Operation RussianDoll
概要
FireEye Labs recently detected a limited APT campaign exploiting zero-day vulnerabilities in Adobe Flash and a brand-new one in Microsoft Windows. Using the Dynamic Threat Intelligence Cloud (DTI), FireEye researchers detected a pattern of attacks beginning on April 13th, 2015. Adobe independently patched the vulnerability (CVE-2015-3043) in APSB15-06. Through correlation of technical indicators and command and control infrastructure, FireEye assess that APT28 is probably responsible for this activity.
Created: 2026-02-23
Indicators
類似Pulses
このPulseに関連する脅威アクター (事実ベース)
Score: 9.51
Matched TTPs:
- T1587.001 - Malware
- T1588.005 - Exploits
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 4.49
Matched TTPs:
- T1587.001 - Malware
- T1569.002 - Service Execution
MITREへのリンク →
Score: 3.59
Matched TTPs:
- T1587.001 - Malware
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 6.23
Matched TTPs:
- T1587.001 - Malware
- T1681 - Search Threat Vendor Data
MITREへのリンク →
Score: 6.74
Matched TTPs:
- T1587.001 - Malware
- T1027.005 - Indicator Removal from Tools
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 10.87
Matched TTPs:
- T1587.001 - Malware
- T1681 - Search Threat Vendor Data
- T1027.005 - Indicator Removal from Tools
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 7.43
Matched TTPs:
- T1587.001 - Malware
- T1588.006 - Vulnerabilities
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 10.36
Matched TTPs:
- T1587.001 - Malware
- T1550.003 - Pass the Ticket
- T1203 - Exploitation for Client Execution
- T1078.004 - Cloud Accounts
MITREへのリンク →
Score: 3.59
Matched TTPs:
- T1587.001 - Malware
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 5.25
Matched TTPs:
- T1587.001 - Malware
- T1027.005 - Indicator Removal from Tools
MITREへのリンク →
Score: 7.42
Matched TTPs:
- T1587.001 - Malware
- T1569.002 - Service Execution
- T1078.004 - Cloud Accounts
MITREへのリンク →
Score: 6.34
Matched TTPs:
- T1587.001 - Malware
- T1203 - Exploitation for Client Execution
- T1518 - Software Discovery
MITREへのリンク →
Score: 4.49
Matched TTPs:
- T1587.001 - Malware
- T1569.002 - Service Execution
MITREへのリンク →
Score: 6.59
Matched TTPs:
- T1588.006 - Vulnerabilities
- T1518 - Software Discovery
MITREへのリンク →
Score: 6.77
Matched TTPs:
- T1588.006 - Vulnerabilities
- T1078.004 - Cloud Accounts
MITREへのリンク →
Score: 7.74
Matched TTPs:
- T1550.003 - Pass the Ticket
- T1203 - Exploitation for Client Execution
- T1569.002 - Service Execution
MITREへのリンク →
Score: 11.37
Matched TTPs:
- T1550.003 - Pass the Ticket
- T1203 - Exploitation for Client Execution
- T1518 - Software Discovery
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 7.93
Matched TTPs:
- T1027.005 - Indicator Removal from Tools
- T1203 - Exploitation for Client Execution
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 3.15
Matched TTPs:
- T1027.005 - Indicator Removal from Tools
MITREへのリンク →
Score: 3.15
Matched TTPs:
- T1027.005 - Indicator Removal from Tools
MITREへのリンク →
Score: 4.65
Matched TTPs:
- T1027.005 - Indicator Removal from Tools
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 4.24
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1518 - Software Discovery
MITREへのリンク →
Score: 13.09
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1498 - Network Denial of Service
- T1078.004 - Cloud Accounts
- T1211 - Exploitation for Defense Evasion
MITREへのリンク →
Score: 6.03
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1001.002 - Steganography
MITREへのリンク →
Score: 4.24
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1518 - Software Discovery
MITREへのリンク →
Score: 4.24
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1518 - Software Discovery
MITREへのリンク →
Score: 7.18
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1569.002 - Service Execution
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 5.63
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1588.005 - Exploits
MITREへのリンク →
Score: 4.42
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1078.004 - Cloud Accounts
MITREへのリンク →
Score: 4.24
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1518 - Software Discovery
MITREへのリンク →
Score: 4.54
Matched TTPs:
- T1608.006 - SEO Poisoning
MITREへのリンク →
Score: 6.53
Matched TTPs:
- T1569.002 - Service Execution
- T1211 - Exploitation for Defense Evasion
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
このPulseに関連する脅威アクター (推論ベース)
Score: 0.87
Matched TTPs:
- T1078.004 - Cloud Accounts
- T1203 - Exploitation for Client Execution
- T1498 - Network Denial of Service
- T1211 - Exploitation for Defense Evasion
MITREへのリンク →
Score: 0.73
Matched TTPs:
- T1027.005 - Indicator Removal from Tools
- T1203 - Exploitation for Client Execution
- T1681 - Search Threat Vendor Data
- T1587.001 - Malware
MITREへのリンク →
Score: 0.69
Matched TTPs:
- T1518 - Software Discovery
- T1203 - Exploitation for Client Execution
- T1550.003 - Pass the Ticket
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 0.68
Matched TTPs:
- T1078.004 - Cloud Accounts
- T1203 - Exploitation for Client Execution
- T1550.003 - Pass the Ticket
- T1587.001 - Malware
MITREへのリンク →
Score: 0.60
Matched TTPs:
- T1588.005 - Exploits
- T1102.001 - Dead Drop Resolver
- T1587.001 - Malware
MITREへのリンク →
Score: 0.58
Matched TTPs:
- T1569.002 - Service Execution
- T1203 - Exploitation for Client Execution
- T1550.003 - Pass the Ticket
MITREへのリンク →
Related CVEs
Pulse – 脅威アクター グラフ
← Pulse一覧に戻る
Trusted Design