Pulse Detail-

CozyDuke F-Secure report

概要

The CozyDuke toolset, which we believe has been under active development since at least 2011, consists of tools for infecting targeted hosts, establishing and maintaining backdoor access to the hosts, gathering information from them and gaining further access to other hosts inside the victim organization.

Created: 2026-02-23

Indicators

類似Pulses

Ding! Your RAT has been delivered (score: 0.59)
A Look Into Fysbis: Sofacy’s Linux Backdoor (score: 0.59)
A Look Into Fysbis: Sofacy’s Linux Backdoor (score: 0.58)
HACKSFASE (FAMILY) (score: 0.57)
20160212B: Sofacy’s Linux Backdoor (score: 0.57)

このPulseに関連する脅威アクター (事実ベース)

Ember Bear

Score: 15.24

Matched TTPs:

T1491.002 - External Defacement
T1195 - Supply Chain Compromise
T1505.003 - Web Shell
T1203 - Exploitation for Client Execution
T1570 - Lateral Tool Transfer
T1046 - Network Service Discovery

MITREへのリンク →

Sandworm Team

Score: 30.78

Matched TTPs:

T1491.002 - External Defacement
T1587.001 - Malware
T1608.001 - Upload Malware
T1195 - Supply Chain Compromise
T1219 - Remote Access Tools
T1505.003 - Web Shell
T1588.002 - Tool
T1592.002 - Software
T1203 - Exploitation for Client Execution
T1570 - Lateral Tool Transfer
T1584.004 - Server
T1105 - Ingress Tool Transfer
T1003.003 - NTDS

MITREへのリンク →

Kimsuky

Score: 13.83

Matched TTPs:

T1587.001 - Malware
T1007 - System Service Discovery
T1608.001 - Upload Malware
T1505.003 - Web Shell
T1588.002 - Tool
T1105 - Ingress Tool Transfer
T1587 - Develop Capabilities

MITREへのリンク →

FIN13

Score: 9.59

Matched TTPs:

T1587.001 - Malware
T1505.003 - Web Shell
T1588.002 - Tool
T1046 - Network Service Discovery
T1105 - Ingress Tool Transfer
T1003.003 - NTDS

MITREへのリンク →

Moonstone Sleet

Score: 11.21

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1105 - Ingress Tool Transfer
T1587 - Develop Capabilities
T1566.003 - Spearphishing via Service

MITREへのリンク →

Indrik Spider

Score: 8.23

Matched TTPs:

T1587.001 - Malware
T1007 - System Service Discovery
T1584.004 - Server
T1105 - Ingress Tool Transfer

MITREへのリンク →

Lazarus Group

Score: 16.47

Matched TTPs:

T1587.001 - Malware
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1584.004 - Server
T1046 - Network Service Discovery
T1105 - Ingress Tool Transfer
T1027.007 - Dynamic API Resolution
T1566.003 - Spearphishing via Service

MITREへのリンク →

Contagious Interview

Score: 11.29

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1588.002 - Tool
T1587 - Develop Capabilities
T1566.003 - Spearphishing via Service

MITREへのリンク →

OilRig

Score: 22.20

Matched TTPs:

T1587.001 - Malware
T1007 - System Service Discovery
T1608.001 - Upload Malware
T1195 - Supply Chain Compromise
T1219 - Remote Access Tools
T1505.003 - Web Shell
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1046 - Network Service Discovery
T1105 - Ingress Tool Transfer
T1566.003 - Spearphishing via Service

MITREへのリンク →

UNC3886

Score: 5.82

Matched TTPs:

T1587.001 - Malware
T1203 - Exploitation for Client Execution
T1570 - Lateral Tool Transfer

MITREへのリンク →

LuminousMoth

Score: 5.69

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1588.002 - Tool
T1105 - Ingress Tool Transfer

MITREへのリンク →

APT29

Score: 14.04

Matched TTPs:

T1587.001 - Malware
T1505.003 - Web Shell
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1090.004 - Domain Fronting
T1105 - Ingress Tool Transfer
T1566.003 - Spearphishing via Service

MITREへのリンク →

Play

Score: 3.72

Matched TTPs:

T1587.001 - Malware
T1588.002 - Tool
T1105 - Ingress Tool Transfer

MITREへのリンク →

Aoqin Dragon

Score: 6.67

Matched TTPs:

T1587.001 - Malware
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1570 - Lateral Tool Transfer

MITREへのリンク →

RedCurl

Score: 6.89

Matched TTPs:

T1587.001 - Malware
T1039 - Data from Network Shared Drive
T1046 - Network Service Discovery

MITREへのリンク →

Moses Staff

Score: 5.49

Matched TTPs:

T1587.001 - Malware
T1505.003 - Web Shell
T1588.002 - Tool
T1105 - Ingress Tool Transfer

MITREへのリンク →

Turla

Score: 11.31

Matched TTPs:

T1587.001 - Malware
T1007 - System Service Discovery
T1588.002 - Tool
T1570 - Lateral Tool Transfer
T1584.004 - Server
T1105 - Ingress Tool Transfer

MITREへのリンク →

Ke3chang

Score: 8.59

Matched TTPs:

T1587.001 - Malware
T1007 - System Service Discovery
T1588.002 - Tool
T1105 - Ingress Tool Transfer
T1003.003 - NTDS

MITREへのリンク →

Mustang Panda

Score: 29.01

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1505.003 - Web Shell
T1176.002 - IDE Extensions
T1219.001 - IDE Tunneling
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1046 - Network Service Discovery
T1518 - Software Discovery
T1105 - Ingress Tool Transfer
T1027.007 - Dynamic API Resolution
T1003.003 - NTDS

MITREへのリンク →

TeamTNT

Score: 11.73

Matched TTPs:

T1587.001 - Malware
T1007 - System Service Discovery
T1608.001 - Upload Malware
T1219 - Remote Access Tools
T1046 - Network Service Discovery
T1105 - Ingress Tool Transfer

MITREへのリンク →

FIN7

Score: 12.82

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1219 - Remote Access Tools
T1674 - Input Injection
T1588.002 - Tool
T1105 - Ingress Tool Transfer

MITREへのリンク →

BRONZE BUTLER

Score: 11.42

Matched TTPs:

T1007 - System Service Discovery
T1588.002 - Tool
T1039 - Data from Network Shared Drive
T1203 - Exploitation for Client Execution
T1518 - Software Discovery
T1105 - Ingress Tool Transfer

MITREへのリンク →

Aquatic Panda

Score: 4.15

Matched TTPs:

T1007 - System Service Discovery
T1588.002 - Tool
T1105 - Ingress Tool Transfer

MITREへのリンク →

Chimera

Score: 13.52

Matched TTPs:

T1007 - System Service Discovery
T1588.002 - Tool
T1039 - Data from Network Shared Drive
T1570 - Lateral Tool Transfer
T1046 - Network Service Discovery
T1105 - Ingress Tool Transfer
T1003.003 - NTDS

MITREへのリンク →

Earth Lusca

Score: 8.18

Matched TTPs:

T1007 - System Service Discovery
T1608.001 - Upload Malware
T1588.002 - Tool
T1584.004 - Server

MITREへのリンク →

Volt Typhoon

Score: 21.97

Matched TTPs:

T1007 - System Service Discovery
T1505.003 - Web Shell
T1588.002 - Tool
T1570 - Lateral Tool Transfer
T1584.004 - Server
T1046 - Network Service Discovery
T1518 - Software Discovery
T1105 - Ingress Tool Transfer
T1596.005 - Scan Databases
T1003.003 - NTDS

MITREへのリンク →

admin@338

Score: 4.02

Matched TTPs:

T1007 - System Service Discovery
T1203 - Exploitation for Client Execution

MITREへのリンク →

APT1

Score: 3.37

Matched TTPs:

T1007 - System Service Discovery
T1588.002 - Tool

MITREへのリンク →

TA2541

Score: 3.60

Matched TTPs:

T1608.001 - Upload Malware
T1588.002 - Tool
T1105 - Ingress Tool Transfer

MITREへのリンク →

Gamaredon Group

Score: 6.63

Matched TTPs:

T1608.001 - Upload Malware
T1588.002 - Tool
T1039 - Data from Network Shared Drive
T1105 - Ingress Tool Transfer

MITREへのリンク →

Threat Group-3390

Score: 12.76

Matched TTPs:

T1608.001 - Upload Malware
T1608.002 - Upload Tool
T1505.003 - Web Shell
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1046 - Network Service Discovery
T1105 - Ingress Tool Transfer

MITREへのリンク →

SideCopy

Score: 5.50

Matched TTPs:

T1608.001 - Upload Malware
T1518 - Software Discovery
T1105 - Ingress Tool Transfer

MITREへのリンク →

TA505

Score: 3.60

Matched TTPs:

T1608.001 - Upload Malware
T1588.002 - Tool
T1105 - Ingress Tool Transfer

MITREへのリンク →

BlackByte

Score: 11.11

Matched TTPs:

T1608.001 - Upload Malware
T1219 - Remote Access Tools
T1505.003 - Web Shell
T1570 - Lateral Tool Transfer
T1046 - Network Service Discovery
T1105 - Ingress Tool Transfer

MITREへのリンク →

BITTER

Score: 5.09

Matched TTPs:

T1608.001 - Upload Malware
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1105 - Ingress Tool Transfer

MITREへのリンク →

APT32

Score: 10.86

Matched TTPs:

T1608.001 - Upload Malware
T1505.003 - Web Shell
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1570 - Lateral Tool Transfer
T1046 - Network Service Discovery
T1105 - Ingress Tool Transfer

MITREへのリンク →

HEXANE

Score: 6.35

Matched TTPs:

T1608.001 - Upload Malware
T1588.002 - Tool
T1518 - Software Discovery
T1105 - Ingress Tool Transfer

MITREへのリンク →

Saint Bear

Score: 3.47

Matched TTPs:

T1608.001 - Upload Malware
T1203 - Exploitation for Client Execution

MITREへのリンク →

EXOTIC LILY

Score: 5.99

Matched TTPs:

T1608.001 - Upload Malware
T1203 - Exploitation for Client Execution
T1566.003 - Spearphishing via Service

MITREへのリンク →

INC Ransom

Score: 8.22

Matched TTPs:

T1219 - Remote Access Tools
T1588.002 - Tool
T1570 - Lateral Tool Transfer
T1046 - Network Service Discovery
T1105 - Ingress Tool Transfer

MITREへのリンク →

Medusa Group

Score: 21.00

Matched TTPs:

T1219 - Remote Access Tools
T1608.002 - Upload Tool
T1505.003 - Web Shell
T1588.002 - Tool
T1570 - Lateral Tool Transfer
T1650 - Acquire Access
T1046 - Network Service Discovery
T1105 - Ingress Tool Transfer
T1003.003 - NTDS

MITREへのリンク →

DarkVishnya

Score: 5.21

Matched TTPs:

T1219 - Remote Access Tools
T1588.002 - Tool
T1046 - Network Service Discovery

MITREへのリンク →

Carbanak

Score: 3.44

Matched TTPs:

T1219 - Remote Access Tools
T1588.002 - Tool

MITREへのリンク →

MuddyWater

Score: 8.46

Matched TTPs:

T1219 - Remote Access Tools
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1518 - Software Discovery
T1105 - Ingress Tool Transfer

MITREへのリンク →

Cobalt Group

Score: 7.48

Matched TTPs:

T1219 - Remote Access Tools
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1046 - Network Service Discovery
T1105 - Ingress Tool Transfer

MITREへのリンク →

CURIUM

Score: 4.29

Matched TTPs:

T1505.003 - Web Shell
T1566.003 - Spearphishing via Service

MITREへのリンク →

Dragonfly

Score: 10.06

Matched TTPs:

T1505.003 - Web Shell
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1584.004 - Server
T1105 - Ingress Tool Transfer
T1003.003 - NTDS

MITREへのリンク →

APT28

Score: 14.80

Matched TTPs:

T1505.003 - Web Shell
T1588.002 - Tool
T1039 - Data from Network Shared Drive
T1203 - Exploitation for Client Execution
T1105 - Ingress Tool Transfer
T1003.003 - NTDS
T1669 - Wi-Fi Networks

MITREへのリンク →

BackdoorDiplomacy

Score: 5.16

Matched TTPs:

T1505.003 - Web Shell
T1588.002 - Tool
T1046 - Network Service Discovery
T1105 - Ingress Tool Transfer

MITREへのリンク →

Agrius

Score: 5.77

Matched TTPs:

T1505.003 - Web Shell
T1570 - Lateral Tool Transfer
T1046 - Network Service Discovery

MITREへのリンク →

APT39

Score: 5.16

Matched TTPs:

T1505.003 - Web Shell
T1588.002 - Tool
T1046 - Network Service Discovery
T1105 - Ingress Tool Transfer

MITREへのリンク →

Volatile Cedar

Score: 6.67

Matched TTPs:

T1505.003 - Web Shell
T1595.003 - Wordlist Scanning
T1105 - Ingress Tool Transfer

MITREへのリンク →

GALLIUM

Score: 5.63

Matched TTPs:

T1505.003 - Web Shell
T1588.002 - Tool
T1570 - Lateral Tool Transfer
T1105 - Ingress Tool Transfer

MITREへのリンク →

Tropic Trooper

Score: 8.55

Matched TTPs:

T1505.003 - Web Shell
T1203 - Exploitation for Client Execution
T1046 - Network Service Discovery
T1518 - Software Discovery
T1105 - Ingress Tool Transfer

MITREへのリンク →

HAFNIUM

Score: 4.88

Matched TTPs:

T1505.003 - Web Shell
T1105 - Ingress Tool Transfer
T1003.003 - NTDS

MITREへのリンク →

Fox Kitten

Score: 9.68

Matched TTPs:

T1505.003 - Web Shell
T1039 - Data from Network Shared Drive
T1046 - Network Service Discovery
T1105 - Ingress Tool Transfer
T1003.003 - NTDS

MITREへのリンク →

Tonto Team

Score: 4.04

Matched TTPs:

T1505.003 - Web Shell
T1203 - Exploitation for Client Execution
T1105 - Ingress Tool Transfer

MITREへのリンク →

APT38

Score: 3.39

Matched TTPs:

T1505.003 - Web Shell
T1588.002 - Tool
T1105 - Ingress Tool Transfer

MITREへのリンク →

Magic Hound

Score: 13.76

Matched TTPs:

T1505.003 - Web Shell
T1588.002 - Tool
T1592.002 - Software
T1570 - Lateral Tool Transfer
T1046 - Network Service Discovery
T1105 - Ingress Tool Transfer
T1566.003 - Spearphishing via Service

MITREへのリンク →

Leviathan

Score: 6.87

Matched TTPs:

T1505.003 - Web Shell
T1203 - Exploitation for Client Execution
T1584.004 - Server
T1105 - Ingress Tool Transfer

MITREへのリンク →

Sea Turtle

Score: 4.11

Matched TTPs:

T1505.003 - Web Shell
T1588.002 - Tool
T1203 - Exploitation for Client Execution

MITREへのリンク →

Inception

Score: 5.09

Matched TTPs:

T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1518 - Software Discovery

MITREへのリンク →

BlackTech

Score: 4.11

Matched TTPs:

T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1046 - Network Service Discovery

MITREへのリンク →

LAPSUS$

Score: 3.19

Matched TTPs:

T1588.002 - Tool
T1003.003 - NTDS

MITREへのリンク →

Wizard Spider

Score: 6.20

Matched TTPs:

T1588.002 - Tool
T1570 - Lateral Tool Transfer
T1105 - Ingress Tool Transfer
T1003.003 - NTDS

MITREへのリンク →

Storm-1811

Score: 6.38

Matched TTPs:

T1588.002 - Tool
T1570 - Lateral Tool Transfer
T1105 - Ingress Tool Transfer
T1566.003 - Spearphishing via Service

MITREへのリンク →

menuPass

Score: 8.77

Matched TTPs:

T1588.002 - Tool
T1039 - Data from Network Shared Drive
T1046 - Network Service Discovery
T1105 - Ingress Tool Transfer
T1003.003 - NTDS

MITREへのリンク →

APT41

Score: 17.73

Matched TTPs:

T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1595.003 - Wordlist Scanning
T1570 - Lateral Tool Transfer
T1046 - Network Service Discovery
T1105 - Ingress Tool Transfer
T1596.005 - Scan Databases
T1003.003 - NTDS

MITREへのリンク →

Scattered Spider

Score: 8.50

Matched TTPs:

T1588.002 - Tool
T1538 - Cloud Service Dashboard
T1105 - Ingress Tool Transfer
T1003.003 - NTDS

MITREへのリンク →

FIN6

Score: 7.48

Matched TTPs:

T1588.002 - Tool
T1046 - Network Service Discovery
T1003.003 - NTDS
T1566.003 - Spearphishing via Service

MITREへのリンク →

Patchwork

Score: 3.12

Matched TTPs:

T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1105 - Ingress Tool Transfer

MITREへのリンク →

FIN10

Score: 3.08

Matched TTPs:

T1588.002 - Tool
T1570 - Lateral Tool Transfer

MITREへのリンク →

APT33

Score: 3.12

Matched TTPs:

T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1105 - Ingress Tool Transfer

MITREへのリンク →

Sowbug

Score: 3.03

Matched TTPs:

T1039 - Data from Network Shared Drive

MITREへのリンク →

Andariel

Score: 6.12

Matched TTPs:

T1592.002 - Software
T1203 - Exploitation for Client Execution
T1105 - Ingress Tool Transfer

MITREへのリンク →

Sidewinder

Score: 5.02

Matched TTPs:

T1203 - Exploitation for Client Execution
T1518 - Software Discovery
T1105 - Ingress Tool Transfer

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Daggerfly

Score: 3.61

Matched TTPs:

T1584.004 - Server
T1105 - Ingress Tool Transfer

MITREへのリンク →

Windshift

Score: 6.05

Matched TTPs:

T1518 - Software Discovery
T1105 - Ingress Tool Transfer
T1566.003 - Spearphishing via Service

MITREへのリンク →

Ajax Security Team

Score: 3.30

Matched TTPs:

T1105 - Ingress Tool Transfer
T1566.003 - Spearphishing via Service

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Sandworm Team

Score: 0.81

Matched TTPs:

T1219 - Remote Access Tools
T1491.002 - External Defacement
T1570 - Lateral Tool Transfer
T1003.003 - NTDS
T1587.001 - Malware
T1584.004 - Server
T1592.002 - Software
T1203 - Exploitation for Client Execution
T1105 - Ingress Tool Transfer
T1588.002 - Tool
T1608.001 - Upload Malware
T1505.003 - Web Shell
T1195 - Supply Chain Compromise

MITREへのリンク →

Mustang Panda

Score: 0.75

Matched TTPs:

T1176.002 - IDE Extensions
T1046 - Network Service Discovery
T1027.007 - Dynamic API Resolution
T1219.001 - IDE Tunneling
T1518 - Software Discovery
T1587.001 - Malware
T1003.003 - NTDS
T1203 - Exploitation for Client Execution
T1105 - Ingress Tool Transfer
T1588.002 - Tool
T1505.003 - Web Shell
T1608.001 - Upload Malware

MITREへのリンク →

Medusa Group

Score: 0.62

Matched TTPs:

T1219 - Remote Access Tools
T1046 - Network Service Discovery
T1608.002 - Upload Tool
T1570 - Lateral Tool Transfer
T1003.003 - NTDS
T1105 - Ingress Tool Transfer
T1588.002 - Tool
T1505.003 - Web Shell
T1650 - Acquire Access

MITREへのリンク →

OilRig

Score: 0.60

Matched TTPs:

T1219 - Remote Access Tools
T1046 - Network Service Discovery
T1587.001 - Malware
T1195 - Supply Chain Compromise
T1203 - Exploitation for Client Execution
T1105 - Ingress Tool Transfer
T1007 - System Service Discovery
T1588.002 - Tool
T1566.003 - Spearphishing via Service
T1505.003 - Web Shell
T1608.001 - Upload Malware

MITREへのリンク →

Volt Typhoon

Score: 0.59

Matched TTPs:

T1046 - Network Service Discovery
T1570 - Lateral Tool Transfer
T1518 - Software Discovery
T1584.004 - Server
T1003.003 - NTDS
T1105 - Ingress Tool Transfer
T1007 - System Service Discovery
T1588.002 - Tool
T1596.005 - Scan Databases
T1505.003 - Web Shell

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る

CozyDuke F-Secure report

概要

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

Pulse – 脅威アクター グラフ

Pulse – 脅威アクターグラフ