through Removable Media
  • T1597 - Search Closed Sources
  • T1030 - Data Transfer Size Limits
MITREへのリンク →

BITTER

Score: 5.66
Matched TTPs:
  • T1491.002 - External Defacement
  • T1091 - Replication Through Removable Media
  • T1039 - Data from Network Shared Drive
MITREへのリンク →

TA505

Score: 10.23
Matched TTPs:
  • T1491.002 - External Defacement
  • T1091 - Replication Through Removable Media
  • T1051 - Shared Webroot
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

Higaisa

Score: 5.04
Matched TTPs:
  • T1491.002 - External Defacement
  • T1590.006 - Network Security Appliances
  • T1087.004 - Cloud Account
MITREへのリンク →

APT19

Score: 7.58
Matched TTPs:
  • T1491.002 - External Defacement
  • T1590.006 - Network Security Appliances
  • T1027.014 - Polymorphic Code
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

TA2541

Score: 7.70
Matched TTPs:
  • T1491.002 - External Defacement
  • T1091 - Replication Through Removable Media
  • T1218.012 - Verclsid
  • T1597 - Search Closed Sources
MITREへのリンク →

Malteiro

Score: 4.12
Matched TTPs:
  • T1491.002 - External Defacement
  • T1552.003 - Shell History
MITREへのリンク →

Storm-1811

Score: 11.68
Matched TTPs:
  • T1491.002 - External Defacement
  • T1558 - Steal or Forge Kerberos Tickets
  • T1027 - Obfuscated Files or Information
  • T1030 - Data Transfer Size Limits
  • T1547.008 - LSASS Driver
MITREへのリンク →

Blue Mockingbird

Score: 12.00
Matched TTPs:
  • T1491.002 - External Defacement
  • T1140 - Deobfuscate/Decode Files or Information
  • T1045 - Software Packing
  • T1027.014 - Polymorphic Code
  • T1505 - Server Software Component
MITREへのリンク →

Tropic Trooper

Score: 16.48
Matched TTPs:
  • T1491.002 - External Defacement
  • T1058 - Service Registry Permissions Weakness
  • T1555.003 - Credentials from Web Browsers
  • T1590.006 - Network Security Appliances
  • T1055.004 - Asynchronous Procedure Call
  • T1136.003 - Cloud Account
  • T1159 - Launch Agent
MITREへのリンク →

Whitefly

Score: 3.69
Matched TTPs:
  • T1491.002 - External Defacement
  • T1039 - Data from Network Shared Drive
MITREへのリンク →

Moses Staff

Score: 10.74
Matched TTPs:
  • T1491.002 - External Defacement
  • T1606.002 - SAML Tokens
  • T1140 - Deobfuscate/Decode Files or Information
  • T1009 - Binary Padding
  • T1555.003 - Credentials from Web Browsers
  • T1590.006 - Network Security Appliances
MITREへのリンク →

TeamTNT

Score: 31.25
Matched TTPs:
  • T1491.002 - External Defacement
  • T1123 - Audio Capture
  • T1606.002 - SAML Tokens
  • T1497.001 - System Checks
  • T1036.009 - Break Process Trees
  • T1091 - Replication Through Removable Media
  • T1558 - Steal or Forge Kerberos Tickets
  • T1009 - Binary Padding
  • T1071.003 - Mail Protocols
  • T1590.006 - Network Security Appliances
  • T1055.004 - Asynchronous Procedure Call
  • T1051 - Shared Webroot
  • T1597 - Search Closed Sources
MITREへのリンク →

Putter Panda

Score: 3.39
Matched TTPs:
  • T1491.002 - External Defacement
  • T1597 - Search Closed Sources
MITREへのリンク →

Moonstone Sleet

Score: 23.47
Matched TTPs:
  • T1491.002 - External Defacement
  • T1606.002 - SAML Tokens
  • T1566.002 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1183 - Image File Execution Options Injection
  • T1590.006 - Network Security Appliances
  • T1057 - Process Discovery
  • T1027 - Obfuscated Files or Information
  • T1197 - BITS Jobs
  • T1547.008 - LSASS Driver
MITREへのリンク →

Ember Bear

Score: 31.40
Matched TTPs:
  • T1123 - Audio Capture
  • T1584.008 - Network Devices
  • T1140 - Deobfuscate/Decode Files or Information
  • T1558 - Steal or Forge Kerberos Tickets
  • T1555.003 - Credentials from Web Browsers
  • T1027.016 - Junk Code Insertion
  • T1051 - Shared Webroot
  • T1097 - Pass the Ticket
  • T1597 - Search Closed Sources
  • T1656 - Impersonation
  • T1134 - Access Token Manipulation
  • T1668 - Exclusive Control
  • T1003.003 - NTDS
MITREへのリンク →

Velvet Ant

Score: 15.38
Matched TTPs:
  • T1123 - Audio Capture
  • T1036.009 - Break Process Trees
  • T1009 - Binary Padding
  • T1055.004 - Asynchronous Procedure Call
  • T1597 - Search Closed Sources
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Scattered Spider

Score: 57.03
Matched TTPs:
  • T1123 - Audio Capture
  • T1685.004 - Disable or Modify Linux Audit System Log
  • T1566.002 - Spearphishing Link
  • T1583.001 - Domains
  • T1547.005 - Security Support Provider
  • T1019 - System Firmware
  • T1590.006 - Network Security Appliances
  • T1045 - Software Packing
  • T1051 - Shared Webroot
  • T1552.003 - Shell History
  • T1087.004 - Cloud Account
  • T1597 - Search Closed Sources
  • T1039 - Data from Network Shared Drive
  • T1027 - Obfuscated Files or Information
  • T1030 - Data Transfer Size Limits
  • T1197 - BITS Jobs
  • T1564.003 - Hidden Window
  • T1498 - Network Denial of Service
  • T1134 - Access Token Manipulation
  • T1027.002 - Software Packing
MITREへのリンク →

LAPSUS$

Score: 23.93
Matched TTPs:
  • T1123 - Audio Capture
  • T1547.005 - Security Support Provider
  • T1019 - System Firmware
  • T1045 - Software Packing
  • T1039 - Data from Network Shared Drive
  • T1030 - Data Transfer Size Limits
  • T1564.003 - Hidden Window
  • T1132.002 - Non-Standard Encoding
MITREへのリンク →

APT29

Score: 44.85
Matched TTPs:
  • T1123 - Audio Capture
  • T1584.008 - Network Devices
  • T1606.002 - SAML Tokens
  • T1140 - Deobfuscate/Decode Files or Information
  • T1555.003 - Credentials from Web Browsers
  • T1027.016 - Junk Code Insertion
  • T1177 - LSASS Driver
  • T1592.004 - Client Configurations
  • T1568 - Dynamic Resolution
  • T1036.004 - Masquerade Task or Service
  • T1218.012 - Verclsid
  • T1039 - Data from Network Shared Drive
  • T1223 - Compiled HTML File
  • T1555.004 - Windows Credential Manager
  • T1547.008 - LSASS Driver
MITREへのリンク →

FIN5

Score: 6.00
Matched TTPs:
  • T1123 - Audio Capture
  • T1097 - Pass the Ticket
  • T1134 - Access Token Manipulation
MITREへのリンク →

GOLD SOUTHFIELD

Score: 3.41
Matched TTPs:
  • T1123 - Audio Capture
  • T1140 - Deobfuscate/Decode Files or Information
MITREへのリンク →

Dragonfly

Score: 31.24
Matched TTPs:
  • T1123 - Audio Capture
  • T1584.008 - Network Devices
  • T1566.002 - Spearphishing Link
  • T1140 - Deobfuscate/Decode Files or Information
  • T1009 - Binary Padding
  • T1555.003 - Credentials from Web Browsers
  • T1590.006 - Network Security Appliances
  • T1657 - Financial Theft
  • T1041 - Exfiltration Over C2 Channel
  • T1097 - Pass the Ticket
  • T1531 - Account Access Removal
  • T1059.012 - Hypervisor CLI
  • T1134 - Access Token Manipulation
MITREへのリンク →

FIN6

Score: 21.32
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1063 - Security Software Discovery
  • T1597 - Search Closed Sources
  • T1039 - Data from Network Shared Drive
  • T1505 - Server Software Component
  • T1134 - Access Token Manipulation
  • T1547.008 - LSASS Driver
  • T1556 - Modify Authentication Process
MITREへのリンク →

Mustard Tempest

Score: 8.28
Matched TTPs:
  • T1682 - Query Public AI Services
  • T1091 - Replication Through Removable Media
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Daggerfly

Score: 7.64
Matched TTPs:
  • T1584.008 - Network Devices
  • T1174 - Password Filter DLL
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Axiom

Score: 10.37
Matched TTPs:
  • T1499.003 - Application Exhaustion Flood
  • T1140 - Deobfuscate/Decode Files or Information
  • T1177 - LSASS Driver
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Indrik Spider

Score: 16.43
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1183 - Image File Execution Options Injection
  • T1051 - Shared Webroot
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
  • T1498 - Network Denial of Service
  • T1134 - Access Token Manipulation
MITREへのリンク →

LuminousMoth

Score: 12.92
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1058 - Service Registry Permissions Weakness
  • T1091 - Replication Through Removable Media
  • T1584.005 - Botnet
  • T1087.004 - Cloud Account
MITREへのリンク →

Salt Typhoon

Score: 16.12
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1497.001 - System Checks
  • T1140 - Deobfuscate/Decode Files or Information
  • T1009 - Binary Padding
  • T1498 - Network Denial of Service
  • T1556 - Modify Authentication Process
MITREへのリンク →

Aoqin Dragon

Score: 7.32
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1058 - Service Registry Permissions Weakness
  • T1558 - Steal or Forge Kerberos Tickets
MITREへのリンク →

FIN7

Score: 26.16
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1058 - Service Registry Permissions Weakness
  • T1091 - Replication Through Removable Media
  • T1140 - Deobfuscate/Decode Files or Information
  • T1009 - Binary Padding
  • T1218.012 - Verclsid
  • T1584.005 - Botnet
  • T1057 - Process Discovery
  • T1027 - Obfuscated Files or Information
  • T1055.015 - ListPlanting
MITREへのリンク →

Storm-0501

Score: 15.74
Matched TTPs:
  • T1685.004 - Disable or Modify Linux Audit System Log
  • T1140 - Deobfuscate/Decode Files or Information
  • T1552.003 - Shell History
  • T1097 - Pass the Ticket
  • T1027 - Obfuscated Files or Information
  • T1027.014 - Polymorphic Code
MITREへのリンク →

Rocke

Score: 17.83
Matched TTPs:
  • T1497.001 - System Checks
  • T1036.009 - Break Process Trees
  • T1140 - Deobfuscate/Decode Files or Information
  • T1009 - Binary Padding
  • T1597 - Search Closed Sources
  • T1059.013 - Container CLI/API
  • T1134 - Access Token Manipulation
MITREへのリンク →

Silent Librarian

Score: 11.34
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1183 - Image File Execution Options Injection
  • T1027.016 - Junk Code Insertion
  • T1584.005 - Botnet
MITREへのリンク →

ZIRCONIUM

Score: 13.62
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1558 - Steal or Forge Kerberos Tickets
  • T1590.006 - Network Security Appliances
  • T1087.004 - Cloud Account
  • T1039 - Data from Network Shared Drive
  • T1197 - BITS Jobs
MITREへのリンク →

Star Blizzard

Score: 13.27
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1547.005 - Security Support Provider
  • T1183 - Image File Execution Options Injection
  • T1657 - Financial Theft
MITREへのリンク →

CURIUM

Score: 16.39
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1555.003 - Credentials from Web Browsers
  • T1183 - Image File Execution Options Injection
  • T1087.004 - Cloud Account
  • T1218.001 - Compiled HTML File
  • T1059.012 - Hypervisor CLI
  • T1547.008 - LSASS Driver
MITREへのリンク →

Patchwork

Score: 4.22
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Strider

Score: 8.26
Matched TTPs:
  • T1574.014 - AppDomainManager
  • T1130 - Install Root Certificate
MITREへのリンク →

Gamaredon Group

Score: 20.70
Matched TTPs:
  • T1058 - Service Registry Permissions Weakness
  • T1091 - Replication Through Removable Media
  • T1045 - Software Packing
  • T1218.012 - Verclsid
  • T1087.004 - Cloud Account
  • T1055.014 - VDSO Hijacking
  • T1597 - Search Closed Sources
  • T1059.013 - Container CLI/API
MITREへのリンク →

LazyScripter

Score: 6.50
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1558 - Steal or Forge Kerberos Tickets
  • T1218.012 - Verclsid
MITREへのリンク →

SideCopy

Score: 12.15
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1590.006 - Network Security Appliances
  • T1218.012 - Verclsid
  • T1657 - Financial Theft
  • T1159 - Launch Agent
MITREへのリンク →

BlackByte

Score: 22.90
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1140 - Deobfuscate/Decode Files or Information
  • T1009 - Binary Padding
  • T1555.003 - Credentials from Web Browsers
  • T1590.006 - Network Security Appliances
  • T1134.001 - Token Impersonation/Theft
  • T1087.004 - Cloud Account
  • T1597 - Search Closed Sources
  • T1039 - Data from Network Shared Drive
  • T1027 - Obfuscated Files or Information
  • T1134 - Access Token Manipulation
MITREへのリンク →

EXOTIC LILY

Score: 6.78
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1183 - Image File Execution Options Injection
  • T1547.008 - LSASS Driver
MITREへのリンク →

BackdoorDiplomacy

Score: 4.97
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1555.003 - Credentials from Web Browsers
  • T1055.004 - Asynchronous Procedure Call
MITREへのリンク →

Medusa Group

Score: 22.07
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1009 - Binary Padding
  • T1555.003 - Credentials from Web Browsers
  • T1183 - Image File Execution Options Injection
  • T1590.006 - Network Security Appliances
  • T1552.003 - Shell History
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
  • T1598 - Phishing for Information
  • T1134 - Access Token Manipulation
MITREへのリンク →

Cinnamon Tempest

Score: 6.33
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1045 - Software Packing
  • T1552.003 - Shell History
MITREへのリンク →

Winter Vivern

Score: 11.02
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1558 - Steal or Forge Kerberos Tickets
  • T1087.004 - Cloud Account
  • T1218.001 - Compiled HTML File
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Volatile Cedar

Score: 3.24
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1555.003 - Credentials from Web Browsers
MITREへのリンク →

Windshift

Score: 9.22
Matched TTPs:
  • T1558 - Steal or Forge Kerberos Tickets
  • T1059.012 - Hypervisor CLI
  • T1159 - Launch Agent
  • T1547.008 - LSASS Driver
MITREへのリンク →

TA551

Score: 7.27
Matched TTPs:
  • T1558 - Steal or Forge Kerberos Tickets
  • T1218.012 - Verclsid
  • T1027.014 - Polymorphic Code
MITREへのリンク →

Cobalt Group

Score: 8.97
Matched TTPs:
  • T1518.002 - Backup Software Discovery
  • T1039 - Data from Network Shared Drive
  • T1027.014 - Polymorphic Code
MITREへのリンク →

Deep Panda

Score: 9.34
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1177 - LSASS Driver
  • T1027.014 - Polymorphic Code
  • T1134 - Access Token Manipulation
MITREへのリンク →

Leafminer

Score: 8.58
Matched TTPs:
  • T1027.016 - Junk Code Insertion
  • T1051 - Shared Webroot
  • T1059.012 - Hypervisor CLI
  • T1134 - Access Token Manipulation
MITREへのリンク →

admin@338

Score: 6.36
Matched TTPs:
  • T1590.006 - Network Security Appliances
  • T1055.004 - Asynchronous Procedure Call
  • T1212 - Exploitation for Credential Access
MITREへのリンク →

Stealth Falcon

Score: 7.06
Matched TTPs:
  • T1590.006 - Network Security Appliances
  • T1087.004 - Cloud Account
  • T1556.009 - Conditional Access Policies
MITREへのリンク →

Naikon

Score: 3.01
Matched TTPs:
  • T1590.006 - Network Security Appliances
  • T1134 - Access Token Manipulation
MITREへのリンク →

MoustachedBouncer

Score: 4.44
Matched TTPs:
  • T1045 - Software Packing
  • T1039 - Data from Network Shared Drive
MITREへのリンク →

Windigo

Score: 6.85
Matched TTPs:
  • T1045 - Software Packing
  • T1059.012 - Hypervisor CLI
  • T1159 - Launch Agent
MITREへのリンク →

Andariel

Score: 3.50
Matched TTPs:
  • T1055.004 - Asynchronous Procedure Call
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Confucius

Score: 4.31
Matched TTPs:
  • T1218.012 - Verclsid
  • T1087.004 - Cloud Account
MITREへのリンク →

Water Galura

Score: 4.86
Matched TTPs:
  • T1552.003 - Shell History
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

SilverTerrier

Score: 6.14
Matched TTPs:
  • T1552.003 - Shell History
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

DarkHydrus

Score: 4.13
Matched TTPs:
  • T1531 - Account Access Removal
MITREへのリンク →

APT17

Score: 3.44
Matched TTPs:
  • T1656 - Impersonation
MITREへのリンク →

Equation

Score: 8.26
Matched TTPs:
  • T1130 - Install Root Certificate
  • T1037.001 - Logon Script (Windows)
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.70
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1087.004 - Cloud Account
  • T1009 - Binary Padding
  • T1197 - BITS Jobs
  • T1132.002 - Non-Standard Encoding
  • T1057 - Process Discovery
  • T1552.003 - Shell History
  • T1091 - Replication Through Removable Media
  • T1051 - Shared Webroot
  • T1656 - Impersonation
  • T1590.006 - Network Security Appliances
  • T1560.001 - Archive via Utility
  • T1030 - Data Transfer Size Limits
  • T1037 - Boot or Logon Initialization Scripts
  • T1597 - Search Closed Sources
  • T1016.001 - Internet Connection Discovery
  • T1027.014 - Polymorphic Code
  • T1555.003 - Credentials from Web Browsers
  • T1123 - Audio Capture
  • T1218.012 - Verclsid
  • T1566.002 - Spearphishing Link
  • T1668 - Exclusive Control
  • T1183 - Image File Execution Options Injection
  • T1003.003 - NTDS
  • T1596.003 - Digital Certificates
  • T1140 - Deobfuscate/Decode Files or Information
  • T1041 - Exfiltration Over C2 Channel
  • T1055.014 - VDSO Hijacking
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る