Trusted Design

Popular Go Decimal Library Targeted by Long-Running Typosquat with DNS Backdoor

概要

A long-running typosquatting campaign impersonated the widely used shopspring/decimal Go library by publishing github.com/shopsprint/decimal, differing by a single character. Active since November 2017, the package remained benign through seven releases until being weaponized in August 2023 with version v1.3.3. This version introduced a malicious init() function that executes automatically on import, establishing a DNS TXT record-based command and control channel to dnslog-cdn-images.freemyip.com. The backdoor polls every five minutes and executes arbitrary commands returned via TXT records. Although the GitHub repository and owner account have been deleted, the malicious module remains permanently cached and accessible through Go's module proxy system, continuing to pose a supply chain risk to developers who mistype the package name.

Created: 2026-05-21

Indicators

類似Pulses

類似するPulseは見つかりませんでした。

このPulseに関連する脅威アクター (事実ベース)

HAFNIUM

Score: 11.14
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1099 - Timestomp
  • T1055.008 - Ptrace System Calls
  • T1490 - Inhibit System Recovery
MITREへのリンク →

menuPass

Score: 15.04
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1584.008 - Network Devices
  • T1527 - Application Access Token
  • T1098.007 - Additional Local or Domain Groups
  • T1547.011 - Plist Modification
  • T1059.001 - PowerShell
MITREへのリンク →

Wizard Spider

Score: 23.66
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1584.008 - Network Devices
  • T1543.003 - Windows Service
  • T1183 - Image File Execution Options Injection
  • T1083 - File and Directory Discovery
  • T1567.001 - Exfiltration to Code Repository
  • T1059.001 - PowerShell
  • T1597 - Search Closed Sources
  • T1001.003 - Protocol or Service Impersonation
MITREへのリンク →

APT33

Score: 9.70
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1071.005 - Publish/Subscribe Protocols
  • T1543.003 - Windows Service
  • T1567.001 - Exfiltration to Code Repository
MITREへのリンク →

Fox Kitten

Score: 13.41
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1177 - LSASS Driver
  • T1055.013 - Process Doppelgänging
  • T1059.001 - PowerShell
  • T1656 - Impersonation
MITREへのリンク →

Volt Typhoon

Score: 28.05
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1099 - Timestomp
  • T1071.005 - Publish/Subscribe Protocols
  • T1686.003 - Windows Host Firewall
  • T1003.007 - Proc Filesystem
  • T1556.002 - Password Filter DLL
  • T1547.005 - Security Support Provider
  • T1083 - File and Directory Discovery
  • T1584.002 - DNS Server
MITREへのリンク →

APT1

Score: 9.37
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1543.003 - Windows Service
  • T1003.007 - Proc Filesystem
  • T1098.007 - Additional Local or Domain Groups
  • T1183 - Image File Execution Options Injection
MITREへのリンク →

Mustang Panda

Score: 26.48
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1546.013 - PowerShell Profile
  • T1071.005 - Publish/Subscribe Protocols
  • T1543.003 - Windows Service
  • T1098.007 - Additional Local or Domain Groups
  • T1183 - Image File Execution Options Injection
  • T1055.013 - Process Doppelgänging
  • T1169 - Sudo
  • T1136.003 - Cloud Account
  • T1055.005 - Thread Local Storage
MITREへのリンク →

Play

Score: 9.50
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1597 - Search Closed Sources
  • T1574.009 - Path Interception by Unquoted Path
  • T1490 - Inhibit System Recovery
MITREへのリンク →

Chimera

Score: 4.12
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.007 - Proc Filesystem
MITREへのリンク →

Sea Turtle

Score: 5.78
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1098.007 - Additional Local or Domain Groups
  • T1490 - Inhibit System Recovery
MITREへのリンク →

APT39

Score: 13.91
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1543.003 - Windows Service
  • T1547.011 - Plist Modification
  • T1055.013 - Process Doppelgänging
  • T1001.003 - Protocol or Service Impersonation
  • T1027.004 - Compile After Delivery
MITREへのリンク →

RedCurl

Score: 14.81
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1071.005 - Publish/Subscribe Protocols
  • T1543.003 - Windows Service
  • T1016.002 - Wi-Fi Discovery
  • T1090 - Proxy
  • T1027.004 - Compile After Delivery
MITREへのリンク →

APT5

Score: 8.03
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1584.008 - Network Devices
  • T1180 - Screensaver
MITREへのリンク →

Agrius

Score: 5.98
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1584.008 - Network Devices
  • T1597 - Search Closed Sources
MITREへのリンク →

GALLIUM

Score: 6.93
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1584.008 - Network Devices
  • T1547.011 - Plist Modification
MITREへのリンク →

APT41

Score: 18.19
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1584.008 - Network Devices
  • T1071.004 - DNS
  • T1177 - LSASS Driver
  • T1574.009 - Path Interception by Unquoted Path
  • T1001.003 - Protocol or Service Impersonation
MITREへのリンク →

MuddyWater

Score: 21.01
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1546.013 - PowerShell Profile
  • T1071.005 - Publish/Subscribe Protocols
  • T1543.003 - Windows Service
  • T1547.012 - Print Processors
  • T1547.011 - Plist Modification
  • T1059.001 - PowerShell
  • T1597 - Search Closed Sources
  • T1027.004 - Compile After Delivery
MITREへのリンク →

APT28

Score: 36.96
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1071.004 - DNS
  • T1071.005 - Publish/Subscribe Protocols
  • T1098.007 - Additional Local or Domain Groups
  • T1131 - Authentication Package
  • T1547.011 - Plist Modification
  • T1059.001 - PowerShell
  • T1574.009 - Path Interception by Unquoted Path
  • T1197 - BITS Jobs
  • T1585 - Establish Accounts
  • T1200 - Hardware Additions
  • T1055.008 - Ptrace System Calls
MITREへのリンク →

Turla

Score: 20.37
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1546.013 - PowerShell Profile
  • T1099 - Timestomp
  • T1543.003 - Windows Service
  • T1003.007 - Proc Filesystem
  • T1131 - Authentication Package
  • T1597 - Search Closed Sources
  • T1027.004 - Compile After Delivery
  • T1490 - Inhibit System Recovery
MITREへのリンク →

BRONZE BUTLER

Score: 10.78
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1071.005 - Publish/Subscribe Protocols
  • T1003.007 - Proc Filesystem
  • T1597 - Search Closed Sources
  • T1027.004 - Compile After Delivery
MITREへのリンク →

UNC3886

Score: 16.34
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1556.002 - Password Filter DLL
  • T1009 - Binary Padding
  • T1021.006 - Windows Remote Management
  • T1597 - Search Closed Sources
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Kimsuky

Score: 49.35
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1546.013 - PowerShell Profile
  • T1213.006 - Databases
  • T1543.003 - Windows Service
  • T1003.007 - Proc Filesystem
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1131 - Authentication Package
  • T1183 - Image File Execution Options Injection
  • T1546.008 - Accessibility Features
  • T1609 - Container Administration Command
  • T1597 - Search Closed Sources
  • T1027.014 - Polymorphic Code
  • T1027.004 - Compile After Delivery
  • T1197 - BITS Jobs
  • T1656 - Impersonation
  • T1003.003 - NTDS
  • T1490 - Inhibit System Recovery
MITREへのリンク →

APT3

Score: 9.07
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1543.003 - Windows Service
  • T1547.011 - Plist Modification
  • T1177 - LSASS Driver
MITREへのリンク →

FIN8

Score: 5.79
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1099 - Timestomp
  • T1543.003 - Windows Service
MITREへのリンク →

Ke3chang

Score: 16.87
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1584.008 - Network Devices
  • T1003.007 - Proc Filesystem
  • T1055.013 - Process Doppelgänging
  • T1198 - SIP and Trust Provider Hijacking
  • T1090 - Proxy
MITREへのリンク →

Lotus Blossom

Score: 4.34
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1099 - Timestomp
MITREへのリンク →

FIN13

Score: 13.99
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1099 - Timestomp
  • T1584.008 - Network Devices
  • T1547.005 - Security Support Provider
  • T1134.001 - Token Impersonation/Theft
MITREへのリンク →

Earth Lusca

Score: 17.99
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1546.013 - PowerShell Profile
  • T1543.003 - Windows Service
  • T1003.007 - Proc Filesystem
  • T1098.007 - Additional Local or Domain Groups
  • T1110.003 - Password Spraying
  • T1059.001 - PowerShell
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Magic Hound

Score: 20.28
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1099 - Timestomp
  • T1543.003 - Windows Service
  • T1098.007 - Additional Local or Domain Groups
  • T1016.002 - Wi-Fi Discovery
  • T1547.005 - Security Support Provider
  • T1009 - Binary Padding
  • T1183 - Image File Execution Options Injection
  • T1597 - Search Closed Sources
MITREへのリンク →

Aquatic Panda

Score: 5.91
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.007 - Proc Filesystem
  • T1597 - Search Closed Sources
MITREへのリンク →

INC Ransom

Score: 7.01
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1083 - File and Directory Discovery
  • T1597 - Search Closed Sources
MITREへのリンク →

Akira

Score: 7.93
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1137.005 - Outlook Rules
  • T1597 - Search Closed Sources
MITREへのリンク →

ToddyCat

Score: 3.93
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1009 - Binary Padding
MITREへのリンク →

Contagious Interview

Score: 34.61
Matched TTPs:
  • T1044 - File System Permissions Weakness
  • T1546.013 - PowerShell Profile
  • T1071.005 - Publish/Subscribe Protocols
  • T1098.007 - Additional Local or Domain Groups
  • T1547.005 - Security Support Provider
  • T1131 - Authentication Package
  • T1021.006 - Windows Remote Management
  • T1183 - Image File Execution Options Injection
  • T1064 - Scripting
  • T1597 - Search Closed Sources
  • T1027.004 - Compile After Delivery
  • T1656 - Impersonation
MITREへのリンク →

Scattered Spider

Score: 28.85
Matched TTPs:
  • T1666 - Modify Cloud Resource Hierarchy
  • T1098.007 - Additional Local or Domain Groups
  • T1547.005 - Security Support Provider
  • T1609 - Container Administration Command
  • T1083 - File and Directory Discovery
  • T1556.008 - Network Provider DLL
  • T1597 - Search Closed Sources
  • T1197 - BITS Jobs
  • T1557.002 - ARP Cache Poisoning
MITREへのリンク →

FIN4

Score: 5.58
Matched TTPs:
  • T1666 - Modify Cloud Resource Hierarchy
  • T1543.003 - Windows Service
MITREへのリンク →

APT32

Score: 18.90
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1543.003 - Windows Service
  • T1098.007 - Additional Local or Domain Groups
  • T1547.005 - Security Support Provider
  • T1131 - Authentication Package
  • T1055.013 - Process Doppelgänging
  • T1027.014 - Polymorphic Code
  • T1490 - Inhibit System Recovery
MITREへのリンク →

Saint Bear

Score: 9.96
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1055.013 - Process Doppelgänging
  • T1064 - Scripting
  • T1597 - Search Closed Sources
MITREへのリンク →

FIN6

Score: 6.11
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1055.013 - Process Doppelgänging
  • T1597 - Search Closed Sources
MITREへのリンク →

Sidewinder

Score: 6.71
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1543.003 - Windows Service
  • T1090 - Proxy
MITREへのリンク →

TA577

Score: 3.42
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1543.003 - Windows Service
MITREへのリンク →

Winter Vivern

Score: 9.12
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1098.007 - Additional Local or Domain Groups
  • T1055.013 - Process Doppelgänging
  • T1090 - Proxy
MITREへのリンク →

Silence

Score: 4.72
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1547.011 - Plist Modification
MITREへのリンク →

LazyScripter

Score: 4.94
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1543.003 - Windows Service
  • T1098.007 - Additional Local or Domain Groups
MITREへのリンク →

TA505

Score: 14.20
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1527 - Application Access Token
  • T1543.003 - Windows Service
  • T1098.007 - Additional Local or Domain Groups
  • T1016.002 - Wi-Fi Discovery
  • T1597 - Search Closed Sources
MITREへのリンク →

FIN7

Score: 15.03
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1543.003 - Windows Service
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1055.013 - Process Doppelgänging
  • T1059.001 - PowerShell
  • T1490 - Inhibit System Recovery
MITREへのリンク →

Cobalt Group

Score: 10.70
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1543.003 - Windows Service
  • T1598.004 - Spearphishing Voice
  • T1027.014 - Polymorphic Code
MITREへのリンク →

Higaisa

Score: 4.50
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1071.005 - Publish/Subscribe Protocols
MITREへのリンク →

Indrik Spider

Score: 8.58
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1003.007 - Proc Filesystem
  • T1183 - Image File Execution Options Injection
  • T1597 - Search Closed Sources
MITREへのリンク →

Molerats

Score: 3.42
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1543.003 - Windows Service
MITREへのリンク →

Evilnum

Score: 3.42
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1543.003 - Windows Service
MITREへのリンク →

Star Blizzard

Score: 12.15
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1098.007 - Additional Local or Domain Groups
  • T1547.005 - Security Support Provider
  • T1183 - Image File Execution Options Injection
  • T1609 - Container Administration Command
MITREへのリンク →

HEXANE

Score: 9.48
Matched TTPs:
  • T1099 - Timestomp
  • T1098.007 - Additional Local or Domain Groups
  • T1547.005 - Security Support Provider
  • T1183 - Image File Execution Options Injection
MITREへのリンク →

APT29

Score: 29.49
Matched TTPs:
  • T1099 - Timestomp
  • T1584.008 - Network Devices
  • T1543.003 - Windows Service
  • T1202 - Indirect Command Execution
  • T1547.011 - Plist Modification
  • T1177 - LSASS Driver
  • T1036.002 - Right-to-Left Override
  • T1556.008 - Network Provider DLL
  • T1027.004 - Compile After Delivery
  • T1490 - Inhibit System Recovery
MITREへのリンク →

Gamaredon Group

Score: 27.61
Matched TTPs:
  • T1099 - Timestomp
  • T1527 - Application Access Token
  • T1547.012 - Print Processors
  • T1098.007 - Additional Local or Domain Groups
  • T1090 - Proxy
  • T1036.002 - Right-to-Left Override
  • T1554 - Compromise Host Software Binary
  • T1597 - Search Closed Sources
  • T1200 - Hardware Additions
MITREへのリンク →

TA2541

Score: 10.79
Matched TTPs:
  • T1099 - Timestomp
  • T1543.003 - Windows Service
  • T1098.007 - Additional Local or Domain Groups
  • T1036.002 - Right-to-Left Override
  • T1597 - Search Closed Sources
MITREへのリンク →

Mustard Tempest

Score: 5.98
Matched TTPs:
  • T1682 - Query Public AI Services
  • T1543.003 - Windows Service
MITREへのリンク →

Daggerfly

Score: 6.44
Matched TTPs:
  • T1584.008 - Network Devices
  • T1530 - Data from Cloud Storage
MITREへのリンク →

Dragonfly

Score: 21.16
Matched TTPs:
  • T1584.008 - Network Devices
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1055.013 - Process Doppelgänging
  • T1059.001 - PowerShell
  • T1531 - Account Access Removal
  • T1027.004 - Compile After Delivery
  • T1200 - Hardware Additions
MITREへのリンク →

Threat Group-3390

Score: 14.43
Matched TTPs:
  • T1584.008 - Network Devices
  • T1098.007 - Additional Local or Domain Groups
  • T1608.001 - Upload Malware
  • T1059.001 - PowerShell
  • T1574.009 - Path Interception by Unquoted Path
MITREへのリンク →

Ember Bear

Score: 14.71
Matched TTPs:
  • T1584.008 - Network Devices
  • T1059.001 - PowerShell
  • T1597 - Search Closed Sources
  • T1656 - Impersonation
  • T1003.003 - NTDS
MITREへのリンク →

Lazarus Group

Score: 31.31
Matched TTPs:
  • T1071.004 - DNS
  • T1071.005 - Publish/Subscribe Protocols
  • T1543.003 - Windows Service
  • T1098.007 - Additional Local or Domain Groups
  • T1608.001 - Upload Malware
  • T1009 - Binary Padding
  • T1183 - Image File Execution Options Injection
  • T1547.011 - Plist Modification
  • T1069.001 - Local Groups
  • T1597 - Search Closed Sources
  • T1055.005 - Thread Local Storage
MITREへのリンク →

Darkhotel

Score: 6.37
Matched TTPs:
  • T1071.005 - Publish/Subscribe Protocols
  • T1064 - Scripting
MITREへのリンク →

ZIRCONIUM

Score: 11.27
Matched TTPs:
  • T1071.005 - Publish/Subscribe Protocols
  • T1543.003 - Windows Service
  • T1098.007 - Additional Local or Domain Groups
  • T1027.004 - Compile After Delivery
  • T1197 - BITS Jobs
MITREへのリンク →

Stealth Falcon

Score: 4.86
Matched TTPs:
  • T1071.005 - Publish/Subscribe Protocols
  • T1055.013 - Process Doppelgänging
MITREへのリンク →

Inception

Score: 8.42
Matched TTPs:
  • T1071.005 - Publish/Subscribe Protocols
  • T1027.014 - Polymorphic Code
  • T1200 - Hardware Additions
MITREへのリンク →

Sandworm Team

Score: 20.69
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1686.003 - Windows Host Firewall
  • T1543.003 - Windows Service
  • T1098.007 - Additional Local or Domain Groups
  • T1016.002 - Wi-Fi Discovery
  • T1183 - Image File Execution Options Injection
  • T1546.008 - Accessibility Features
MITREへのリンク →

Leviathan

Score: 19.70
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1543.003 - Windows Service
  • T1098.007 - Additional Local or Domain Groups
  • T1183 - Image File Execution Options Injection
  • T1554 - Compromise Host Software Binary
  • T1027.014 - Polymorphic Code
  • T1001.003 - Protocol or Service Impersonation
MITREへのリンク →

Rocke

Score: 10.32
Matched TTPs:
  • T1180 - Screensaver
  • T1009 - Binary Padding
  • T1597 - Search Closed Sources
  • T1027.004 - Compile After Delivery
MITREへのリンク →

APT38

Score: 14.04
Matched TTPs:
  • T1180 - Screensaver
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1590 - Gather Victim Network Information
  • T1597 - Search Closed Sources
MITREへのリンク →

Storm-0501

Score: 11.13
Matched TTPs:
  • T1686.003 - Windows Host Firewall
  • T1027.014 - Polymorphic Code
  • T1158 - Hidden Files and Directories
MITREへのリンク →

LuminousMoth

Score: 4.89
Matched TTPs:
  • T1543.003 - Windows Service
  • T1574.009 - Path Interception by Unquoted Path
MITREへのリンク →

Confucius

Score: 4.60
Matched TTPs:
  • T1543.003 - Windows Service
  • T1200 - Hardware Additions
MITREへのリンク →

Machete

Score: 3.79
Matched TTPs:
  • T1543.003 - Windows Service
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Transparent Tribe

Score: 6.25
Matched TTPs:
  • T1543.003 - Windows Service
  • T1098.007 - Additional Local or Domain Groups
  • T1036.002 - Right-to-Left Override
MITREへのリンク →

EXOTIC LILY

Score: 5.25
Matched TTPs:
  • T1543.003 - Windows Service
  • T1098.007 - Additional Local or Domain Groups
  • T1183 - Image File Execution Options Injection
MITREへのリンク →

OilRig

Score: 10.17
Matched TTPs:
  • T1543.003 - Windows Service
  • T1003.007 - Proc Filesystem
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1055.013 - Process Doppelgänging
MITREへのリンク →

Storm-1811

Score: 7.50
Matched TTPs:
  • T1543.003 - Windows Service
  • T1098.007 - Additional Local or Domain Groups
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Patchwork

Score: 8.73
Matched TTPs:
  • T1543.003 - Windows Service
  • T1530 - Data from Cloud Storage
  • T1001.003 - Protocol or Service Impersonation
MITREへのリンク →

APT42

Score: 5.25
Matched TTPs:
  • T1543.003 - Windows Service
  • T1098.007 - Additional Local or Domain Groups
  • T1183 - Image File Execution Options Injection
MITREへのリンク →

Medusa Group

Score: 10.27
Matched TTPs:
  • T1547.012 - Print Processors
  • T1009 - Binary Padding
  • T1183 - Image File Execution Options Injection
  • T1597 - Search Closed Sources
MITREへのリンク →

TeamTNT

Score: 12.02
Matched TTPs:
  • T1003.007 - Proc Filesystem
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1110.003 - Password Spraying
  • T1597 - Search Closed Sources
MITREへのリンク →

PROMETHIUM

Score: 6.51
Matched TTPs:
  • T1530 - Data from Cloud Storage
  • T1490 - Inhibit System Recovery
MITREへのリンク →

RedEcho

Score: 4.80
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1036.002 - Right-to-Left Override
MITREへのリンク →

Silent Librarian

Score: 11.09
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1183 - Image File Execution Options Injection
  • T1546.008 - Accessibility Features
  • T1609 - Container Administration Command
MITREへのリンク →

Moonstone Sleet

Score: 7.24
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1183 - Image File Execution Options Injection
  • T1197 - BITS Jobs
MITREへのリンク →

BITTER

Score: 4.80
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1036.002 - Right-to-Left Override
MITREへのリンク →

CURIUM

Score: 3.80
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1183 - Image File Execution Options Injection
MITREへのリンク →

LAPSUS$

Score: 14.35
Matched TTPs:
  • T1547.005 - Security Support Provider
  • T1609 - Container Administration Command
  • T1556.008 - Network Provider DLL
  • T1557.002 - ARP Cache Poisoning
MITREへのリンク →

Salt Typhoon

Score: 6.19
Matched TTPs:
  • T1009 - Binary Padding
  • T1110.003 - Password Spraying
MITREへのリンク →

Velvet Ant

Score: 6.80
Matched TTPs:
  • T1009 - Binary Padding
  • T1597 - Search Closed Sources
  • T1490 - Inhibit System Recovery
MITREへのリンク →

BlackByte

Score: 8.27
Matched TTPs:
  • T1009 - Binary Padding
  • T1134.001 - Token Impersonation/Theft
  • T1597 - Search Closed Sources
MITREへのリンク →

SilverTerrier

Score: 3.29
Matched TTPs:
  • T1131 - Authentication Package
MITREへのリンク →

FIN5

Score: 5.09
Matched TTPs:
  • T1547.011 - Plist Modification
  • T1055.013 - Process Doppelgänging
MITREへのリンク →

Tonto Team

Score: 7.83
Matched TTPs:
  • T1547.011 - Plist Modification
  • T1059.001 - PowerShell
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Deep Panda

Score: 6.03
Matched TTPs:
  • T1177 - LSASS Driver
  • T1027.014 - Polymorphic Code
MITREへのリンク →

Axiom

Score: 3.29
Matched TTPs:
  • T1177 - LSASS Driver
MITREへのリンク →

APT19

Score: 5.09
Matched TTPs:
  • T1055.013 - Process Doppelgänging
  • T1027.014 - Polymorphic Code
MITREへのリンク →

APT37

Score: 4.68
Matched TTPs:
  • T1055.013 - Process Doppelgänging
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Tropic Trooper

Score: 13.24
Matched TTPs:
  • T1090 - Proxy
  • T1136.003 - Cloud Account
  • T1200 - Hardware Additions
  • T1490 - Inhibit System Recovery
MITREへのリンク →

DarkHydrus

Score: 7.28
Matched TTPs:
  • T1531 - Account Access Removal
  • T1200 - Hardware Additions
MITREへのリンク →

SideCopy

Score: 4.13
Matched TTPs:
  • T1584.002 - DNS Server
MITREへのリンク →

APT17

Score: 3.44
Matched TTPs:
  • T1656 - Impersonation
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.70
Matched TTPs:
  • T1597 - Search Closed Sources
  • T1197 - BITS Jobs
  • T1027.014 - Polymorphic Code
  • T1003.003 - NTDS
  • T1131 - Authentication Package
  • T1546.013 - PowerShell Profile
  • T1490 - Inhibit System Recovery
  • T1183 - Image File Execution Options Injection
  • T1027.004 - Compile After Delivery
  • T1213.006 - Databases
  • T1003.007 - Proc Filesystem
  • T1543.003 - Windows Service
  • T1546.008 - Accessibility Features
  • T1560.001 - Archive via Utility
  • T1656 - Impersonation
  • T1009 - Binary Padding
  • T1098.007 - Additional Local or Domain Groups
  • T1609 - Container Administration Command
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る