Trusted Design

Chinese APT Campaign Targets Entities with Updated FDMTP Backdoor

概要

Beginning in late September 2025, multiple affected hosts were observed making requests to domains impersonating content delivery networks (CDNs), including infrastructure masquerading as Yahoo- and Apple-affiliated services. Across these cases, Darktrace identified a consistent behavioral execution pattern: the retrieval of legitimate binaries alongside malicious Dynamic Link Libraries (DLLs), enabling sideloading and execution of a modular .NET-based Remote Access Trojan (RAT) framework.

Created: 2026-05-18

Indicators

類似Pulses

類似するPulseは見つかりませんでした。

このPulseに関連する脅威アクター (事実ベース)

HAFNIUM

Score: 8.47
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1099 - Timestomp
  • T1055.008 - Ptrace System Calls
MITREへのリンク →

menuPass

Score: 12.29
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1584.008 - Network Devices
  • T1527 - Application Access Token
  • T1098.007 - Additional Local or Domain Groups
  • T1547.011 - Plist Modification
MITREへのリンク →

Wizard Spider

Score: 16.73
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1584.008 - Network Devices
  • T1183 - Image File Execution Options Injection
  • T1588.001 - Malware
  • T1083 - File and Directory Discovery
  • T1597 - Search Closed Sources
  • T1556 - Modify Authentication Process
MITREへのリンク →

APT33

Score: 9.26
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1051 - Shared Webroot
  • T1562.001 - Disable or Modify Tools
  • T1556 - Modify Authentication Process
MITREへのリンク →

Fox Kitten

Score: 14.18
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1177 - LSASS Driver
  • T1055.013 - Process Doppelgänging
  • T1588.001 - Malware
  • T1051 - Shared Webroot
  • T1565 - Data Manipulation
MITREへのリンク →

Volt Typhoon

Score: 20.38
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1099 - Timestomp
  • T1003.007 - Proc Filesystem
  • T1547.005 - Security Support Provider
  • T1083 - File and Directory Discovery
  • T1584.002 - DNS Server
  • T1665 - Hide Infrastructure
MITREへのリンク →

APT1

Score: 7.92
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.007 - Proc Filesystem
  • T1098.007 - Additional Local or Domain Groups
  • T1183 - Image File Execution Options Injection
MITREへのリンク →

Mustang Panda

Score: 25.26
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1546.013 - PowerShell Profile
  • T1098.007 - Additional Local or Domain Groups
  • T1183 - Image File Execution Options Injection
  • T1055.013 - Process Doppelgänging
  • T1169 - Sudo
  • T1136.003 - Cloud Account
  • T1055.005 - Thread Local Storage
  • T1556 - Modify Authentication Process
MITREへのリンク →

Play

Score: 3.39
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1597 - Search Closed Sources
MITREへのリンク →

Chimera

Score: 6.95
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.007 - Proc Filesystem
  • T1665 - Hide Infrastructure
MITREへのリンク →

Sea Turtle

Score: 3.11
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1098.007 - Additional Local or Domain Groups
MITREへのリンク →

APT39

Score: 9.02
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1547.011 - Plist Modification
  • T1055.013 - Process Doppelgänging
  • T1027.004 - Compile After Delivery
MITREへのリンク →

RedCurl

Score: 13.36
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1016.002 - Wi-Fi Discovery
  • T1090 - Proxy
  • T1051 - Shared Webroot
  • T1027.004 - Compile After Delivery
MITREへのリンク →

APT5

Score: 4.19
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1584.008 - Network Devices
MITREへのリンク →

Agrius

Score: 5.98
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1584.008 - Network Devices
  • T1597 - Search Closed Sources
MITREへのリンク →

GALLIUM

Score: 6.93
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1584.008 - Network Devices
  • T1547.011 - Plist Modification
MITREへのリンク →

APT41

Score: 13.41
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1584.008 - Network Devices
  • T1177 - LSASS Driver
  • T1588.001 - Malware
  • T1564.003 - Hidden Window
MITREへのリンク →

MuddyWater

Score: 17.11
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1546.013 - PowerShell Profile
  • T1518.002 - Backup Software Discovery
  • T1547.011 - Plist Modification
  • T1051 - Shared Webroot
  • T1597 - Search Closed Sources
  • T1027.004 - Compile After Delivery
MITREへのリンク →

APT28

Score: 22.35
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1098.007 - Additional Local or Domain Groups
  • T1131 - Authentication Package
  • T1547.011 - Plist Modification
  • T1585 - Establish Accounts
  • T1055.008 - Ptrace System Calls
  • T1546.007 - Netsh Helper DLL
MITREへのリンク →

Turla

Score: 19.88
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1546.013 - PowerShell Profile
  • T1099 - Timestomp
  • T1003.007 - Proc Filesystem
  • T1131 - Authentication Package
  • T1597 - Search Closed Sources
  • T1218.001 - Compiled HTML File
  • T1027.004 - Compile After Delivery
MITREへのリンク →

BRONZE BUTLER

Score: 8.25
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.007 - Proc Filesystem
  • T1597 - Search Closed Sources
  • T1027.004 - Compile After Delivery
MITREへのリンク →

UNC3886

Score: 14.30
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1009 - Binary Padding
  • T1021.006 - Windows Remote Management
  • T1588.001 - Malware
  • T1597 - Search Closed Sources
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Kimsuky

Score: 37.43
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1546.013 - PowerShell Profile
  • T1213.006 - Databases
  • T1003.007 - Proc Filesystem
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1131 - Authentication Package
  • T1183 - Image File Execution Options Injection
  • T1588.001 - Malware
  • T1609 - Container Administration Command
  • T1051 - Shared Webroot
  • T1597 - Search Closed Sources
  • T1565 - Data Manipulation
  • T1027.004 - Compile After Delivery
  • T1665 - Hide Infrastructure
MITREへのリンク →

APT3

Score: 10.15
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1547.011 - Plist Modification
  • T1177 - LSASS Driver
  • T1051 - Shared Webroot
MITREへのリンク →

FIN8

Score: 7.09
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1099 - Timestomp
  • T1556 - Modify Authentication Process
MITREへのリンク →

Ke3chang

Score: 16.87
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1584.008 - Network Devices
  • T1003.007 - Proc Filesystem
  • T1055.013 - Process Doppelgänging
  • T1198 - SIP and Trust Provider Hijacking
  • T1090 - Proxy
MITREへのリンク →

Lotus Blossom

Score: 4.34
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1099 - Timestomp
MITREへのリンク →

FIN13

Score: 18.61
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1099 - Timestomp
  • T1584.008 - Network Devices
  • T1547.005 - Security Support Provider
  • T1588.001 - Malware
  • T1051 - Shared Webroot
  • T1134.001 - Token Impersonation/Theft
MITREへのリンク →

Earth Lusca

Score: 17.41
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1546.013 - PowerShell Profile
  • T1003.007 - Proc Filesystem
  • T1098.007 - Additional Local or Domain Groups
  • T1110.003 - Password Spraying
  • T1218.001 - Compiled HTML File
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Magic Hound

Score: 25.67
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1099 - Timestomp
  • T1098.007 - Additional Local or Domain Groups
  • T1016.002 - Wi-Fi Discovery
  • T1547.005 - Security Support Provider
  • T1009 - Binary Padding
  • T1183 - Image File Execution Options Injection
  • T1588.001 - Malware
  • T1597 - Search Closed Sources
  • T1562.001 - Disable or Modify Tools
  • T1565 - Data Manipulation
MITREへのリンク →

Aquatic Panda

Score: 8.01
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.007 - Proc Filesystem
  • T1588.001 - Malware
  • T1597 - Search Closed Sources
MITREへのリンク →

INC Ransom

Score: 7.01
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1083 - File and Directory Discovery
  • T1597 - Search Closed Sources
MITREへのリンク →

Akira

Score: 7.93
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1137.005 - Outlook Rules
  • T1597 - Search Closed Sources
MITREへのリンク →

ToddyCat

Score: 6.77
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1009 - Binary Padding
  • T1665 - Hide Infrastructure
MITREへのリンク →

Scattered Spider

Score: 34.12
Matched TTPs:
  • T1666 - Modify Cloud Resource Hierarchy
  • T1685.004 - Disable or Modify Linux Audit System Log
  • T1098.007 - Additional Local or Domain Groups
  • T1547.005 - Security Support Provider
  • T1609 - Container Administration Command
  • T1083 - File and Directory Discovery
  • T1051 - Shared Webroot
  • T1556.008 - Network Provider DLL
  • T1597 - Search Closed Sources
  • T1565 - Data Manipulation
  • T1564.003 - Hidden Window
MITREへのリンク →

FIN4

Score: 4.13
Matched TTPs:
  • T1666 - Modify Cloud Resource Hierarchy
MITREへのリンク →

APT32

Score: 21.63
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1098.007 - Additional Local or Domain Groups
  • T1547.005 - Security Support Provider
  • T1131 - Authentication Package
  • T1055.013 - Process Doppelgänging
  • T1588.001 - Malware
  • T1562.001 - Disable or Modify Tools
  • T1565 - Data Manipulation
  • T1556 - Modify Authentication Process
MITREへのリンク →

Saint Bear

Score: 6.11
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1055.013 - Process Doppelgänging
  • T1597 - Search Closed Sources
MITREへのリンク →

FIN6

Score: 10.95
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1055.013 - Process Doppelgänging
  • T1588.001 - Malware
  • T1597 - Search Closed Sources
  • T1556 - Modify Authentication Process
MITREへのリンク →

Sidewinder

Score: 5.26
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1090 - Proxy
MITREへのリンク →

Winter Vivern

Score: 14.83
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1098.007 - Additional Local or Domain Groups
  • T1055.013 - Process Doppelgänging
  • T1090 - Proxy
  • T1588.001 - Malware
  • T1218.001 - Compiled HTML File
MITREへのリンク →

Silence

Score: 7.12
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1547.011 - Plist Modification
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Contagious Interview

Score: 27.75
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1098.007 - Additional Local or Domain Groups
  • T1547.005 - Security Support Provider
  • T1131 - Authentication Package
  • T1021.006 - Windows Remote Management
  • T1183 - Image File Execution Options Injection
  • T1597 - Search Closed Sources
  • T1562.001 - Disable or Modify Tools
  • T1565 - Data Manipulation
  • T1027.004 - Compile After Delivery
  • T1556 - Modify Authentication Process
MITREへのリンク →

LazyScripter

Score: 3.49
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1098.007 - Additional Local or Domain Groups
MITREへのリンク →

TA505

Score: 15.28
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1527 - Application Access Token
  • T1098.007 - Additional Local or Domain Groups
  • T1016.002 - Wi-Fi Discovery
  • T1051 - Shared Webroot
  • T1597 - Search Closed Sources
MITREへのリンク →

FIN7

Score: 12.67
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1055.013 - Process Doppelgänging
  • T1588.001 - Malware
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Cobalt Group

Score: 10.64
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1518.002 - Backup Software Discovery
  • T1598.004 - Spearphishing Voice
MITREへのリンク →

Higaisa

Score: 6.90
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1588.001 - Malware
  • T1665 - Hide Infrastructure
MITREへのリンク →

Indrik Spider

Score: 11.10
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1003.007 - Proc Filesystem
  • T1183 - Image File Execution Options Injection
  • T1051 - Shared Webroot
  • T1597 - Search Closed Sources
MITREへのリンク →

Leafminer

Score: 9.03
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1101 - Security Support Provider
  • T1051 - Shared Webroot
MITREへのリンク →

Star Blizzard

Score: 14.49
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1098.007 - Additional Local or Domain Groups
  • T1547.005 - Security Support Provider
  • T1183 - Image File Execution Options Injection
  • T1609 - Container Administration Command
  • T1565 - Data Manipulation
MITREへのリンク →

HEXANE

Score: 11.82
Matched TTPs:
  • T1099 - Timestomp
  • T1098.007 - Additional Local or Domain Groups
  • T1547.005 - Security Support Provider
  • T1183 - Image File Execution Options Injection
  • T1565 - Data Manipulation
MITREへのリンク →

APT29

Score: 22.09
Matched TTPs:
  • T1099 - Timestomp
  • T1584.008 - Network Devices
  • T1202 - Indirect Command Execution
  • T1547.011 - Plist Modification
  • T1177 - LSASS Driver
  • T1556.008 - Network Provider DLL
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Gamaredon Group

Score: 19.72
Matched TTPs:
  • T1099 - Timestomp
  • T1527 - Application Access Token
  • T1098.007 - Additional Local or Domain Groups
  • T1090 - Proxy
  • T1554 - Compromise Host Software Binary
  • T1597 - Search Closed Sources
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

TA2541

Score: 6.06
Matched TTPs:
  • T1099 - Timestomp
  • T1098.007 - Additional Local or Domain Groups
  • T1597 - Search Closed Sources
MITREへのリンク →

Mustard Tempest

Score: 4.54
Matched TTPs:
  • T1682 - Query Public AI Services
MITREへのリンク →

Dragonfly

Score: 15.26
Matched TTPs:
  • T1584.008 - Network Devices
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1055.013 - Process Doppelgänging
  • T1531 - Account Access Removal
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Threat Group-3390

Score: 4.11
Matched TTPs:
  • T1584.008 - Network Devices
  • T1098.007 - Additional Local or Domain Groups
MITREへのリンク →

Ember Bear

Score: 9.31
Matched TTPs:
  • T1584.008 - Network Devices
  • T1051 - Shared Webroot
  • T1597 - Search Closed Sources
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Storm-0501

Score: 6.23
Matched TTPs:
  • T1685.004 - Disable or Modify Linux Audit System Log
  • T1588.001 - Malware
MITREへのリンク →

Sandworm Team

Score: 16.30
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1098.007 - Additional Local or Domain Groups
  • T1016.002 - Wi-Fi Discovery
  • T1183 - Image File Execution Options Injection
  • T1562.001 - Disable or Modify Tools
  • T1565 - Data Manipulation
MITREへのリンク →

Leviathan

Score: 14.41
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1098.007 - Additional Local or Domain Groups
  • T1183 - Image File Execution Options Injection
  • T1554 - Compromise Host Software Binary
  • T1565 - Data Manipulation
MITREへのリンク →

TeamTNT

Score: 17.38
Matched TTPs:
  • T1003.007 - Proc Filesystem
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1110.003 - Password Spraying
  • T1051 - Shared Webroot
  • T1597 - Search Closed Sources
  • T1665 - Hide Infrastructure
MITREへのリンク →

OilRig

Score: 13.99
Matched TTPs:
  • T1003.007 - Proc Filesystem
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1055.013 - Process Doppelgänging
  • T1051 - Shared Webroot
  • T1556 - Modify Authentication Process
MITREへのリンク →

Storm-1811

Score: 6.06
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

APT42

Score: 3.80
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1183 - Image File Execution Options Injection
MITREへのリンク →

ZIRCONIUM

Score: 5.95
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1588.001 - Malware
  • T1027.004 - Compile After Delivery
MITREへのリンク →

RedEcho

Score: 3.92
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Lazarus Group

Score: 27.23
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1183 - Image File Execution Options Injection
  • T1547.011 - Plist Modification
  • T1588.001 - Malware
  • T1597 - Search Closed Sources
  • T1562.001 - Disable or Modify Tools
  • T1565 - Data Manipulation
  • T1055.005 - Thread Local Storage
  • T1665 - Hide Infrastructure
  • T1556 - Modify Authentication Process
MITREへのリンク →

EXOTIC LILY

Score: 6.14
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1183 - Image File Execution Options Injection
  • T1565 - Data Manipulation
MITREへのリンク →

Silent Librarian

Score: 7.24
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1183 - Image File Execution Options Injection
  • T1609 - Container Administration Command
MITREへのリンク →

APT38

Score: 10.19
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1590 - Gather Victim Network Information
  • T1597 - Search Closed Sources
MITREへのリンク →

Moonstone Sleet

Score: 6.14
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1183 - Image File Execution Options Injection
  • T1565 - Data Manipulation
MITREへのリンク →

BITTER

Score: 3.61
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1588.001 - Malware
MITREへのリンク →

CURIUM

Score: 9.77
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1183 - Image File Execution Options Injection
  • T1218.001 - Compiled HTML File
  • T1565 - Data Manipulation
MITREへのリンク →

LAPSUS$

Score: 14.06
Matched TTPs:
  • T1547.005 - Security Support Provider
  • T1609 - Container Administration Command
  • T1556.008 - Network Provider DLL
  • T1564.003 - Hidden Window
MITREへのリンク →

Carbanak

Score: 4.44
Matched TTPs:
  • T1009 - Binary Padding
  • T1588.001 - Malware
MITREへのリンク →

Salt Typhoon

Score: 8.93
Matched TTPs:
  • T1009 - Binary Padding
  • T1110.003 - Password Spraying
  • T1556 - Modify Authentication Process
MITREへのリンク →

Rocke

Score: 8.88
Matched TTPs:
  • T1009 - Binary Padding
  • T1597 - Search Closed Sources
  • T1562.001 - Disable or Modify Tools
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Medusa Group

Score: 8.77
Matched TTPs:
  • T1009 - Binary Padding
  • T1183 - Image File Execution Options Injection
  • T1597 - Search Closed Sources
  • T1565 - Data Manipulation
MITREへのリンク →

Velvet Ant

Score: 6.54
Matched TTPs:
  • T1009 - Binary Padding
  • T1597 - Search Closed Sources
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

BlackByte

Score: 8.27
Matched TTPs:
  • T1009 - Binary Padding
  • T1134.001 - Token Impersonation/Theft
  • T1597 - Search Closed Sources
MITREへのリンク →

SilverTerrier

Score: 3.29
Matched TTPs:
  • T1131 - Authentication Package
MITREへのリンク →

FIN5

Score: 5.09
Matched TTPs:
  • T1547.011 - Plist Modification
  • T1055.013 - Process Doppelgänging
MITREへのリンク →

Tonto Team

Score: 5.09
Matched TTPs:
  • T1547.011 - Plist Modification
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Deep Panda

Score: 3.29
Matched TTPs:
  • T1177 - LSASS Driver
MITREへのリンク →

Axiom

Score: 3.29
Matched TTPs:
  • T1177 - LSASS Driver
MITREへのリンク →

APT37

Score: 4.68
Matched TTPs:
  • T1055.013 - Process Doppelgänging
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Tropic Trooper

Score: 10.25
Matched TTPs:
  • T1090 - Proxy
  • T1136.003 - Cloud Account
  • T1665 - Hide Infrastructure
MITREへのリンク →

APT-C-36

Score: 4.49
Matched TTPs:
  • T1588.001 - Malware
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

DarkVishnya

Score: 6.94
Matched TTPs:
  • T1562.001 - Disable or Modify Tools
  • T1213.003 - Code Repositories
MITREへのリンク →

DarkHydrus

Score: 4.13
Matched TTPs:
  • T1531 - Account Access Removal
MITREへのリンク →

SideCopy

Score: 4.13
Matched TTPs:
  • T1584.002 - DNS Server
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.70
Matched TTPs:
  • T1213.006 - Databases
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1183 - Image File Execution Options Injection
  • T1588.001 - Malware
  • T1665 - Hide Infrastructure
  • T1597 - Search Closed Sources
  • T1546.013 - PowerShell Profile
  • T1131 - Authentication Package
  • T1027.004 - Compile After Delivery
  • T1051 - Shared Webroot
  • T1565 - Data Manipulation
  • T1003.007 - Proc Filesystem
  • T1560.001 - Archive via Utility
  • T1609 - Container Administration Command
MITREへのリンク →

Scattered Spider

Score: 0.64
Matched TTPs:
  • T1556.008 - Network Provider DLL
  • T1685.004 - Disable or Modify Linux Audit System Log
  • T1098.007 - Additional Local or Domain Groups
  • T1597 - Search Closed Sources
  • T1564.003 - Hidden Window
  • T1666 - Modify Cloud Resource Hierarchy
  • T1051 - Shared Webroot
  • T1565 - Data Manipulation
  • T1609 - Container Administration Command
  • T1083 - File and Directory Discovery
  • T1547.005 - Security Support Provider
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る