Trusted Design

Winnti is now targeting pharmaceutical companies

概要

For a long time the Winnti group had been considered as a Chinese threat actor targeting gaming companies specifically. Recently, we’ve seen information indicating that the scope of targets can be wider and is no longer limited to the entertainment business. We actually track samples of Winnti malware all the time, but so far we haven’t been able to catch one with solid clues indicating other targeted industries. Also our visibility as a vendor does not cover every company in the world (at least so far ;)) and the Kaspersky Security Network (KSN) did not reveal other attacks except those against gaming companies. Well, sometimes targeted entities have included telecommunication companies, or better, large holdings, but it seems that at least one of their businesses was in some way related to the production or distribution of computer games.

Created: 2026-02-23

Indicators

類似Pulses

An Update on Winnti (score: 0.57)
Multiple Malwares used to Target an Asian Financial Institution (score: 0.51)
Threat Group-3390 Targets Organizations for Cyberespionage (score: 0.51)
TrendLabs: Spam Campaign Delivers Cross-platform Remote Access Trojan Adwind (score: 0.50)
Operation C-Major actors used Mobile Spyware Against Targets (score: 0.50)

このPulseに関連する脅威アクター (事実ベース)

APT28

Score: 18.35

Matched TTPs:

T1070.006 - Timestomp
T1102.002 - Bidirectional Communication
T1498 - Network Denial of Service
T1669 - Wi-Fi Networks
T1211 - Exploitation for Defense Evasion

MITREへのリンク →

UNC3886

Score: 11.24

Matched TTPs:

T1070.006 - Timestomp
T1588.001 - Malware
T1008 - Fallback Channels
T1124 - System Time Discovery

MITREへのリンク →

APT32

Score: 5.49

Matched TTPs:

T1070.006 - Timestomp
T1218.010 - Regsvr32

MITREへのリンク →

Kimsuky

Score: 7.89

Matched TTPs:

T1070.006 - Timestomp
T1218.010 - Regsvr32
T1102.002 - Bidirectional Communication

MITREへのリンク →

APT29

Score: 5.27

Matched TTPs:

T1070.006 - Timestomp
T1566.003 - Spearphishing via Service

MITREへのリンク →

Chimera

Score: 5.34

Matched TTPs:

T1070.006 - Timestomp
T1124 - System Time Discovery

MITREへのリンク →

Lazarus Group

Score: 17.83

Matched TTPs:

T1070.006 - Timestomp
T1102.002 - Bidirectional Communication
T1027.007 - Dynamic API Resolution
T1008 - Fallback Channels
T1124 - System Time Discovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

Mustang Panda

Score: 6.88

Matched TTPs:

T1070.006 - Timestomp
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Turla

Score: 7.45

Matched TTPs:

T1588.001 - Malware
T1102.002 - Bidirectional Communication
T1124 - System Time Discovery

MITREへのリンク →

Scattered Spider

Score: 7.00

Matched TTPs:

T1588.001 - Malware
T1538 - Cloud Service Dashboard

MITREへのリンク →

APT33

Score: 4.13

Matched TTPs:

T1552.006 - Group Policy Preferences

MITREへのリンク →

Wizard Spider

Score: 4.13

Matched TTPs:

T1552.006 - Group Policy Preferences

MITREへのリンク →

Cobalt Group

Score: 5.67

Matched TTPs:

T1218.010 - Regsvr32
T1195.002 - Compromise Software Supply Chain

MITREへのリンク →

APT41

Score: 6.37

Matched TTPs:

T1195.002 - Compromise Software Supply Chain
T1008 - Fallback Channels

MITREへのリンク →

Sandworm Team

Score: 5.33

Matched TTPs:

T1195.002 - Compromise Software Supply Chain
T1102.002 - Bidirectional Communication

MITREへのリンク →

Moonstone Sleet

Score: 5.45

Matched TTPs:

T1195.002 - Compromise Software Supply Chain
T1566.003 - Spearphishing via Service

MITREへのリンク →

FIN7

Score: 11.36

Matched TTPs:

T1195.002 - Compromise Software Supply Chain
T1102.002 - Bidirectional Communication
T1008 - Fallback Channels
T1124 - System Time Discovery

MITREへのリンク →

Magic Hound

Score: 4.92

Matched TTPs:

T1102.002 - Bidirectional Communication
T1566.003 - Spearphishing via Service

MITREへのリンク →

ZIRCONIUM

Score: 4.99

Matched TTPs:

T1102.002 - Bidirectional Communication
T1124 - System Time Discovery

MITREへのリンク →

OilRig

Score: 5.96

Matched TTPs:

T1008 - Fallback Channels
T1566.003 - Spearphishing via Service

MITREへのリンク →

CURIUM

Score: 5.12

Matched TTPs:

T1124 - System Time Discovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

Velvet Ant

Score: 4.13

Matched TTPs:

T1211 - Exploitation for Defense Evasion

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Lazarus Group

Score: 0.80

Matched TTPs:

T1027.007 - Dynamic API Resolution
T1566.003 - Spearphishing via Service
T1070.006 - Timestomp
T1008 - Fallback Channels
T1124 - System Time Discovery
T1102.002 - Bidirectional Communication

MITREへのリンク →

APT28

Score: 0.78

Matched TTPs:

T1498 - Network Denial of Service
T1070.006 - Timestomp
T1669 - Wi-Fi Networks
T1102.002 - Bidirectional Communication
T1211 - Exploitation for Defense Evasion

MITREへのリンク →

FIN7

Score: 0.59

Matched TTPs:

T1195.002 - Compromise Software Supply Chain
T1008 - Fallback Channels
T1124 - System Time Discovery
T1102.002 - Bidirectional Communication

MITREへのリンク →

UNC3886

Score: 0.55

Matched TTPs:

T1070.006 - Timestomp
T1588.001 - Malware
T1008 - Fallback Channels
T1124 - System Time Discovery

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る