Trusted Design

Destover Sony Pictures Compromise Dropper

概要

Destructive malware used by unknown computer network exploitation (CNE) operators has been identified. This malware has the capability to overwrite a victim host's master boot record (MBR) and all data files. The overwriting of the data files will make it extremley difficult and costly, if not impossible, to recover the data using standard forensic methods. Analysis of this malware is presented to provide the computer network defense (CND) community with indicators of this malware. Imported from IOCBucket

Created: 2026-02-23

Indicators

類似Pulses

Sony Malware (score: 0.67)
A .NET malware abusing legitimate ffmpeg - Malwarebytes Labs | Malwarebytes Labs (score: 0.59)
MANITSME (FAMILY) (score: 0.59)
Net malware on Metadefender.com (score: 0.58)
20160304: TrojanDownloader:Win32/Banload (score: 0.58)

このPulseに関連する脅威アクター (事実ベース)

Sandworm Team

Score: 24.54

Matched TTPs:

T1132.001 - Standard Encoding
T1561.002 - Disk Structure Wipe
T1587.001 - Malware
T1005 - Data from Local System
T1140 - Deobfuscate/Decode Files or Information
T1608.001 - Upload Malware
T1584.005 - Botnet
T1485 - Data Destruction
T1070.004 - File Deletion
T1584.004 - Server

MITREへのリンク →

Patchwork

Score: 8.41

Matched TTPs:

T1132.001 - Standard Encoding
T1005 - Data from Local System
T1070.004 - File Deletion
T1680 - Local Storage Discovery

MITREへのリンク →

APT42

Score: 7.47

Matched TTPs:

T1132.001 - Standard Encoding
T1608.001 - Upload Malware
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

BRONZE BUTLER

Score: 17.05

Matched TTPs:

T1132.001 - Standard Encoding
T1005 - Data from Local System
T1140 - Deobfuscate/Decode Files or Information
T1550.003 - Pass the Ticket
T1039 - Data from Network Shared Drive
T1027.003 - Steganography
T1070.004 - File Deletion

MITREへのリンク →

TA551

Score: 5.78

Matched TTPs:

T1132.001 - Standard Encoding
T1027.003 - Steganography

MITREへのリンク →

Lazarus Group

Score: 32.51

Matched TTPs:

T1132.001 - Standard Encoding
T1561.002 - Disk Structure Wipe
T1587.001 - Malware
T1005 - Data from Local System
T1140 - Deobfuscate/Decode Files or Information
T1491.001 - Internal Defacement
T1485 - Data Destruction
T1070.004 - File Deletion
T1584.004 - Server
T1027.007 - Dynamic API Resolution
T1680 - Local Storage Discovery
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Tropic Trooper

Score: 14.31

Matched TTPs:

T1132.001 - Standard Encoding
T1140 - Deobfuscate/Decode Files or Information
T1573.002 - Asymmetric Cryptography
T1027.003 - Steganography
T1070.004 - File Deletion
T1680 - Local Storage Discovery

MITREへのリンク →

MuddyWater

Score: 10.09

Matched TTPs:

T1132.001 - Standard Encoding
T1140 - Deobfuscate/Decode Files or Information
T1210 - Exploitation of Remote Services
T1027.003 - Steganography

MITREへのリンク →

APT19

Score: 4.31

Matched TTPs:

T1132.001 - Standard Encoding
T1140 - Deobfuscate/Decode Files or Information

MITREへのリンク →

APT33

Score: 5.49

Matched TTPs:

T1132.001 - Standard Encoding
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

HAFNIUM

Score: 7.81

Matched TTPs:

T1132.001 - Standard Encoding
T1005 - Data from Local System
T1584.005 - Botnet

MITREへのリンク →

APT38

Score: 15.81

Matched TTPs:

T1561.002 - Disk Structure Wipe
T1005 - Data from Local System
T1140 - Deobfuscate/Decode Files or Information
T1485 - Data Destruction
T1070.004 - File Deletion
T1036.006 - Space after Filename

MITREへのリンク →

Ember Bear

Score: 13.15

Matched TTPs:

T1561.002 - Disk Structure Wipe
T1005 - Data from Local System
T1210 - Exploitation of Remote Services
T1070.004 - File Deletion
T1588.005 - Exploits

MITREへのリンク →

APT37

Score: 7.92

Matched TTPs:

T1561.002 - Disk Structure Wipe
T1005 - Data from Local System
T1027.003 - Steganography

MITREへのリンク →

OilRig

Score: 17.58

Matched TTPs:

T1025 - Data from Removable Media
T1587.001 - Malware
T1005 - Data from Local System
T1140 - Deobfuscate/Decode Files or Information
T1608.001 - Upload Malware
T1573.002 - Asymmetric Cryptography
T1070.004 - File Deletion
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Gamaredon Group

Score: 24.56

Matched TTPs:

T1025 - Data from Removable Media
T1005 - Data from Local System
T1140 - Deobfuscate/Decode Files or Information
T1608.001 - Upload Malware
T1491.001 - Internal Defacement
T1001 - Data Obfuscation
T1039 - Data from Network Shared Drive
T1070.004 - File Deletion
T1027.015 - Compression

MITREへのリンク →

APT28

Score: 18.34

Matched TTPs:

T1025 - Data from Removable Media
T1005 - Data from Local System
T1140 - Deobfuscate/Decode Files or Information
T1210 - Exploitation of Remote Services
T1039 - Data from Network Shared Drive
T1070.004 - File Deletion
T1669 - Wi-Fi Networks

MITREへのリンク →

Turla

Score: 11.56

Matched TTPs:

T1025 - Data from Removable Media
T1587.001 - Malware
T1005 - Data from Local System
T1140 - Deobfuscate/Decode Files or Information
T1584.004 - Server

MITREへのリンク →

Kimsuky

Score: 15.43

Matched TTPs:

T1587.001 - Malware
T1005 - Data from Local System
T1140 - Deobfuscate/Decode Files or Information
T1608.001 - Upload Malware
T1070.004 - File Deletion
T1680 - Local Storage Discovery
T1588.005 - Exploits

MITREへのリンク →

FIN13

Score: 5.11

Matched TTPs:

T1587.001 - Malware
T1005 - Data from Local System
T1140 - Deobfuscate/Decode Files or Information

MITREへのリンク →

Moonstone Sleet

Score: 5.64

Matched TTPs:

T1587.001 - Malware
T1140 - Deobfuscate/Decode Files or Information
T1608.001 - Upload Malware

MITREへのリンク →

Indrik Spider

Score: 4.93

Matched TTPs:

T1587.001 - Malware
T1584.004 - Server

MITREへのリンク →

Contagious Interview

Score: 12.33

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1681 - Search Threat Vendor Data
T1070.004 - File Deletion
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

UNC3886

Score: 7.61

Matched TTPs:

T1587.001 - Malware
T1681 - Search Threat Vendor Data
T1070.004 - File Deletion

MITREへのリンク →

LuminousMoth

Score: 5.52

Matched TTPs:

T1587.001 - Malware
T1005 - Data from Local System
T1608.001 - Upload Malware

MITREへのリンク →

Salt Typhoon

Score: 4.84

Matched TTPs:

T1587.001 - Malware
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

APT29

Score: 13.31

Matched TTPs:

T1587.001 - Malware
T1005 - Data from Local System
T1550.003 - Pass the Ticket
T1090.004 - Domain Fronting
T1070.004 - File Deletion

MITREへのリンク →

Play

Score: 3.48

Matched TTPs:

T1587.001 - Malware
T1070.004 - File Deletion

MITREへのリンク →

RedCurl

Score: 10.70

Matched TTPs:

T1587.001 - Malware
T1005 - Data from Local System
T1039 - Data from Network Shared Drive
T1573.002 - Asymmetric Cryptography
T1070.004 - File Deletion

MITREへのリンク →

Ke3chang

Score: 5.11

Matched TTPs:

T1587.001 - Malware
T1005 - Data from Local System
T1140 - Deobfuscate/Decode Files or Information

MITREへのリンク →

Mustang Panda

Score: 18.43

Matched TTPs:

T1587.001 - Malware
T1140 - Deobfuscate/Decode Files or Information
T1608.001 - Upload Malware
T1678 - Delay Execution
T1070.004 - File Deletion
T1027.007 - Dynamic API Resolution
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

TeamTNT

Score: 9.85

Matched TTPs:

T1587.001 - Malware
T1140 - Deobfuscate/Decode Files or Information
T1608.001 - Upload Malware
T1070.004 - File Deletion
T1680 - Local Storage Discovery

MITREへのリンク →

FIN7

Score: 9.83

Matched TTPs:

T1587.001 - Malware
T1005 - Data from Local System
T1140 - Deobfuscate/Decode Files or Information
T1608.001 - Upload Malware
T1210 - Exploitation of Remote Services

MITREへのリンク →

LAPSUS$

Score: 4.89

Matched TTPs:

T1005 - Data from Local System
T1485 - Data Destruction

MITREへのリンク →

APT39

Score: 4.40

Matched TTPs:

T1005 - Data from Local System
T1140 - Deobfuscate/Decode Files or Information
T1070.004 - File Deletion

MITREへのリンク →

Axiom

Score: 9.61

Matched TTPs:

T1005 - Data from Local System
T1584.005 - Botnet
T1001.002 - Steganography

MITREへのリンク →

ToddyCat

Score: 4.28

Matched TTPs:

T1005 - Data from Local System
T1680 - Local Storage Discovery

MITREへのリンク →

Fox Kitten

Score: 7.23

Matched TTPs:

T1005 - Data from Local System
T1210 - Exploitation of Remote Services
T1039 - Data from Network Shared Drive

MITREへのリンク →

Andariel

Score: 4.48

Matched TTPs:

T1005 - Data from Local System
T1027.003 - Steganography

MITREへのリンク →

Agrius

Score: 3.01

Matched TTPs:

T1005 - Data from Local System
T1140 - Deobfuscate/Decode Files or Information

MITREへのリンク →

FIN6

Score: 8.32

Matched TTPs:

T1005 - Data from Local System
T1573.002 - Asymmetric Cryptography
T1070.004 - File Deletion
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Dragonfly

Score: 8.41

Matched TTPs:

T1005 - Data from Local System
T1210 - Exploitation of Remote Services
T1070.004 - File Deletion
T1584.004 - Server

MITREへのリンク →

Threat Group-3390

Score: 16.80

Matched TTPs:

T1005 - Data from Local System
T1140 - Deobfuscate/Decode Files or Information
T1608.001 - Upload Malware
T1210 - Exploitation of Remote Services
T1070.005 - Network Share Connection Removal
T1070.004 - File Deletion
T1027.015 - Compression

MITREへのリンク →

Volt Typhoon

Score: 13.68

Matched TTPs:

T1005 - Data from Local System
T1140 - Deobfuscate/Decode Files or Information
T1584.005 - Botnet
T1070.004 - File Deletion
T1584.004 - Server
T1680 - Local Storage Discovery

MITREへのリンク →

menuPass

Score: 10.18

Matched TTPs:

T1005 - Data from Local System
T1140 - Deobfuscate/Decode Files or Information
T1210 - Exploitation of Remote Services
T1039 - Data from Network Shared Drive
T1070.004 - File Deletion

MITREへのリンク →

Wizard Spider

Score: 8.32

Matched TTPs:

T1005 - Data from Local System
T1210 - Exploitation of Remote Services
T1070.004 - File Deletion
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Molerats

Score: 4.72

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1027.015 - Compression

MITREへのリンク →

Earth Lusca

Score: 12.15

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1608.001 - Upload Malware
T1210 - Exploitation of Remote Services
T1027.003 - Steganography
T1584.004 - Server

MITREへのリンク →

TA505

Score: 3.54

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1608.001 - Upload Malware

MITREへのリンク →

BlackByte

Score: 8.77

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1608.001 - Upload Malware
T1491.001 - Internal Defacement
T1070.004 - File Deletion

MITREへのリンク →

Leviathan

Score: 10.59

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1027.003 - Steganography
T1584.004 - Server
T1027.015 - Compression

MITREへのリンク →

Higaisa

Score: 7.55

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1680 - Local Storage Discovery
T1027.015 - Compression

MITREへのリンク →

TA2541

Score: 7.87

Matched TTPs:

T1608.001 - Upload Malware
T1573.002 - Asymmetric Cryptography
T1027.015 - Compression

MITREへのリンク →

APT32

Score: 9.94

Matched TTPs:

T1608.001 - Upload Malware
T1550.003 - Pass the Ticket
T1070.004 - File Deletion
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Equation

Score: 8.67

Matched TTPs:

T1542.002 - Component Firmware
T1564.005 - Hidden File System

MITREへのリンク →

Sowbug

Score: 3.03

Matched TTPs:

T1039 - Data from Network Shared Drive

MITREへのリンク →

Chimera

Score: 7.25

Matched TTPs:

T1039 - Data from Network Shared Drive
T1070.004 - File Deletion
T1680 - Local Storage Discovery

MITREへのリンク →

Medusa Group

Score: 8.67

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1070.004 - File Deletion
T1218.014 - MMC

MITREへのリンク →

Cobalt Group

Score: 4.13

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1070.004 - File Deletion

MITREへのリンク →

FIN8

Score: 6.87

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1070.004 - File Deletion
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Storm-0501

Score: 3.44

Matched TTPs:

T1485 - Data Destruction

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Mofang

Score: 3.15

Matched TTPs:

T1027.015 - Compression

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Lazarus Group

Score: 0.82

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1491.001 - Internal Defacement
T1587.001 - Malware
T1485 - Data Destruction
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
T1132.001 - Standard Encoding
T1584.004 - Server
T1070.004 - File Deletion
T1005 - Data from Local System
T1027.007 - Dynamic API Resolution
T1561.002 - Disk Structure Wipe
T1680 - Local Storage Discovery

MITREへのリンク →

Sandworm Team

Score: 0.62

Matched TTPs:

T1608.001 - Upload Malware
T1140 - Deobfuscate/Decode Files or Information
T1485 - Data Destruction
T1587.001 - Malware
T1132.001 - Standard Encoding
T1584.005 - Botnet
T1584.004 - Server
T1070.004 - File Deletion
T1005 - Data from Local System
T1561.002 - Disk Structure Wipe

MITREへのリンク →

Gamaredon Group

Score: 0.60

Matched TTPs:

T1027.015 - Compression
T1608.001 - Upload Malware
T1140 - Deobfuscate/Decode Files or Information
T1491.001 - Internal Defacement
T1001 - Data Obfuscation
T1025 - Data from Removable Media
T1070.004 - File Deletion
T1005 - Data from Local System
T1039 - Data from Network Shared Drive

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る