Pulse Detail-

Unskal, Saluchtra, Dexter and IeEnablerCby

概要

POS malware target retail companies in an attempt to steal customer payment details, such as credit card information. The stolen data can then be sold in underground markets. These threats can be deployed to a system by brute-forcing log in credentials on machines with weak passwords. They can also be installed by other malware, or by exploiting software vulnerabilities. Related to http://blog.trendmicro.com/trendlabs-security-intelligence/a-peek-inside-a-pos-scammers-toolbox/

Created: 2026-02-23

Indicators

類似Pulses

NitlovePOS: Another New POS Malware (score: 0.73)
Attacking a POS Supply Chain (score: 0.73)
"KUHOOK" POINT OF SALE MALWARE (score: 0.69)
AbaddonPOS: A new point of sale threat linked to Vawtrak (score: 0.67)
Targeted Crimeware in the Midst of Indiscriminate Activity (score: 0.67)

このPulseに関連する脅威アクター (事実ベース)

Ember Bear

Score: 17.74

Matched TTPs:

T1003 - OS Credential Dumping
T1195 - Supply Chain Compromise
T1036 - Masquerading
T1588.001 - Malware
T1110 - Brute Force
T1588.005 - Exploits

MITREへのリンク →

APT39

Score: 8.02

Matched TTPs:

T1003 - OS Credential Dumping
T1588.002 - Tool
T1110 - Brute Force
T1027.002 - Software Packing

MITREへのリンク →

Mustang Panda

Score: 20.21

Matched TTPs:

T1003 - OS Credential Dumping
T1587.001 - Malware
T1586.002 - Email Accounts
T1608.001 - Upload Malware
T1588.002 - Tool
T1588.003 - Code Signing Certificates
T1027.007 - Dynamic API Resolution
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

APT32

Score: 15.76

Matched TTPs:

T1003 - OS Credential Dumping
T1608.001 - Upload Malware
T1036 - Masquerading
T1588.002 - Tool
T1218.010 - Regsvr32
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
T1078.003 - Local Accounts

MITREへのリンク →

BlackByte

Score: 10.00

Matched TTPs:

T1003 - OS Credential Dumping
T1608.001 - Upload Malware
T1055.012 - Process Hollowing
T1078.002 - Domain Accounts

MITREへのリンク →

APT28

Score: 28.48

Matched TTPs:

T1003 - OS Credential Dumping
T1025 - Data from Removable Media
T1586.002 - Email Accounts
T1036 - Masquerading
T1588.002 - Tool
T1110 - Brute Force
T1039 - Data from Network Shared Drive
T1589.001 - Credentials
T1598 - Phishing for Information
T1211 - Exploitation for Defense Evasion

MITREへのリンク →

Sowbug

Score: 5.63

Matched TTPs:

T1003 - OS Credential Dumping
T1039 - Data from Network Shared Drive

MITREへのリンク →

Storm-0501

Score: 12.44

Matched TTPs:

T1003 - OS Credential Dumping
T1657 - Financial Theft
T1110 - Brute Force
T1218.010 - Regsvr32
T1027.002 - Software Packing

MITREへのリンク →

Axiom

Score: 9.50

Matched TTPs:

T1003 - OS Credential Dumping
T1584.005 - Botnet
T1566 - Phishing

MITREへのリンク →

Leviathan

Score: 11.44

Matched TTPs:

T1003 - OS Credential Dumping
T1586.002 - Email Accounts
T1218.010 - Regsvr32
T1589.001 - Credentials

MITREへのリンク →

Mustard Tempest

Score: 6.51

Matched TTPs:

T1583.008 - Malvertising
T1608.001 - Upload Malware

MITREへのリンク →

OilRig

Score: 34.09

Matched TTPs:

T1025 - Data from Removable Media
T1587.001 - Malware
T1586.002 - Email Accounts
T1608.001 - Upload Malware
T1195 - Supply Chain Compromise
T1036 - Masquerading
T1588.002 - Tool
T1110 - Brute Force
T1078.002 - Domain Accounts
T1555.004 - Windows Credential Manager
T1588.003 - Code Signing Certificates
T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Gamaredon Group

Score: 9.48

Matched TTPs:

T1025 - Data from Removable Media
T1608.001 - Upload Malware
T1588.002 - Tool
T1039 - Data from Network Shared Drive

MITREへのリンク →

Turla

Score: 20.43

Matched TTPs:

T1025 - Data from Removable Media
T1587.001 - Malware
T1588.001 - Malware
T1588.002 - Tool
T1110 - Brute Force
T1555.004 - Windows Credential Manager
T1124 - System Time Discovery
T1078.003 - Local Accounts

MITREへのリンク →

Kimsuky

Score: 38.35

Matched TTPs:

T1587.001 - Malware
T1586.002 - Email Accounts
T1608.001 - Upload Malware
T1657 - Financial Theft
T1588.002 - Tool
T1566 - Phishing
T1055.012 - Process Hollowing
T1218.010 - Regsvr32
T1598 - Phishing for Information
T1111 - Multi-Factor Authentication Interception
T1027.002 - Software Packing
T1588.003 - Code Signing Certificates
T1588.005 - Exploits
T1078.003 - Local Accounts

MITREへのリンク →

FIN13

Score: 16.04

Matched TTPs:

T1587.001 - Malware
T1036 - Masquerading
T1087 - Account Discovery
T1657 - Financial Theft
T1588.002 - Tool
T1556 - Modify Authentication Process

MITREへのリンク →

Moonstone Sleet

Score: 10.03

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1598 - Phishing for Information
T1566.003 - Spearphishing via Service

MITREへのリンク →

Indrik Spider

Score: 4.38

Matched TTPs:

T1587.001 - Malware
T1078.002 - Domain Accounts

MITREへのリンク →

Lazarus Group

Score: 18.56

Matched TTPs:

T1587.001 - Malware
T1588.002 - Tool
T1027.007 - Dynamic API Resolution
T1124 - System Time Discovery
T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
T1529 - System Shutdown/Reboot

MITREへのリンク →

Contagious Interview

Score: 14.90

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1036 - Masquerading
T1657 - Financial Theft
T1588.002 - Tool
T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

UNC3886

Score: 7.15

Matched TTPs:

T1587.001 - Malware
T1588.001 - Malware
T1124 - System Time Discovery

MITREへのリンク →

LuminousMoth

Score: 7.38

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1588.001 - Malware
T1588.002 - Tool

MITREへのリンク →

Sandworm Team

Score: 20.70

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1195 - Supply Chain Compromise
T1036 - Masquerading
T1584.005 - Botnet
T1588.002 - Tool
T1592.002 - Software
T1078.002 - Domain Accounts

MITREへのリンク →

Salt Typhoon

Score: 5.69

Matched TTPs:

T1587.001 - Malware
T1588.002 - Tool
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

APT29

Score: 21.93

Matched TTPs:

T1587.001 - Malware
T1586.002 - Email Accounts
T1588.002 - Tool
T1090.004 - Domain Fronting
T1651 - Cloud Administration Command
T1027.002 - Software Packing
T1566.003 - Spearphishing via Service
T1078.003 - Local Accounts

MITREへのリンク →

Play

Score: 10.42

Matched TTPs:

T1587.001 - Malware
T1657 - Financial Theft
T1588.002 - Tool
T1078.002 - Domain Accounts
T1078.003 - Local Accounts

MITREへのリンク →

Aoqin Dragon

Score: 7.18

Matched TTPs:

T1587.001 - Malware
T1036 - Masquerading
T1588.002 - Tool
T1027.002 - Software Packing

MITREへのリンク →

RedCurl

Score: 9.26

Matched TTPs:

T1587.001 - Malware
T1056.002 - GUI Input Capture
T1039 - Data from Network Shared Drive

MITREへのリンク →

TeamTNT

Score: 12.85

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1036 - Masquerading
T1610 - Deploy Container
T1027.002 - Software Packing

MITREへのリンク →

FIN7

Score: 14.71

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1674 - Input Injection
T1588.002 - Tool
T1124 - System Time Discovery
T1078.003 - Local Accounts

MITREへのリンク →

Magic Hound

Score: 15.61

Matched TTPs:

T1586.002 - Email Accounts
T1588.002 - Tool
T1592.002 - Software
T1589.001 - Credentials
T1078.002 - Domain Accounts
T1566.003 - Spearphishing via Service

MITREへのリンク →

HEXANE

Score: 8.01

Matched TTPs:

T1586.002 - Email Accounts
T1608.001 - Upload Malware
T1588.002 - Tool
T1110 - Brute Force

MITREへのリンク →

LAPSUS$

Score: 13.03

Matched TTPs:

T1586.002 - Email Accounts
T1588.001 - Malware
T1588.002 - Tool
T1589.001 - Credentials
T1111 - Multi-Factor Authentication Interception

MITREへのリンク →

IndigoZebra

Score: 3.52

Matched TTPs:

T1586.002 - Email Accounts
T1588.002 - Tool

MITREへのリンク →

Star Blizzard

Score: 5.49

Matched TTPs:

T1586.002 - Email Accounts
T1608.001 - Upload Malware
T1588.002 - Tool

MITREへのリンク →

TA2541

Score: 10.49

Matched TTPs:

T1608.001 - Upload Malware
T1588.001 - Malware
T1588.002 - Tool
T1055.012 - Process Hollowing
T1027.002 - Software Packing

MITREへのリンク →

Earth Lusca

Score: 5.28

Matched TTPs:

T1608.001 - Upload Malware
T1588.001 - Malware
T1588.002 - Tool

MITREへのリンク →

LazyScripter

Score: 6.62

Matched TTPs:

T1608.001 - Upload Malware
T1036 - Masquerading
T1588.001 - Malware

MITREへのリンク →

Threat Group-3390

Score: 15.31

Matched TTPs:

T1608.001 - Upload Malware
T1608.002 - Upload Tool
T1588.002 - Tool
T1055.012 - Process Hollowing
T1027.002 - Software Packing
T1588.003 - Code Signing Certificates

MITREへのリンク →

SideCopy

Score: 6.11

Matched TTPs:

T1608.001 - Upload Malware
T1614 - System Location Discovery

MITREへのリンク →

TA505

Score: 9.62

Matched TTPs:

T1608.001 - Upload Malware
T1588.001 - Malware
T1588.002 - Tool
T1078.002 - Domain Accounts
T1027.002 - Software Packing

MITREへのリンク →

Saint Bear

Score: 4.03

Matched TTPs:

T1608.001 - Upload Malware
T1027.002 - Software Packing

MITREへのリンク →

EXOTIC LILY

Score: 4.50

Matched TTPs:

T1608.001 - Upload Malware
T1566.003 - Spearphishing via Service

MITREへのリンク →

APT42

Score: 6.44

Matched TTPs:

T1608.001 - Upload Malware
T1588.002 - Tool
T1111 - Multi-Factor Authentication Interception

MITREへのリンク →

menuPass

Score: 9.22

Matched TTPs:

T1036 - Masquerading
T1588.002 - Tool
T1039 - Data from Network Shared Drive
T1055.012 - Process Hollowing

MITREへのリンク →

BRONZE BUTLER

Score: 8.66

Matched TTPs:

T1036 - Masquerading
T1588.002 - Tool
T1039 - Data from Network Shared Drive
T1124 - System Time Discovery

MITREへのリンク →

Agrius

Score: 7.00

Matched TTPs:

T1036 - Masquerading
T1110 - Brute Force
T1078.002 - Domain Accounts

MITREへのリンク →

ZIRCONIUM

Score: 10.27

Matched TTPs:

T1036 - Masquerading
T1598 - Phishing for Information
T1027.002 - Software Packing
T1124 - System Time Discovery

MITREへのリンク →

Windshift

Score: 4.71

Matched TTPs:

T1036 - Masquerading
T1566.003 - Spearphishing via Service

MITREへのリンク →

Storm-1811

Score: 5.56

Matched TTPs:

T1036 - Masquerading
T1588.002 - Tool
T1566.003 - Spearphishing via Service

MITREへのリンク →

TA551

Score: 4.93

Matched TTPs:

T1036 - Masquerading
T1218.010 - Regsvr32

MITREへのリンク →

Medusa Group

Score: 17.72

Matched TTPs:

T1608.002 - Upload Tool
T1657 - Financial Theft
T1588.002 - Tool
T1650 - Acquire Access
T1027.002 - Software Packing
T1529 - System Shutdown/Reboot

MITREへのリンク →

Aquatic Panda

Score: 9.44

Matched TTPs:

T1087 - Account Discovery
T1588.001 - Malware
T1588.002 - Tool
T1078.002 - Domain Accounts

MITREへのリンク →

Scattered Spider

Score: 13.11

Matched TTPs:

T1087 - Account Discovery
T1588.001 - Malware
T1657 - Financial Theft
T1588.002 - Tool
T1598 - Phishing for Information

MITREへのリンク →

Metador

Score: 3.31

Matched TTPs:

T1588.001 - Malware
T1588.002 - Tool

MITREへのリンク →

APT1

Score: 3.31

Matched TTPs:

T1588.001 - Malware
T1588.002 - Tool

MITREへのリンク →

Andariel

Score: 6.30

Matched TTPs:

T1588.001 - Malware
T1592.002 - Software

MITREへのリンク →

BackdoorDiplomacy

Score: 3.31

Matched TTPs:

T1588.001 - Malware
T1588.002 - Tool

MITREへのリンク →

HAFNIUM

Score: 6.29

Matched TTPs:

T1584.005 - Botnet
T1078.003 - Local Accounts

MITREへのリンク →

Volt Typhoon

Score: 15.54

Matched TTPs:

T1584.005 - Botnet
T1588.002 - Tool
T1078.002 - Domain Accounts
T1614 - System Location Discovery
T1027.002 - Software Packing
T1124 - System Time Discovery

MITREへのリンク →

INC Ransom

Score: 6.66

Matched TTPs:

T1657 - Financial Theft
T1588.002 - Tool
T1566 - Phishing

MITREへのリンク →

Cinnamon Tempest

Score: 5.66

Matched TTPs:

T1657 - Financial Theft
T1588.002 - Tool
T1078.002 - Domain Accounts

MITREへのリンク →

AppleJeus

Score: 5.81

Matched TTPs:

T1657 - Financial Theft
T1566 - Phishing

MITREへのリンク →

FIN4

Score: 4.13

Matched TTPs:

T1056.002 - GUI Input Capture

MITREへのリンク →

DarkVishnya

Score: 3.37

Matched TTPs:

T1588.002 - Tool
T1110 - Brute Force

MITREへのリンク →

Inception

Score: 3.60

Matched TTPs:

T1588.002 - Tool
T1218.010 - Regsvr32

MITREへのリンク →

BlackTech

Score: 4.00

Matched TTPs:

T1588.002 - Tool
T1588.003 - Code Signing Certificates

MITREへのリンク →

Wizard Spider

Score: 12.66

Matched TTPs:

T1588.002 - Tool
T1078.002 - Domain Accounts
T1555.004 - Windows Credential Manager
T1588.003 - Code Signing Certificates
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

APT41

Score: 5.43

Matched TTPs:

T1588.002 - Tool
T1110 - Brute Force
T1027.002 - Software Packing

MITREへのリンク →

FIN8

Score: 6.75

Matched TTPs:

T1588.002 - Tool
T1588.003 - Code Signing Certificates
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

FIN6

Score: 6.12

Matched TTPs:

T1588.002 - Tool
T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Patchwork

Score: 6.05

Matched TTPs:

T1588.002 - Tool
T1055.012 - Process Hollowing
T1027.002 - Software Packing

MITREへのリンク →

Sea Turtle

Score: 6.80

Matched TTPs:

T1588.002 - Tool
T1566 - Phishing
T1078.003 - Local Accounts

MITREへのリンク →

WIRTE

Score: 3.60

Matched TTPs:

T1588.002 - Tool
T1218.010 - Regsvr32

MITREへのリンク →

Cobalt Group

Score: 3.60

Matched TTPs:

T1588.002 - Tool
T1218.010 - Regsvr32

MITREへのリンク →

FIN5

Score: 3.37

Matched TTPs:

T1588.002 - Tool
T1110 - Brute Force

MITREへのリンク →

Thrip

Score: 3.60

Matched TTPs:

T1588.002 - Tool
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

FIN10

Score: 3.52

Matched TTPs:

T1588.002 - Tool
T1078.003 - Local Accounts

MITREへのリンク →

Dragonfly

Score: 3.37

Matched TTPs:

T1588.002 - Tool
T1110 - Brute Force

MITREへのリンク →

APT38

Score: 9.05

Matched TTPs:

T1588.002 - Tool
T1110 - Brute Force
T1027.002 - Software Packing
T1529 - System Shutdown/Reboot

MITREへのリンク →

APT33

Score: 3.60

Matched TTPs:

T1588.002 - Tool
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Gorgon Group

Score: 4.00

Matched TTPs:

T1588.002 - Tool
T1055.012 - Process Hollowing

MITREへのリンク →

Chimera

Score: 20.36

Matched TTPs:

T1588.002 - Tool
T1039 - Data from Network Shared Drive
T1589.001 - Credentials
T1078.002 - Domain Accounts
T1556.001 - Domain Controller Authentication
T1111 - Multi-Factor Authentication Interception
T1124 - System Time Discovery

MITREへのリンク →

APT19

Score: 3.60

Matched TTPs:

T1588.002 - Tool
T1218.010 - Regsvr32

MITREへのリンク →

Blue Mockingbird

Score: 3.60

Matched TTPs:

T1588.002 - Tool
T1218.010 - Regsvr32

MITREへのリンク →

GOLD SOUTHFIELD

Score: 3.29

Matched TTPs:

T1566 - Phishing

MITREへのリンク →

Fox Kitten

Score: 5.56

Matched TTPs:

T1110 - Brute Force
T1039 - Data from Network Shared Drive

MITREへのリンク →

ToddyCat

Score: 4.81

Matched TTPs:

T1078.002 - Domain Accounts
T1566.003 - Spearphishing via Service

MITREへのリンク →

APT3

Score: 4.34

Matched TTPs:

T1078.002 - Domain Accounts
T1027.002 - Software Packing

MITREへのリンク →

Stealth Falcon

Score: 3.62

Matched TTPs:

T1555.004 - Windows Credential Manager

MITREへのリンク →

The White Company

Score: 4.65

Matched TTPs:

T1027.002 - Software Packing
T1124 - System Time Discovery

MITREへのリンク →

Dark Caracal

Score: 4.58

Matched TTPs:

T1027.002 - Software Packing
T1566.003 - Spearphishing via Service

MITREへのリンク →

CURIUM

Score: 5.12

Matched TTPs:

T1124 - System Time Discovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

Velvet Ant

Score: 6.80

Matched TTPs:

T1078.003 - Local Accounts
T1211 - Exploitation for Defense Evasion

MITREへのリンク →

APT37

Score: 3.62

Matched TTPs:

T1529 - System Shutdown/Reboot

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.79

Matched TTPs:

T1588.003 - Code Signing Certificates
T1588.002 - Tool
T1588.005 - Exploits
T1111 - Multi-Factor Authentication Interception
T1598 - Phishing for Information
T1608.001 - Upload Malware
T1078.003 - Local Accounts
T1218.010 - Regsvr32
T1566 - Phishing
T1586.002 - Email Accounts
T1055.012 - Process Hollowing
T1657 - Financial Theft
T1027.002 - Software Packing
T1587.001 - Malware

MITREへのリンク →

OilRig

Score: 0.70

Matched TTPs:

T1195 - Supply Chain Compromise
T1588.002 - Tool
T1588.003 - Code Signing Certificates
T1078.002 - Domain Accounts
T1608.001 - Upload Malware
T1110 - Brute Force
T1025 - Data from Removable Media
T1036 - Masquerading
T1566.003 - Spearphishing via Service
T1586.002 - Email Accounts
T1555.004 - Windows Credential Manager
T1587.001 - Malware
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

APT28

Score: 0.61

Matched TTPs:

T1588.002 - Tool
T1003 - OS Credential Dumping
T1589.001 - Credentials
T1211 - Exploitation for Defense Evasion
T1025 - Data from Removable Media
T1036 - Masquerading
T1586.002 - Email Accounts
T1598 - Phishing for Information
T1039 - Data from Network Shared Drive
T1110 - Brute Force

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る

Unskal, Saluchtra, Dexter and IeEnablerCby

概要

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

Pulse – 脅威アクター グラフ

Pulse – 脅威アクターグラフ