Trusted Design

Copycat hits another npm package

概要

A Shai-Hulud copycat worm has infected the npm package chalk-tempalte, appearing just five days after the original worm was open-sourced by its creators. The same threat actor also published three additional malicious npm packages containing infostealer code: @deadcode09284814/axios-util, axois-utils, and color-style-utils. These packages collectively received 2,678 weekly downloads and contain various malicious capabilities including credential theft, cryptocurrency wallet exfiltration, cloud configuration harvesting, and DDoS botnet functionality. The malware exfiltrates stolen data to remote command-and-control servers and uploads credentials to GitHub repositories. Researchers indicate the attacker operates from a home computer or local server farm and appears financially motivated, targeting victims' cryptocurrency assets while potentially offering DDoS-as-a-service capabilities.

Created: 2026-05-19

Indicators

類似Pulses

類似するPulseは見つかりませんでした。

このPulseに関連する脅威アクター (事実ベース)

Mustard Tempest

Score: 4.54
Matched TTPs:
  • T1682 - Query Public AI Services
MITREへのリンク →

GALLIUM

Score: 8.78
Matched TTPs:
  • T1584.008 - Network Devices
  • T1547.011 - Plist Modification
  • T1590.006 - Network Security Appliances
  • T1087.004 - Cloud Account
MITREへのリンク →

APT29

Score: 22.85
Matched TTPs:
  • T1584.008 - Network Devices
  • T1202 - Indirect Command Execution
  • T1547.011 - Plist Modification
  • T1177 - LSASS Driver
  • T1608.005 - Link Target
  • T1556.008 - Network Provider DLL
  • T1218.010 - Regsvr32
  • T1027.004 - Compile After Delivery
MITREへのリンク →

FIN13

Score: 11.12
Matched TTPs:
  • T1584.008 - Network Devices
  • T1547.005 - Security Support Provider
  • T1590.006 - Network Security Appliances
  • T1134.001 - Token Impersonation/Theft
MITREへのリンク →

Dragonfly

Score: 18.50
Matched TTPs:
  • T1584.008 - Network Devices
  • T1590.006 - Network Security Appliances
  • T1055.013 - Process Doppelgänging
  • T1654 - Log Enumeration
  • T1531 - Account Access Removal
  • T1218.010 - Regsvr32
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Ke3chang

Score: 21.47
Matched TTPs:
  • T1584.008 - Network Devices
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1003.007 - Proc Filesystem
  • T1590.006 - Network Security Appliances
  • T1055.013 - Process Doppelgänging
  • T1198 - SIP and Trust Provider Hijacking
  • T1090 - Proxy
  • T1087.004 - Cloud Account
MITREへのリンク →

Agrius

Score: 6.36
Matched TTPs:
  • T1584.008 - Network Devices
  • T1087.004 - Cloud Account
  • T1597 - Search Closed Sources
MITREへのリンク →

APT41

Score: 28.38
Matched TTPs:
  • T1584.008 - Network Devices
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1590.006 - Network Security Appliances
  • T1177 - LSASS Driver
  • T1048 - Exfiltration Over Alternative Protocol
  • T1208 - Kerberoasting
  • T1027 - Obfuscated Files or Information
  • T1218.010 - Regsvr32
  • T1574.009 - Path Interception by Unquoted Path
  • T1030 - Data Transfer Size Limits
MITREへのリンク →

menuPass

Score: 10.65
Matched TTPs:
  • T1584.008 - Network Devices
  • T1527 - Application Access Token
  • T1547.011 - Plist Modification
  • T1590.006 - Network Security Appliances
MITREへのリンク →

Threat Group-3390

Score: 13.13
Matched TTPs:
  • T1584.008 - Network Devices
  • T1218.003 - CMSTP
  • T1590.006 - Network Security Appliances
  • T1218.010 - Regsvr32
  • T1574.009 - Path Interception by Unquoted Path
MITREへのリンク →

Wizard Spider

Score: 20.11
Matched TTPs:
  • T1584.008 - Network Devices
  • T1183 - Image File Execution Options Injection
  • T1590.006 - Network Security Appliances
  • T1083 - File and Directory Discovery
  • T1087.004 - Cloud Account
  • T1597 - Search Closed Sources
  • T1556.009 - Conditional Access Policies
  • T1556 - Modify Authentication Process
MITREへのリンク →

Ember Bear

Score: 11.03
Matched TTPs:
  • T1584.008 - Network Devices
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1597 - Search Closed Sources
  • T1562.001 - Disable or Modify Tools
  • T1218.010 - Regsvr32
MITREへのリンク →

Chimera

Score: 12.00
Matched TTPs:
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1587.003 - Digital Certificates
  • T1003.007 - Proc Filesystem
  • T1590.006 - Network Security Appliances
  • T1087.004 - Cloud Account
MITREへのリンク →

LazyScripter

Score: 4.76
Matched TTPs:
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1608.005 - Link Target
MITREへのリンク →

Cobalt Group

Score: 11.52
Matched TTPs:
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1598.004 - Spearphishing Voice
  • T1027.014 - Polymorphic Code
  • T1218.010 - Regsvr32
MITREへのリンク →

OilRig

Score: 27.85
Matched TTPs:
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1566.001 - Spearphishing Attachment
  • T1003.007 - Proc Filesystem
  • T1117 - Regsvr32
  • T1590.006 - Network Security Appliances
  • T1055.013 - Process Doppelgänging
  • T1048 - Exfiltration Over Alternative Protocol
  • T1218.010 - Regsvr32
  • T1556.009 - Conditional Access Policies
  • T1556 - Modify Authentication Process
MITREへのリンク →

APT39

Score: 15.99
Matched TTPs:
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1566.001 - Spearphishing Attachment
  • T1547.011 - Plist Modification
  • T1055.013 - Process Doppelgänging
  • T1087.004 - Cloud Account
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Tropic Trooper

Score: 13.13
Matched TTPs:
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1590.006 - Network Security Appliances
  • T1090 - Proxy
  • T1136.003 - Cloud Account
  • T1218.010 - Regsvr32
MITREへのリンク →

FIN7

Score: 11.84
Matched TTPs:
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1055.013 - Process Doppelgänging
  • T1608.005 - Link Target
  • T1562.001 - Disable or Modify Tools
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

RedCurl

Score: 15.06
Matched TTPs:
  • T1587.003 - Digital Certificates
  • T1071.005 - Publish/Subscribe Protocols
  • T1016.002 - Wi-Fi Discovery
  • T1090 - Proxy
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Sea Turtle

Score: 4.78
Matched TTPs:
  • T1587.003 - Digital Certificates
  • T1218.010 - Regsvr32
MITREへのリンク →

APT1

Score: 9.56
Matched TTPs:
  • T1587.003 - Digital Certificates
  • T1003.007 - Proc Filesystem
  • T1183 - Image File Execution Options Injection
  • T1590.006 - Network Security Appliances
MITREへのリンク →

Magic Hound

Score: 22.14
Matched TTPs:
  • T1587.003 - Digital Certificates
  • T1016.002 - Wi-Fi Discovery
  • T1547.005 - Security Support Provider
  • T1183 - Image File Execution Options Injection
  • T1590.006 - Network Security Appliances
  • T1608.005 - Link Target
  • T1597 - Search Closed Sources
  • T1562.001 - Disable or Modify Tools
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

Winter Vivern

Score: 14.51
Matched TTPs:
  • T1587.003 - Digital Certificates
  • T1055.013 - Process Doppelgänging
  • T1090 - Proxy
  • T1087.004 - Cloud Account
  • T1218.001 - Compiled HTML File
MITREへのリンク →

Medusa Group

Score: 18.58
Matched TTPs:
  • T1036.008 - Masquerade File Type
  • T1218.003 - CMSTP
  • T1183 - Image File Execution Options Injection
  • T1590.006 - Network Security Appliances
  • T1608.005 - Link Target
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

Scattered Spider

Score: 28.58
Matched TTPs:
  • T1685.004 - Disable or Modify Linux Audit System Log
  • T1547.005 - Security Support Provider
  • T1590.006 - Network Security Appliances
  • T1609 - Container Administration Command
  • T1083 - File and Directory Discovery
  • T1087.004 - Cloud Account
  • T1556.008 - Network Provider DLL
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
  • T1030 - Data Transfer Size Limits
MITREへのリンク →

Storm-0501

Score: 13.06
Matched TTPs:
  • T1685.004 - Disable or Modify Linux Audit System Log
  • T1686.003 - Windows Host Firewall
  • T1027 - Obfuscated Files or Information
  • T1027.014 - Polymorphic Code
MITREへのリンク →

Mustang Panda

Score: 29.65
Matched TTPs:
  • T1071.005 - Publish/Subscribe Protocols
  • T1183 - Image File Execution Options Injection
  • T1590.006 - Network Security Appliances
  • T1055.013 - Process Doppelgänging
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
  • T1169 - Sudo
  • T1136.003 - Cloud Account
  • T1218.010 - Regsvr32
  • T1055.005 - Thread Local Storage
  • T1556 - Modify Authentication Process
MITREへのリンク →

Darkhotel

Score: 5.49
Matched TTPs:
  • T1071.005 - Publish/Subscribe Protocols
  • T1590.006 - Network Security Appliances
  • T1218.010 - Regsvr32
MITREへのリンク →

Lazarus Group

Score: 25.58
Matched TTPs:
  • T1071.005 - Publish/Subscribe Protocols
  • T1183 - Image File Execution Options Injection
  • T1547.011 - Plist Modification
  • T1590.006 - Network Security Appliances
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
  • T1597 - Search Closed Sources
  • T1562.001 - Disable or Modify Tools
  • T1218.010 - Regsvr32
  • T1055.005 - Thread Local Storage
  • T1556 - Modify Authentication Process
MITREへのリンク →

ZIRCONIUM

Score: 10.32
Matched TTPs:
  • T1071.005 - Publish/Subscribe Protocols
  • T1590.006 - Network Security Appliances
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Volt Typhoon

Score: 25.18
Matched TTPs:
  • T1071.005 - Publish/Subscribe Protocols
  • T1686.003 - Windows Host Firewall
  • T1003.007 - Proc Filesystem
  • T1556.002 - Password Filter DLL
  • T1547.005 - Security Support Provider
  • T1590.006 - Network Security Appliances
  • T1083 - File and Directory Discovery
  • T1584.002 - DNS Server
MITREへのリンク →

Stealth Falcon

Score: 11.93
Matched TTPs:
  • T1071.005 - Publish/Subscribe Protocols
  • T1590.006 - Network Security Appliances
  • T1055.013 - Process Doppelgänging
  • T1087.004 - Cloud Account
  • T1556.009 - Conditional Access Policies
MITREへのリンク →

MuddyWater

Score: 19.98
Matched TTPs:
  • T1071.005 - Publish/Subscribe Protocols
  • T1547.011 - Plist Modification
  • T1117 - Regsvr32
  • T1590.006 - Network Security Appliances
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
  • T1597 - Search Closed Sources
  • T1218.010 - Regsvr32
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Contagious Interview

Score: 31.46
Matched TTPs:
  • T1071.005 - Publish/Subscribe Protocols
  • T1547.005 - Security Support Provider
  • T1131 - Authentication Package
  • T1021.006 - Windows Remote Management
  • T1183 - Image File Execution Options Injection
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
  • T1597 - Search Closed Sources
  • T1562.001 - Disable or Modify Tools
  • T1030 - Data Transfer Size Limits
  • T1027.004 - Compile After Delivery
  • T1556 - Modify Authentication Process
MITREへのリンク →

Higaisa

Score: 7.46
Matched TTPs:
  • T1071.005 - Publish/Subscribe Protocols
  • T1590.006 - Network Security Appliances
  • T1087.004 - Cloud Account
  • T1218.010 - Regsvr32
MITREへのリンク →

Inception

Score: 6.76
Matched TTPs:
  • T1071.005 - Publish/Subscribe Protocols
  • T1027.014 - Polymorphic Code
  • T1218.010 - Regsvr32
MITREへのリンク →

APT33

Score: 12.78
Matched TTPs:
  • T1071.005 - Publish/Subscribe Protocols
  • T1117 - Regsvr32
  • T1562.001 - Disable or Modify Tools
  • T1218.010 - Regsvr32
  • T1556 - Modify Authentication Process
MITREへのリンク →

APT28

Score: 15.50
Matched TTPs:
  • T1071.005 - Publish/Subscribe Protocols
  • T1131 - Authentication Package
  • T1547.011 - Plist Modification
  • T1608.005 - Link Target
  • T1218.010 - Regsvr32
  • T1574.009 - Path Interception by Unquoted Path
MITREへのリンク →

BRONZE BUTLER

Score: 10.68
Matched TTPs:
  • T1071.005 - Publish/Subscribe Protocols
  • T1003.007 - Proc Filesystem
  • T1597 - Search Closed Sources
  • T1218.010 - Regsvr32
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Sandworm Team

Score: 30.47
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1686.003 - Windows Host Firewall
  • T1016.002 - Wi-Fi Discovery
  • T1183 - Image File Execution Options Injection
  • T1546.008 - Accessibility Features
  • T1087.004 - Cloud Account
  • T1562.001 - Disable or Modify Tools
  • T1027 - Obfuscated Files or Information
  • T1218.010 - Regsvr32
  • T1075 - Pass the Hash
MITREへのリンク →

Leviathan

Score: 16.76
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1183 - Image File Execution Options Injection
  • T1087.004 - Cloud Account
  • T1554 - Compromise Host Software Binary
  • T1027.014 - Polymorphic Code
  • T1218.010 - Regsvr32
MITREへのリンク →

Kimsuky

Score: 39.42
Matched TTPs:
  • T1213.006 - Databases
  • T1003.007 - Proc Filesystem
  • T1131 - Authentication Package
  • T1183 - Image File Execution Options Injection
  • T1590.006 - Network Security Appliances
  • T1546.008 - Accessibility Features
  • T1609 - Container Administration Command
  • T1608.005 - Link Target
  • T1654 - Log Enumeration
  • T1087.004 - Cloud Account
  • T1597 - Search Closed Sources
  • T1027.014 - Polymorphic Code
  • T1030 - Data Transfer Size Limits
  • T1027.004 - Compile After Delivery
MITREへのリンク →

TA505

Score: 11.60
Matched TTPs:
  • T1527 - Application Access Token
  • T1016.002 - Wi-Fi Discovery
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

Gamaredon Group

Score: 19.44
Matched TTPs:
  • T1527 - Application Access Token
  • T1090 - Proxy
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
  • T1554 - Compromise Host Software Binary
  • T1597 - Search Closed Sources
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

APT38

Score: 25.04
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1503 - Credentials from Web Browsers
  • T1590 - Gather Victim Network Information
  • T1048 - Exfiltration Over Alternative Protocol
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
  • T1493 - Transmitted Data Manipulation
MITREへのリンク →

TeamTNT

Score: 9.63
Matched TTPs:
  • T1003.007 - Proc Filesystem
  • T1110.003 - Password Spraying
  • T1590.006 - Network Security Appliances
  • T1597 - Search Closed Sources
MITREへのリンク →

Indrik Spider

Score: 8.95
Matched TTPs:
  • T1003.007 - Proc Filesystem
  • T1183 - Image File Execution Options Injection
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

Turla

Score: 20.67
Matched TTPs:
  • T1003.007 - Proc Filesystem
  • T1131 - Authentication Package
  • T1590.006 - Network Security Appliances
  • T1608.005 - Link Target
  • T1597 - Search Closed Sources
  • T1218.001 - Compiled HTML File
  • T1027.004 - Compile After Delivery
  • T1556.009 - Conditional Access Policies
MITREへのリンク →

Aquatic Panda

Score: 4.32
Matched TTPs:
  • T1003.007 - Proc Filesystem
  • T1597 - Search Closed Sources
MITREへのリンク →

Earth Lusca

Score: 15.81
Matched TTPs:
  • T1003.007 - Proc Filesystem
  • T1110.003 - Password Spraying
  • T1590.006 - Network Security Appliances
  • T1608.005 - Link Target
  • T1218.001 - Compiled HTML File
  • T1027.004 - Compile After Delivery
MITREへのリンク →

admin@338

Score: 5.49
Matched TTPs:
  • T1003.007 - Proc Filesystem
  • T1590.006 - Network Security Appliances
  • T1218.010 - Regsvr32
MITREへのリンク →

UNC3886

Score: 13.90
Matched TTPs:
  • T1556.002 - Password Filter DLL
  • T1021.006 - Windows Remote Management
  • T1597 - Search Closed Sources
  • T1218.010 - Regsvr32
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Akira

Score: 8.68
Matched TTPs:
  • T1137.005 - Outlook Rules
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

LAPSUS$

Score: 13.25
Matched TTPs:
  • T1547.005 - Security Support Provider
  • T1609 - Container Administration Command
  • T1556.008 - Network Provider DLL
  • T1030 - Data Transfer Size Limits
MITREへのリンク →

HEXANE

Score: 6.69
Matched TTPs:
  • T1547.005 - Security Support Provider
  • T1183 - Image File Execution Options Injection
  • T1590.006 - Network Security Appliances
MITREへのリンク →

APT32

Score: 23.39
Matched TTPs:
  • T1547.005 - Security Support Provider
  • T1131 - Authentication Package
  • T1590.006 - Network Security Appliances
  • T1055.013 - Process Doppelgänging
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
  • T1562.001 - Disable or Modify Tools
  • T1027.014 - Polymorphic Code
  • T1218.010 - Regsvr32
  • T1556 - Modify Authentication Process
MITREへのリンク →

Star Blizzard

Score: 8.65
Matched TTPs:
  • T1547.005 - Security Support Provider
  • T1183 - Image File Execution Options Injection
  • T1609 - Container Administration Command
MITREへのリンク →

SilverTerrier

Score: 3.29
Matched TTPs:
  • T1131 - Authentication Package
MITREへのリンク →

Moonstone Sleet

Score: 6.10
Matched TTPs:
  • T1183 - Image File Execution Options Injection
  • T1590.006 - Network Security Appliances
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

APT42

Score: 6.79
Matched TTPs:
  • T1183 - Image File Execution Options Injection
  • T1590.006 - Network Security Appliances
  • T1030 - Data Transfer Size Limits
MITREへのリンク →

CURIUM

Score: 7.88
Matched TTPs:
  • T1183 - Image File Execution Options Injection
  • T1087.004 - Cloud Account
  • T1218.001 - Compiled HTML File
MITREへのリンク →

Silent Librarian

Score: 9.57
Matched TTPs:
  • T1183 - Image File Execution Options Injection
  • T1546.008 - Accessibility Features
  • T1609 - Container Administration Command
MITREへのリンク →

EXOTIC LILY

Score: 3.78
Matched TTPs:
  • T1183 - Image File Execution Options Injection
  • T1218.010 - Regsvr32
MITREへのリンク →

FIN5

Score: 5.09
Matched TTPs:
  • T1547.011 - Plist Modification
  • T1055.013 - Process Doppelgänging
MITREへのリンク →

Tonto Team

Score: 6.58
Matched TTPs:
  • T1547.011 - Plist Modification
  • T1218.010 - Regsvr32
  • T1027.004 - Compile After Delivery
MITREへのリンク →

APT3

Score: 10.97
Matched TTPs:
  • T1547.011 - Plist Modification
  • T1590.006 - Network Security Appliances
  • T1177 - LSASS Driver
  • T1087.004 - Cloud Account
  • T1218.010 - Regsvr32
MITREへのリンク →

Silence

Score: 8.58
Matched TTPs:
  • T1547.011 - Plist Modification
  • T1048 - Exfiltration Over Alternative Protocol
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Leafminer

Score: 8.16
Matched TTPs:
  • T1117 - Regsvr32
  • T1101 - Security Support Provider
MITREへのリンク →

Salt Typhoon

Score: 6.59
Matched TTPs:
  • T1110.003 - Password Spraying
  • T1556 - Modify Authentication Process
MITREへのリンク →

Play

Score: 6.71
Matched TTPs:
  • T1590.006 - Network Security Appliances
  • T1597 - Search Closed Sources
  • T1574.009 - Path Interception by Unquoted Path
MITREへのリンク →

BlackByte

Score: 11.71
Matched TTPs:
  • T1590.006 - Network Security Appliances
  • T1134.001 - Token Impersonation/Theft
  • T1087.004 - Cloud Account
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

APT19

Score: 6.56
Matched TTPs:
  • T1590.006 - Network Security Appliances
  • T1055.013 - Process Doppelgänging
  • T1027.014 - Polymorphic Code
MITREへのリンク →

SideCopy

Score: 5.60
Matched TTPs:
  • T1590.006 - Network Security Appliances
  • T1584.002 - DNS Server
MITREへのリンク →

Sidewinder

Score: 6.25
Matched TTPs:
  • T1590.006 - Network Security Appliances
  • T1090 - Proxy
  • T1218.010 - Regsvr32
MITREへのリンク →

HAFNIUM

Score: 3.48
Matched TTPs:
  • T1590.006 - Network Security Appliances
  • T1608.005 - Link Target
MITREへのリンク →

Deep Panda

Score: 6.03
Matched TTPs:
  • T1177 - LSASS Driver
  • T1027.014 - Polymorphic Code
MITREへのリンク →

Axiom

Score: 4.78
Matched TTPs:
  • T1177 - LSASS Driver
  • T1218.010 - Regsvr32
MITREへのリンク →

Fox Kitten

Score: 5.63
Matched TTPs:
  • T1177 - LSASS Driver
  • T1055.013 - Process Doppelgänging
MITREへのリンク →

FIN6

Score: 6.88
Matched TTPs:
  • T1055.013 - Process Doppelgänging
  • T1597 - Search Closed Sources
  • T1556 - Modify Authentication Process
MITREへのリンク →

Saint Bear

Score: 10.68
Matched TTPs:
  • T1055.013 - Process Doppelgänging
  • T1608.005 - Link Target
  • T1597 - Search Closed Sources
  • T1218.010 - Regsvr32
  • T1030 - Data Transfer Size Limits
MITREへのリンク →

APT37

Score: 6.17
Matched TTPs:
  • T1055.013 - Process Doppelgänging
  • T1218.010 - Regsvr32
  • T1027.004 - Compile After Delivery
MITREへのリンク →

INC Ransom

Score: 7.76
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

Confucius

Score: 5.48
Matched TTPs:
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
  • T1218.010 - Regsvr32
MITREへのリンク →

TA2541

Score: 3.81
Matched TTPs:
  • T1608.005 - Link Target
  • T1597 - Search Closed Sources
MITREへのリンク →

LuminousMoth

Score: 5.41
Matched TTPs:
  • T1087.004 - Cloud Account
  • T1574.009 - Path Interception by Unquoted Path
MITREへのリンク →

Dark Caracal

Score: 3.44
Matched TTPs:
  • T1048 - Exfiltration Over Alternative Protocol
MITREへのリンク →

Velvet Ant

Score: 4.20
Matched TTPs:
  • T1597 - Search Closed Sources
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Rocke

Score: 6.54
Matched TTPs:
  • T1597 - Search Closed Sources
  • T1562.001 - Disable or Modify Tools
  • T1027.004 - Compile After Delivery
MITREへのリンク →

WIRTE

Score: 5.14
Matched TTPs:
  • T1562.001 - Disable or Modify Tools
  • T1027.014 - Polymorphic Code
MITREへのリンク →

DarkHydrus

Score: 4.13
Matched TTPs:
  • T1531 - Account Access Removal
MITREへのリンク →

Storm-1811

Score: 9.91
Matched TTPs:
  • T1027 - Obfuscated Files or Information
  • T1486 - Data Encrypted for Impact
  • T1030 - Data Transfer Size Limits
MITREへのリンク →

FIN8

Score: 5.09
Matched TTPs:
  • T1027 - Obfuscated Files or Information
  • T1556 - Modify Authentication Process
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.70
Matched TTPs:
  • T1183 - Image File Execution Options Injection
  • T1654 - Log Enumeration
  • T1030 - Data Transfer Size Limits
  • T1213.006 - Databases
  • T1131 - Authentication Package
  • T1597 - Search Closed Sources
  • T1027.004 - Compile After Delivery
  • T1027.014 - Polymorphic Code
  • T1546.008 - Accessibility Features
  • T1608.005 - Link Target
  • T1003.007 - Proc Filesystem
  • T1087.004 - Cloud Account
  • T1590.006 - Network Security Appliances
  • T1609 - Container Administration Command
MITREへのリンク →

Contagious Interview

Score: 0.56
Matched TTPs:
  • T1183 - Image File Execution Options Injection
  • T1030 - Data Transfer Size Limits
  • T1071.005 - Publish/Subscribe Protocols
  • T1597 - Search Closed Sources
  • T1131 - Authentication Package
  • T1027.004 - Compile After Delivery
  • T1021.006 - Windows Remote Management
  • T1547.005 - Security Support Provider
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
  • T1562.001 - Disable or Modify Tools
  • T1556 - Modify Authentication Process
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る