Trusted Design

Regin

概要

Regin is a multi-purpose data collection tool which dates back several years. Symantec first began looking into this threat in the fall of 2013. Multiple versions of Regin were found in the wild, targeting several corporations, institutions, academics, and individuals. Regin has a wide range of standard capabilities, particularly around monitoring targets and stealing data. It also has the ability to load custom features tailored to individual targets. Some of Regin’s custom payloads point to a high level of specialist knowledge in particular sectors, such as telecoms infrastructure software, on the part of the developers.

Created: 2026-02-23

Indicators

類似Pulses

Regin - Further Investigations by Symantec Aug 2015 (score: 0.78)
Black Vine: Formidable cyberespionage group (score: 0.46)
Stegoloader: A Stealthy Information Stealer (score: 0.45)
Regrun malware on Metadefender.com (score: 0.44)
T9000: Advanced Modular Backdoor Uses Complex Anti-Analysis (score: 0.44)

このPulseに関連する脅威アクター (事実ベース)

Sandworm Team

Score: 5.69

Matched TTPs:

T1132.001 - Standard Encoding
T1587.001 - Malware
T1588.002 - Tool

MITREへのリンク →

Patchwork

Score: 13.44

Matched TTPs:

T1132.001 - Standard Encoding
T1112 - Modify Registry
T1588.002 - Tool
T1518.001 - Security Software Discovery
T1680 - Local Storage Discovery
T1102.001 - Dead Drop Resolver

MITREへのリンク →

APT42

Score: 7.32

Matched TTPs:

T1132.001 - Standard Encoding
T1112 - Modify Registry
T1588.002 - Tool
T1518.001 - Security Software Discovery

MITREへのリンク →

BRONZE BUTLER

Score: 9.47

Matched TTPs:

T1132.001 - Standard Encoding
T1588.002 - Tool
T1124 - System Time Discovery
T1102.001 - Dead Drop Resolver

MITREへのリンク →

TA551

Score: 5.49

Matched TTPs:

T1132.001 - Standard Encoding
T1218.010 - Regsvr32

MITREへのリンク →

Lazarus Group

Score: 18.62

Matched TTPs:

T1132.001 - Standard Encoding
T1587.001 - Malware
T1588.002 - Tool
T1012 - Query Registry
T1680 - Local Storage Discovery
T1124 - System Time Discovery
T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Tropic Trooper

Score: 7.48

Matched TTPs:

T1132.001 - Standard Encoding
T1518.001 - Security Software Discovery
T1680 - Local Storage Discovery

MITREへのリンク →

MuddyWater

Score: 5.49

Matched TTPs:

T1132.001 - Standard Encoding
T1588.002 - Tool
T1518.001 - Security Software Discovery

MITREへのリンク →

APT19

Score: 8.17

Matched TTPs:

T1132.001 - Standard Encoding
T1112 - Modify Registry
T1588.002 - Tool
T1218.010 - Regsvr32

MITREへのリンク →

APT33

Score: 6.34

Matched TTPs:

T1132.001 - Standard Encoding
T1588.002 - Tool
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

APT28

Score: 9.11

Matched TTPs:

T1110.001 - Password Guessing
T1588.002 - Tool
T1211 - Exploitation for Defense Evasion

MITREへのリンク →

APT29

Score: 9.60

Matched TTPs:

T1110.001 - Password Guessing
T1587.001 - Malware
T1588.002 - Tool
T1566.003 - Spearphishing via Service

MITREへのリンク →

Kimsuky

Score: 24.77

Matched TTPs:

T1587.001 - Malware
T1112 - Modify Registry
T1588.002 - Tool
T1218.010 - Regsvr32
T1012 - Query Registry
T1518.001 - Security Software Discovery
T1588.003 - Code Signing Certificates
T1587 - Develop Capabilities
T1680 - Local Storage Discovery
T1102.001 - Dead Drop Resolver

MITREへのリンク →

Moonstone Sleet

Score: 8.46

Matched TTPs:

T1587.001 - Malware
T1587 - Develop Capabilities
T1566.003 - Spearphishing via Service

MITREへのリンク →

Indrik Spider

Score: 6.16

Matched TTPs:

T1587.001 - Malware
T1112 - Modify Registry
T1012 - Query Registry

MITREへのリンク →

Contagious Interview

Score: 12.06

Matched TTPs:

T1587.001 - Malware
T1588.002 - Tool
T1587 - Develop Capabilities
T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

OilRig

Score: 19.97

Matched TTPs:

T1587.001 - Malware
T1112 - Modify Registry
T1588.002 - Tool
T1137.004 - Outlook Home Page
T1012 - Query Registry
T1588.003 - Code Signing Certificates
T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

UNC3886

Score: 4.69

Matched TTPs:

T1587.001 - Malware
T1124 - System Time Discovery

MITREへのリンク →

LuminousMoth

Score: 4.77

Matched TTPs:

T1587.001 - Malware
T1112 - Modify Registry
T1588.002 - Tool

MITREへのリンク →

Salt Typhoon

Score: 10.23

Matched TTPs:

T1587.001 - Malware
T1602.002 - Network Device Configuration Dump
T1588.002 - Tool
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Play

Score: 4.84

Matched TTPs:

T1587.001 - Malware
T1588.002 - Tool
T1518.001 - Security Software Discovery

MITREへのリンク →

RedCurl

Score: 6.23

Matched TTPs:

T1587.001 - Malware
T1552.002 - Credentials in Registry

MITREへのリンク →

Turla

Score: 11.50

Matched TTPs:

T1587.001 - Malware
T1112 - Modify Registry
T1588.002 - Tool
T1012 - Query Registry
T1518.001 - Security Software Discovery
T1124 - System Time Discovery

MITREへのリンク →

Mustang Panda

Score: 8.84

Matched TTPs:

T1587.001 - Malware
T1588.002 - Tool
T1588.003 - Code Signing Certificates
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

TeamTNT

Score: 6.83

Matched TTPs:

T1587.001 - Malware
T1518.001 - Security Software Discovery
T1680 - Local Storage Discovery

MITREへのリンク →

FIN7

Score: 5.54

Matched TTPs:

T1587.001 - Malware
T1588.002 - Tool
T1124 - System Time Discovery

MITREへのリンク →

APT32

Score: 14.54

Matched TTPs:

T1552.002 - Credentials in Registry
T1112 - Modify Registry
T1588.002 - Tool
T1218.010 - Regsvr32
T1012 - Query Registry
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Wizard Spider

Score: 15.01

Matched TTPs:

T1518.002 - Backup Software Discovery
T1112 - Modify Registry
T1588.002 - Tool
T1518.001 - Security Software Discovery
T1588.003 - Code Signing Certificates
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Medusa Group

Score: 8.71

Matched TTPs:

T1608.002 - Upload Tool
T1112 - Modify Registry
T1588.002 - Tool
T1518.001 - Security Software Discovery

MITREへのリンク →

Threat Group-3390

Score: 12.20

Matched TTPs:

T1608.002 - Upload Tool
T1112 - Modify Registry
T1588.002 - Tool
T1012 - Query Registry
T1588.003 - Code Signing Certificates

MITREへのリンク →

APT38

Score: 4.58

Matched TTPs:

T1112 - Modify Registry
T1588.002 - Tool
T1518.001 - Security Software Discovery

MITREへのリンク →

BlackByte

Score: 5.96

Matched TTPs:

T1112 - Modify Registry
T1012 - Query Registry
T1518.001 - Security Software Discovery

MITREへのリンク →

Lotus Blossom

Score: 4.91

Matched TTPs:

T1112 - Modify Registry
T1588.002 - Tool
T1012 - Query Registry

MITREへのリンク →

Gamaredon Group

Score: 6.81

Matched TTPs:

T1112 - Modify Registry
T1588.002 - Tool
T1012 - Query Registry
T1518.001 - Security Software Discovery

MITREへのリンク →

Aquatic Panda

Score: 4.58

Matched TTPs:

T1112 - Modify Registry
T1588.002 - Tool
T1518.001 - Security Software Discovery

MITREへのリンク →

Blue Mockingbird

Score: 5.43

Matched TTPs:

T1112 - Modify Registry
T1588.002 - Tool
T1218.010 - Regsvr32

MITREへのリンク →

Volt Typhoon

Score: 10.34

Matched TTPs:

T1112 - Modify Registry
T1588.002 - Tool
T1012 - Query Registry
T1680 - Local Storage Discovery
T1124 - System Time Discovery

MITREへのリンク →

Dragonfly

Score: 4.91

Matched TTPs:

T1112 - Modify Registry
T1588.002 - Tool
T1012 - Query Registry

MITREへのリンク →

APT41

Score: 8.20

Matched TTPs:

T1112 - Modify Registry
T1588.002 - Tool
T1012 - Query Registry
T1102.001 - Dead Drop Resolver

MITREへのリンク →

Magic Hound

Score: 5.20

Matched TTPs:

T1112 - Modify Registry
T1588.002 - Tool
T1566.003 - Spearphishing via Service

MITREへのリンク →

FIN8

Score: 10.48

Matched TTPs:

T1112 - Modify Registry
T1588.002 - Tool
T1518.001 - Security Software Discovery
T1588.003 - Code Signing Certificates
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Inception

Score: 3.60

Matched TTPs:

T1588.002 - Tool
T1218.010 - Regsvr32

MITREへのリンク →

BlackTech

Score: 4.00

Matched TTPs:

T1588.002 - Tool
T1588.003 - Code Signing Certificates

MITREへのリンク →

Storm-1811

Score: 3.37

Matched TTPs:

T1588.002 - Tool
T1566.003 - Spearphishing via Service

MITREへのリンク →

APT39

Score: 3.08

Matched TTPs:

T1588.002 - Tool
T1012 - Query Registry

MITREへのリンク →

FIN6

Score: 6.12

Matched TTPs:

T1588.002 - Tool
T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

WIRTE

Score: 3.60

Matched TTPs:

T1588.002 - Tool
T1218.010 - Regsvr32

MITREへのリンク →

Cobalt Group

Score: 5.49

Matched TTPs:

T1588.002 - Tool
T1218.010 - Regsvr32
T1518.001 - Security Software Discovery

MITREへのリンク →

Thrip

Score: 3.60

Matched TTPs:

T1588.002 - Tool
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Chimera

Score: 8.51

Matched TTPs:

T1588.002 - Tool
T1012 - Query Registry
T1680 - Local Storage Discovery
T1124 - System Time Discovery

MITREへのリンク →

Storm-0501

Score: 4.65

Matched TTPs:

T1218.010 - Regsvr32
T1518.001 - Security Software Discovery

MITREへのリンク →

ZIRCONIUM

Score: 4.83

Matched TTPs:

T1012 - Query Registry
T1124 - System Time Discovery

MITREへのリンク →

Darkhotel

Score: 4.49

Matched TTPs:

T1518.001 - Security Software Discovery
T1124 - System Time Discovery

MITREへのリンク →

Sidewinder

Score: 4.49

Matched TTPs:

T1518.001 - Security Software Discovery
T1124 - System Time Discovery

MITREへのリンク →

Windshift

Score: 4.42

Matched TTPs:

T1518.001 - Security Software Discovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

The White Company

Score: 4.49

Matched TTPs:

T1518.001 - Security Software Discovery
T1124 - System Time Discovery

MITREへのリンク →

ToddyCat

Score: 7.26

Matched TTPs:

T1518.001 - Security Software Discovery
T1680 - Local Storage Discovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

Rocke

Score: 5.18

Matched TTPs:

T1518.001 - Security Software Discovery
T1102.001 - Dead Drop Resolver

MITREへのリンク →

Higaisa

Score: 5.43

Matched TTPs:

T1680 - Local Storage Discovery
T1124 - System Time Discovery

MITREへのリンク →

CURIUM

Score: 5.12

Matched TTPs:

T1124 - System Time Discovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

PLATINUM

Score: 4.54

Matched TTPs:

T1056.004 - Credential API Hooking

MITREへのリンク →

RTM

Score: 3.29

Matched TTPs:

T1102.001 - Dead Drop Resolver

MITREへのリンク →

Velvet Ant

Score: 4.13

Matched TTPs:

T1211 - Exploitation for Defense Evasion

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.78

Matched TTPs:

T1102.001 - Dead Drop Resolver
T1680 - Local Storage Discovery
T1588.002 - Tool
T1587.001 - Malware
T1112 - Modify Registry
T1012 - Query Registry
T1587 - Develop Capabilities
T1588.003 - Code Signing Certificates
T1218.010 - Regsvr32
T1518.001 - Security Software Discovery

MITREへのリンク →

OilRig

Score: 0.65

Matched TTPs:

T1566.003 - Spearphishing via Service
T1588.002 - Tool
T1587.001 - Malware
T1112 - Modify Registry
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
T1012 - Query Registry
T1137.004 - Outlook Home Page
T1588.003 - Code Signing Certificates

MITREへのリンク →

Lazarus Group

Score: 0.63

Matched TTPs:

T1566.003 - Spearphishing via Service
T1124 - System Time Discovery
T1680 - Local Storage Discovery
T1588.002 - Tool
T1132.001 - Standard Encoding
T1587.001 - Malware
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
T1012 - Query Registry

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る