Pulse Detail-

Trojanized PuTTY Software

概要

In late 2013–early 2014, a compromised FTP client dubbed “StealZilla,” based off the open source FileZilla FTP client was discovered. The attackers modified a few lines of code, recompiled the program, and disbursed the trojanized version on compromised web servers. This new attack appears to involve the same actors who reused the same techniques to alter the source code of the widely used open source Telnet/SSH client, PuTTY, and used their network of compromised web servers to serve up similar fake Putty download pages. This new campaign is like the StealZilla campaign in almost every way. This trojanized version of PuTTY harvests credentials and relays the information back to a collection server in the same way too. The operation is very quick and quiet. Login details are sent to attackers using an HTTP GET connection ONLY once.

Created: 2026-02-23

Indicators

類似Pulses

Multi-stage exploit installing trojan (score: 0.63)
Ramnit – in-depth analysis (score: 0.59)
Neutralizing Remote Access Trojan Efficacy (score: 0.57)
New Trojan for Linux infects routers (score: 0.56)
Updated Blackmoon banking Trojan (score: 0.55)

このPulseに関連する脅威アクター (事実ベース)

APT41

Score: 11.41

Matched TTPs:

T1560.003 - Archive via Custom Method
T1041 - Exfiltration Over C2 Channel
T1218.010 - Regsvr32
T1566.004 - Spearphishing Voice
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Scattered Spider

Score: 15.15

Matched TTPs:

T1560.003 - Archive via Custom Method
T1566.002 - Spearphishing Link
T1552.003 - Shell History
T1619 - Cloud Storage Object Discovery
T1087.004 - Cloud Account
T1547.013 - XDG Autostart Entries

MITREへのリンク →

TA505

Score: 6.82

Matched TTPs:

T1560.003 - Archive via Custom Method
T1087.002 - Domain Account
T1091 - Replication Through Removable Media
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Volt Typhoon

Score: 13.67

Matched TTPs:

T1560.003 - Archive via Custom Method
T1567 - Exfiltration Over Web Service
T1566.004 - Spearphishing Voice
T1546.016 - Installer Packages
T1547.013 - XDG Autostart Entries

MITREへのリンク →

APT3

Score: 7.53

Matched TTPs:

T1560.003 - Archive via Custom Method
T1087.004 - Cloud Account
T1218.010 - Regsvr32
T1547.013 - XDG Autostart Entries

MITREへのリンク →

FIN13

Score: 6.59

Matched TTPs:

T1560.003 - Archive via Custom Method
T1552.003 - Shell History
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Malteiro

Score: 3.31

Matched TTPs:

T1087.002 - Domain Account
T1552.003 - Shell History

MITREへのリンク →

APT12

Score: 4.68

Matched TTPs:

T1087.002 - Domain Account
T1547.002 - Authentication Package
T1218.010 - Regsvr32

MITREへのリンク →

Kimsuky

Score: 24.34

Matched TTPs:

T1087.002 - Domain Account
T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1552.003 - Shell History
T1608.005 - Link Target
T1087.004 - Cloud Account
T1041 - Exfiltration Over C2 Channel
T1547.002 - Authentication Package
T1547.013 - XDG Autostart Entries
T1526 - Cloud Service Discovery
T1490 - Inhibit System Recovery

MITREへのリンク →

Elderwood

Score: 4.82

Matched TTPs:

T1087.002 - Domain Account
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Transparent Tribe

Score: 4.05

Matched TTPs:

T1087.002 - Domain Account
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

Dragonfly

Score: 13.74

Matched TTPs:

T1087.002 - Domain Account
T1566.002 - Spearphishing Link
T1041 - Exfiltration Over C2 Channel
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1546.016 - Installer Packages
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Contagious Interview

Score: 22.19

Matched TTPs:

T1087.002 - Domain Account
T1091 - Replication Through Removable Media
T1552.003 - Shell History
T1562.010 - Downgrade Attack
T1608.005 - Link Target
T1087.004 - Cloud Account
T1651 - Cloud Administration Command
T1221 - Template Injection

MITREへのリンク →

Aoqin Dragon

Score: 4.52

Matched TTPs:

T1087.002 - Domain Account
T1218.010 - Regsvr32
T1566.004 - Spearphishing Voice

MITREへのリンク →

CURIUM

Score: 10.61

Matched TTPs:

T1087.002 - Domain Account
T1566.002 - Spearphishing Link
T1087.004 - Cloud Account
T1218.001 - Compiled HTML File
T1059.012 - Hypervisor CLI

MITREへのリンク →

Tropic Trooper

Score: 5.72

Matched TTPs:

T1087.002 - Domain Account
T1218.010 - Regsvr32
T1547.013 - XDG Autostart Entries
T1490 - Inhibit System Recovery

MITREへのリンク →

PLATINUM

Score: 3.33

Matched TTPs:

T1087.002 - Domain Account
T1059.012 - Hypervisor CLI
T1547.013 - XDG Autostart Entries

MITREへのリンク →

HEXANE

Score: 5.94

Matched TTPs:

T1087.002 - Domain Account
T1091 - Replication Through Removable Media
T1547.002 - Authentication Package
T1547.013 - XDG Autostart Entries

MITREへのリンク →

FIN8

Score: 4.72

Matched TTPs:

T1087.002 - Domain Account
T1547.013 - XDG Autostart Entries
T1526 - Cloud Service Discovery

MITREへのリンク →

Threat Group-3390

Score: 13.10

Matched TTPs:

T1087.002 - Domain Account
T1091 - Replication Through Removable Media
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1547.013 - XDG Autostart Entries
T1526 - Cloud Service Discovery
T1546.017 - Udev Rules

MITREへのリンク →

BITTER

Score: 5.03

Matched TTPs:

T1087.002 - Domain Account
T1091 - Replication Through Removable Media
T1218.010 - Regsvr32
T1547.013 - XDG Autostart Entries

MITREへのリンク →

APT37

Score: 7.22

Matched TTPs:

T1087.002 - Domain Account
T1547.002 - Authentication Package
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1547.013 - XDG Autostart Entries

MITREへのリンク →

LazyScripter

Score: 5.55

Matched TTPs:

T1087.002 - Domain Account
T1091 - Replication Through Removable Media
T1608.005 - Link Target
T1547.013 - XDG Autostart Entries

MITREへのリンク →

PROMETHIUM

Score: 9.35

Matched TTPs:

T1087.002 - Domain Account
T1547.015 - Login Items
T1059.012 - Hypervisor CLI
T1490 - Inhibit System Recovery

MITREへのリンク →

APT39

Score: 5.94

Matched TTPs:

T1087.002 - Domain Account
T1087.004 - Cloud Account
T1547.002 - Authentication Package
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Star Blizzard

Score: 5.22

Matched TTPs:

T1087.002 - Domain Account
T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media

MITREへのリンク →

Higaisa

Score: 7.41

Matched TTPs:

T1087.002 - Domain Account
T1087.004 - Cloud Account
T1218.010 - Regsvr32
T1546.017 - Udev Rules

MITREへのリンク →

Wizard Spider

Score: 12.55

Matched TTPs:

T1087.002 - Domain Account
T1087.004 - Cloud Account
T1566.004 - Spearphishing Voice
T1556.009 - Conditional Access Policies
T1547.013 - XDG Autostart Entries
T1526 - Cloud Service Discovery

MITREへのリンク →

OilRig

Score: 16.34

Matched TTPs:

T1087.002 - Domain Account
T1091 - Replication Through Removable Media
T1218.010 - Regsvr32
T1592.002 - Software
T1556.009 - Conditional Access Policies
T1547.013 - XDG Autostart Entries
T1526 - Cloud Service Discovery

MITREへのリンク →

Sandworm Team

Score: 16.93

Matched TTPs:

T1087.002 - Domain Account
T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1087.004 - Cloud Account
T1547.002 - Authentication Package
T1218.010 - Regsvr32
T1566.004 - Spearphishing Voice
T1546.016 - Installer Packages
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Magic Hound

Score: 12.43

Matched TTPs:

T1087.002 - Domain Account
T1566.002 - Spearphishing Link
T1608.005 - Link Target
T1547.002 - Authentication Package
T1566.004 - Spearphishing Voice
T1059.012 - Hypervisor CLI
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Cobalt Group

Score: 3.06

Matched TTPs:

T1087.002 - Domain Account
T1218.010 - Regsvr32
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Storm-1811

Score: 3.80

Matched TTPs:

T1087.002 - Domain Account
T1566.004 - Spearphishing Voice
T1547.013 - XDG Autostart Entries

MITREへのリンク →

EXOTIC LILY

Score: 4.25

Matched TTPs:

T1087.002 - Domain Account
T1091 - Replication Through Removable Media
T1218.010 - Regsvr32

MITREへのリンク →

Saint Bear

Score: 6.27

Matched TTPs:

T1087.002 - Domain Account
T1091 - Replication Through Removable Media
T1608.005 - Link Target
T1218.010 - Regsvr32

MITREへのリンク →

Lazarus Group

Score: 14.04

Matched TTPs:

T1087.002 - Domain Account
T1608.005 - Link Target
T1087.004 - Cloud Account
T1547.002 - Authentication Package
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1546.016 - Installer Packages
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Patchwork

Score: 7.28

Matched TTPs:

T1087.002 - Domain Account
T1566.002 - Spearphishing Link
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1547.013 - XDG Autostart Entries

MITREへのリンク →

FIN7

Score: 10.61

Matched TTPs:

T1087.002 - Domain Account
T1091 - Replication Through Removable Media
T1608.005 - Link Target
T1547.002 - Authentication Package
T1547.013 - XDG Autostart Entries
T1490 - Inhibit System Recovery

MITREへのリンク →

Moonstone Sleet

Score: 6.00

Matched TTPs:

T1087.002 - Domain Account
T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1547.013 - XDG Autostart Entries

MITREへのリンク →

APT28

Score: 20.36

Matched TTPs:

T1087.002 - Domain Account
T1566.002 - Spearphishing Link
T1608.005 - Link Target
T1547.002 - Authentication Package
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1547.013 - XDG Autostart Entries
T1546.007 - Netsh Helper DLL
T1566.003 - Spearphishing via Service

MITREへのリンク →

TA2541

Score: 8.70

Matched TTPs:

T1087.002 - Domain Account
T1091 - Replication Through Removable Media
T1608.005 - Link Target
T1547.013 - XDG Autostart Entries
T1546.017 - Udev Rules

MITREへのリンク →

Earth Lusca

Score: 12.99

Matched TTPs:

T1087.002 - Domain Account
T1091 - Replication Through Removable Media
T1608.005 - Link Target
T1218.001 - Compiled HTML File
T1059.012 - Hypervisor CLI
T1546.016 - Installer Packages

MITREへのリンク →

SideCopy

Score: 3.54

Matched TTPs:

T1087.002 - Domain Account
T1091 - Replication Through Removable Media
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Mofang

Score: 3.94

Matched TTPs:

T1087.002 - Domain Account
T1546.017 - Udev Rules

MITREへのリンク →

Leviathan

Score: 16.91

Matched TTPs:

T1087.002 - Domain Account
T1087.004 - Cloud Account
T1554 - Compromise Host Software Binary
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1546.016 - Installer Packages
T1547.013 - XDG Autostart Entries
T1546.017 - Udev Rules

MITREへのリンク →

Tonto Team

Score: 3.06

Matched TTPs:

T1087.002 - Domain Account
T1218.010 - Regsvr32
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Andariel

Score: 4.82

Matched TTPs:

T1087.002 - Domain Account
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1547.013 - XDG Autostart Entries

MITREへのリンク →

BRONZE BUTLER

Score: 8.67

Matched TTPs:

T1087.002 - Domain Account
T1592.004 - Client Configurations
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1547.013 - XDG Autostart Entries

MITREへのリンク →

APT38

Score: 3.33

Matched TTPs:

T1087.002 - Domain Account
T1059.012 - Hypervisor CLI
T1547.013 - XDG Autostart Entries

MITREへのリンク →

MuddyWater

Score: 9.44

Matched TTPs:

T1087.002 - Domain Account
T1608.005 - Link Target
T1087.004 - Cloud Account
T1547.002 - Authentication Package
T1218.010 - Regsvr32
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Mustang Panda

Score: 14.63

Matched TTPs:

T1087.002 - Domain Account
T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1608.005 - Link Target
T1087.004 - Cloud Account
T1218.010 - Regsvr32
T1547.013 - XDG Autostart Entries
T1526 - Cloud Service Discovery

MITREへのリンク →

Molerats

Score: 4.72

Matched TTPs:

T1087.002 - Domain Account
T1547.013 - XDG Autostart Entries
T1546.017 - Udev Rules

MITREへのリンク →

Gamaredon Group

Score: 21.05

Matched TTPs:

T1087.002 - Domain Account
T1091 - Replication Through Removable Media
T1562.010 - Downgrade Attack
T1608.005 - Link Target
T1087.004 - Cloud Account
T1554 - Compromise Host Software Binary
T1547.002 - Authentication Package
T1547.013 - XDG Autostart Entries
T1546.017 - Udev Rules

MITREへのリンク →

Darkhotel

Score: 4.82

Matched TTPs:

T1087.002 - Domain Account
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1547.013 - XDG Autostart Entries

MITREへのリンク →

APT32

Score: 21.99

Matched TTPs:

T1087.002 - Domain Account
T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1592.004 - Client Configurations
T1608.005 - Link Target
T1087.004 - Cloud Account
T1218.010 - Regsvr32
T1566.004 - Spearphishing Voice
T1059.012 - Hypervisor CLI
T1547.013 - XDG Autostart Entries
T1490 - Inhibit System Recovery

MITREへのリンク →

IndigoZebra

Score: 3.58

Matched TTPs:

T1087.002 - Domain Account
T1608.005 - Link Target
T1547.013 - XDG Autostart Entries

MITREへのリンク →

APT33

Score: 3.06

Matched TTPs:

T1087.002 - Domain Account
T1218.010 - Regsvr32
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Sidewinder

Score: 5.52

Matched TTPs:

T1087.002 - Domain Account
T1566.002 - Spearphishing Link
T1218.010 - Regsvr32
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Indrik Spider

Score: 4.40

Matched TTPs:

T1087.002 - Domain Account
T1546.016 - Installer Packages
T1547.013 - XDG Autostart Entries

MITREへのリンク →

APT29

Score: 20.66

Matched TTPs:

T1087.002 - Domain Account
T1592.004 - Client Configurations
T1608.005 - Link Target
T1218.010 - Regsvr32
T1218.009 - Regsvcs/Regasm
T1223 - Compiled HTML File
T1547.013 - XDG Autostart Entries
T1490 - Inhibit System Recovery

MITREへのリンク →

Confucius

Score: 7.04

Matched TTPs:

T1087.002 - Domain Account
T1608.005 - Link Target
T1087.004 - Cloud Account
T1218.010 - Regsvr32
T1547.013 - XDG Autostart Entries

MITREへのリンク →

BlackTech

Score: 5.43

Matched TTPs:

T1087.002 - Domain Account
T1218.010 - Regsvr32
T1526 - Cloud Service Discovery

MITREへのリンク →

Windshift

Score: 3.33

Matched TTPs:

T1087.002 - Domain Account
T1059.012 - Hypervisor CLI
T1547.013 - XDG Autostart Entries

MITREへのリンク →

ZIRCONIUM

Score: 9.62

Matched TTPs:

T1566.002 - Spearphishing Link
T1608.005 - Link Target
T1087.004 - Cloud Account
T1547.002 - Authentication Package
T1547.013 - XDG Autostart Entries

MITREへのリンク →

LuminousMoth

Score: 4.72

Matched TTPs:

T1091 - Replication Through Removable Media
T1087.004 - Cloud Account
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Mustard Tempest

Score: 4.52

Matched TTPs:

T1091 - Replication Through Removable Media
T1059.012 - Hypervisor CLI
T1547.013 - XDG Autostart Entries

MITREへのリンク →

TeamTNT

Score: 6.88

Matched TTPs:

T1091 - Replication Through Removable Media
T1142 - Keychain
T1547.013 - XDG Autostart Entries

MITREへのリンク →

BlackByte

Score: 10.80

Matched TTPs:

T1091 - Replication Through Removable Media
T1562.010 - Downgrade Attack
T1087.004 - Cloud Account
T1566.004 - Spearphishing Voice
T1547.013 - XDG Autostart Entries

MITREへのリンク →

MoustachedBouncer

Score: 4.54

Matched TTPs:

T1055.003 - Thread Execution Hijacking

MITREへのリンク →

Winter Vivern

Score: 12.67

Matched TTPs:

T1548 - Abuse Elevation Control Mechanism
T1087.004 - Cloud Account
T1218.001 - Compiled HTML File
T1059.012 - Hypervisor CLI
T1547.013 - XDG Autostart Entries

MITREへのリンク →

INC Ransom

Score: 5.54

Matched TTPs:

T1552.003 - Shell History
T1566.004 - Spearphishing Voice
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Cinnamon Tempest

Score: 3.30

Matched TTPs:

T1552.003 - Shell History
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Medusa Group

Score: 7.55

Matched TTPs:

T1552.003 - Shell History
T1608.005 - Link Target
T1566.004 - Spearphishing Voice
T1547.013 - XDG Autostart Entries

MITREへのリンク →

SilverTerrier

Score: 6.14

Matched TTPs:

T1552.003 - Shell History
T1041 - Exfiltration Over C2 Channel

MITREへのリンク →

Play

Score: 10.10

Matched TTPs:

T1552.003 - Shell History
T1142 - Keychain
T1547.013 - XDG Autostart Entries
T1490 - Inhibit System Recovery

MITREへのリンク →

UNC3886

Score: 11.99

Matched TTPs:

T1547.015 - Login Items
T1546.003 - Windows Management Instrumentation Event Subscription
T1218.010 - Regsvr32
T1566.004 - Spearphishing Voice

MITREへのリンク →

HAFNIUM

Score: 5.46

Matched TTPs:

T1608.005 - Link Target
T1547.013 - XDG Autostart Entries
T1490 - Inhibit System Recovery

MITREへのリンク →

Turla

Score: 21.93

Matched TTPs:

T1608.005 - Link Target
T1218.001 - Compiled HTML File
T1547.002 - Authentication Package
T1566.004 - Spearphishing Voice
T1556.009 - Conditional Access Policies
T1059.012 - Hypervisor CLI
T1546.016 - Installer Packages
T1547.013 - XDG Autostart Entries
T1490 - Inhibit System Recovery

MITREへのリンク →

POLONIUM

Score: 4.41

Matched TTPs:

T1608.005 - Link Target
T1547.002 - Authentication Package

MITREへのリンク →

LAPSUS$

Score: 4.13

Matched TTPs:

T1619 - Cloud Storage Object Discovery

MITREへのリンク →

Chimera

Score: 4.99

Matched TTPs:

T1087.004 - Cloud Account
T1566.004 - Spearphishing Voice
T1547.013 - XDG Autostart Entries

MITREへのリンク →

GALLIUM

Score: 4.99

Matched TTPs:

T1087.004 - Cloud Account
T1566.004 - Spearphishing Voice
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Agrius

Score: 4.21

Matched TTPs:

T1087.004 - Cloud Account
T1566.004 - Spearphishing Voice

MITREへのリンク →

Stealth Falcon

Score: 5.59

Matched TTPs:

T1087.004 - Cloud Account
T1556.009 - Conditional Access Policies

MITREへのリンク →

APT5

Score: 4.13

Matched TTPs:

T1546.003 - Windows Management Instrumentation Event Subscription

MITREへのリンク →

Axiom

Score: 7.80

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1160 - Launch Daemon

MITREへのリンク →

Sea Turtle

Score: 4.16

Matched TTPs:

T1218.010 - Regsvr32
T1490 - Inhibit System Recovery

MITREへのリンク →

Ember Bear

Score: 3.73

Matched TTPs:

T1218.010 - Regsvr32
T1566.004 - Spearphishing Voice

MITREへのリンク →

FIN10

Score: 4.90

Matched TTPs:

T1566.004 - Spearphishing Voice
T1490 - Inhibit System Recovery

MITREへのリンク →

Velvet Ant

Score: 9.03

Matched TTPs:

T1566.004 - Spearphishing Voice
T1490 - Inhibit System Recovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

Daggerfly

Score: 5.38

Matched TTPs:

T1059.012 - Hypervisor CLI
T1546.016 - Installer Packages
T1547.013 - XDG Autostart Entries

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.77

Matched TTPs:

T1566.002 - Spearphishing Link
T1041 - Exfiltration Over C2 Channel
T1552.003 - Shell History
T1526 - Cloud Service Discovery
T1087.002 - Domain Account
T1490 - Inhibit System Recovery
T1608.005 - Link Target
T1547.013 - XDG Autostart Entries
T1087.004 - Cloud Account
T1547.002 - Authentication Package
T1091 - Replication Through Removable Media

MITREへのリンク →

Turla

Score: 0.73

Matched TTPs:

T1218.001 - Compiled HTML File
T1608.005 - Link Target
T1556.009 - Conditional Access Policies
T1566.004 - Spearphishing Voice
T1547.013 - XDG Autostart Entries
T1547.002 - Authentication Package
T1546.016 - Installer Packages
T1059.012 - Hypervisor CLI
T1490 - Inhibit System Recovery

MITREへのリンク →

APT32

Score: 0.72

Matched TTPs:

T1566.002 - Spearphishing Link
T1087.002 - Domain Account
T1218.010 - Regsvr32
T1608.005 - Link Target
T1592.004 - Client Configurations
T1566.004 - Spearphishing Voice
T1547.013 - XDG Autostart Entries
T1087.004 - Cloud Account
T1490 - Inhibit System Recovery
T1059.012 - Hypervisor CLI
T1091 - Replication Through Removable Media

MITREへのリンク →

Contagious Interview

Score: 0.72

Matched TTPs:

T1221 - Template Injection
T1552.003 - Shell History
T1087.002 - Domain Account
T1651 - Cloud Administration Command
T1608.005 - Link Target
T1087.004 - Cloud Account
T1562.010 - Downgrade Attack
T1091 - Replication Through Removable Media

MITREへのリンク →

Gamaredon Group

Score: 0.70

Matched TTPs:

T1087.002 - Domain Account
T1554 - Compromise Host Software Binary
T1546.017 - Udev Rules
T1608.005 - Link Target
T1547.013 - XDG Autostart Entries
T1087.004 - Cloud Account
T1547.002 - Authentication Package
T1562.010 - Downgrade Attack
T1091 - Replication Through Removable Media

MITREへのリンク →

APT28

Score: 0.69

Matched TTPs:

T1546.007 - Netsh Helper DLL
T1566.003 - Spearphishing via Service
T1566.002 - Spearphishing Link
T1087.002 - Domain Account
T1608.005 - Link Target
T1547.013 - XDG Autostart Entries
T1547.002 - Authentication Package
T1059.012 - Hypervisor CLI
T1218.010 - Regsvr32

MITREへのリンク →

APT29

Score: 0.68

Matched TTPs:

T1223 - Compiled HTML File
T1087.002 - Domain Account
T1490 - Inhibit System Recovery
T1608.005 - Link Target
T1592.004 - Client Configurations
T1547.013 - XDG Autostart Entries
T1218.009 - Regsvcs/Regasm
T1218.010 - Regsvr32

MITREへのリンク →

Sandworm Team

Score: 0.57

Matched TTPs:

T1566.002 - Spearphishing Link
T1087.002 - Domain Account
T1218.010 - Regsvr32
T1566.004 - Spearphishing Voice
T1547.013 - XDG Autostart Entries
T1087.004 - Cloud Account
T1547.002 - Authentication Package
T1546.016 - Installer Packages
T1091 - Replication Through Removable Media

MITREへのリンク →

OilRig

Score: 0.56

Matched TTPs:

T1526 - Cloud Service Discovery
T1087.002 - Domain Account
T1556.009 - Conditional Access Policies
T1547.013 - XDG Autostart Entries
T1091 - Replication Through Removable Media
T1592.002 - Software
T1218.010 - Regsvr32

MITREへのリンク →

Leviathan

Score: 0.55

Matched TTPs:

T1087.002 - Domain Account
T1554 - Compromise Host Software Binary
T1546.017 - Udev Rules
T1547.013 - XDG Autostart Entries
T1087.004 - Cloud Account
T1546.016 - Installer Packages
T1059.012 - Hypervisor CLI
T1218.010 - Regsvr32

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る

Trojanized PuTTY Software

概要

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

Pulse – 脅威アクター グラフ

Pulse – 脅威アクターグラフ