Trusted Design

APT on Taiwan - insight into advances of adversary TTPs

概要

The summer months dawn on us and the financial year comes to a close. It is in the run up to this time that most organisations see an increase in targeted attack activity. We begin by reading news of an attack against the Taiwanese Government. Whilst we would prefer to disassociate ourselves with APT attacks against Governments our interest was piqued by a particular blog written by our friends over at TrendMicro[1]. There were several things that struck us as both interesting and concerning about the details; a threat actor known to operate in South East Asia is now using secure sockets layer (“SSL”) encryption in their malware. SSL is typically used to encrypt data between the client and the server, thus making the content unreadable by any systems sitting between the two end points, and significantly raising the cost of defence. Without the use of SSL interception traditional IDS/IPS systems could cease to detect compromised systems.

Created: 2026-02-23

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Kimsuky

Score: 34.48
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1016.001 - Internet Connection Discovery
  • T1583.005 - Botnet
  • T1091 - Replication Through Removable Media
  • T1140 - Deobfuscate/Decode Files or Information
  • T1131 - Authentication Package
  • T1557.003 - DHCP Spoofing
  • T1552.003 - Shell History
  • T1608.005 - Link Target
  • T1547.002 - Authentication Package
  • T1556.005 - Reversible Encryption
  • T1126 - Network Share Connection Removal
  • T1008 - Fallback Channels
MITREへのリンク →

Sea Turtle

Score: 10.23
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1140 - Deobfuscate/Decode Files or Information
  • T1685 - Disable or Modify Tools
  • T1556.005 - Reversible Encryption
MITREへのリンク →

Ember Bear

Score: 13.91
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1564.008 - Email Hiding Rules
  • T1140 - Deobfuscate/Decode Files or Information
  • T1062 - Hypervisor
  • T1059.001 - PowerShell
MITREへのリンク →

Indrik Spider

Score: 5.87
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1546.016 - Installer Packages
MITREへのリンク →

Agrius

Score: 4.50
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1140 - Deobfuscate/Decode Files or Information
MITREへのリンク →

Contagious Interview

Score: 29.70
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1091 - Replication Through Removable Media
  • T1586.003 - Cloud Accounts
  • T1131 - Authentication Package
  • T1021.006 - Windows Remote Management
  • T1552.003 - Shell History
  • T1608.005 - Link Target
  • T1126 - Network Share Connection Removal
  • T1547.008 - LSASS Driver
  • T1556 - Modify Authentication Process
MITREへのリンク →

Sandworm Team

Score: 27.89
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1564.008 - Email Hiding Rules
  • T1583.005 - Botnet
  • T1091 - Replication Through Removable Media
  • T1140 - Deobfuscate/Decode Files or Information
  • T1557.003 - DHCP Spoofing
  • T1547.002 - Authentication Package
  • T1075 - Pass the Hash
  • T1556.005 - Reversible Encryption
  • T1546.016 - Installer Packages
MITREへのリンク →

Star Blizzard

Score: 5.01
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1091 - Replication Through Removable Media
MITREへのリンク →

FIN6

Score: 16.21
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1062 - Hypervisor
  • T1612 - Build Image on Host
  • T1128 - Netsh Helper DLL
  • T1547.008 - LSASS Driver
  • T1556 - Modify Authentication Process
MITREへのリンク →

CopyKittens

Score: 3.15
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
MITREへのリンク →

Mustang Panda

Score: 24.09
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1091 - Replication Through Removable Media
  • T1062 - Hypervisor
  • T1612 - Build Image on Host
  • T1608.005 - Link Target
  • T1567.002 - Exfiltration to Cloud Storage
  • T1556.005 - Reversible Encryption
  • T1055.005 - Thread Local Storage
  • T1556 - Modify Authentication Process
MITREへのリンク →

UNC3886

Score: 14.38
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1583.005 - Botnet
  • T1140 - Deobfuscate/Decode Files or Information
  • T1021.006 - Windows Remote Management
  • T1578.001 - Create Snapshot
MITREへのリンク →

Lotus Blossom

Score: 3.15
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
MITREへのリンク →

Lazarus Group

Score: 31.04
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1608.005 - Link Target
  • T1547.002 - Authentication Package
  • T1567.002 - Exfiltration to Cloud Storage
  • T1556.005 - Reversible Encryption
  • T1546.016 - Installer Packages
  • T1055.005 - Thread Local Storage
  • T1578.001 - Create Snapshot
  • T1547.008 - LSASS Driver
  • T1556 - Modify Authentication Process
  • T1216 - System Script Proxy Execution
MITREへのリンク →

Volt Typhoon

Score: 17.93
Matched TTPs:
  • T1685.001 - Disable or Modify Windows Event Log
  • T1176 - Software Extensions
  • T1140 - Deobfuscate/Decode Files or Information
  • T1491 - Defacement
  • T1546.016 - Installer Packages
  • T1578.001 - Create Snapshot
MITREへのリンク →

APT28

Score: 36.59
Matched TTPs:
  • T1685.001 - Disable or Modify Windows Event Log
  • T1583.005 - Botnet
  • T1140 - Deobfuscate/Decode Files or Information
  • T1586.003 - Cloud Accounts
  • T1139 - Bash History
  • T1131 - Authentication Package
  • T1608.005 - Link Target
  • T1059.001 - PowerShell
  • T1547.002 - Authentication Package
  • T1146 - Clear Command History
  • T1556.005 - Reversible Encryption
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

ZIRCONIUM

Score: 10.62
Matched TTPs:
  • T1685.001 - Disable or Modify Windows Event Log
  • T1608.005 - Link Target
  • T1547.002 - Authentication Package
  • T1578.001 - Create Snapshot
MITREへのリンク →

Leviathan

Score: 14.58
Matched TTPs:
  • T1685.001 - Disable or Modify Windows Event Log
  • T1140 - Deobfuscate/Decode Files or Information
  • T1062 - Hypervisor
  • T1554 - Compromise Host Software Binary
  • T1546.016 - Installer Packages
MITREへのリンク →

HAFNIUM

Score: 8.52
Matched TTPs:
  • T1027.008 - Stripped Payloads
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.005 - Link Target
  • T1556.005 - Reversible Encryption
MITREへのリンク →

APT5

Score: 5.31
Matched TTPs:
  • T1027.008 - Stripped Payloads
  • T1140 - Deobfuscate/Decode Files or Information
MITREへのリンク →

Ke3chang

Score: 6.50
Matched TTPs:
  • T1027.008 - Stripped Payloads
  • T1140 - Deobfuscate/Decode Files or Information
  • T1556.005 - Reversible Encryption
MITREへのリンク →

Velvet Ant

Score: 9.91
Matched TTPs:
  • T1583.005 - Botnet
  • T1128 - Netsh Helper DLL
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Salt Typhoon

Score: 9.77
Matched TTPs:
  • T1583.005 - Botnet
  • T1140 - Deobfuscate/Decode Files or Information
  • T1062 - Hypervisor
  • T1556 - Modify Authentication Process
MITREへのリンク →

APT33

Score: 6.97
Matched TTPs:
  • T1583.005 - Botnet
  • T1556.005 - Reversible Encryption
  • T1556 - Modify Authentication Process
MITREへのリンク →

DarkVishnya

Score: 3.03
Matched TTPs:
  • T1583.005 - Botnet
MITREへのリンク →

Turla

Score: 24.59
Matched TTPs:
  • T1176 - Software Extensions
  • T1131 - Authentication Package
  • T1612 - Build Image on Host
  • T1608.005 - Link Target
  • T1218.001 - Compiled HTML File
  • T1547.002 - Authentication Package
  • T1556.005 - Reversible Encryption
  • T1546.016 - Installer Packages
  • T1578.001 - Create Snapshot
MITREへのリンク →

TA2541

Score: 6.73
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1608.005 - Link Target
  • T1128 - Netsh Helper DLL
MITREへのリンク →

Earth Lusca

Score: 17.94
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1140 - Deobfuscate/Decode Files or Information
  • T1557.003 - DHCP Spoofing
  • T1608.005 - Link Target
  • T1059.001 - PowerShell
  • T1218.001 - Compiled HTML File
  • T1546.016 - Installer Packages
MITREへのリンク →

LuminousMoth

Score: 3.16
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1556.005 - Reversible Encryption
MITREへのリンク →

Mustard Tempest

Score: 5.26
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1557.003 - DHCP Spoofing
MITREへのリンク →

OilRig

Score: 13.70
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1062 - Hypervisor
  • T1128 - Netsh Helper DLL
  • T1556.005 - Reversible Encryption
  • T1547.008 - LSASS Driver
  • T1556 - Modify Authentication Process
MITREへのリンク →

TeamTNT

Score: 9.82
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1612 - Build Image on Host
  • T1142 - Keychain
  • T1556.005 - Reversible Encryption
MITREへのリンク →

LazyScripter

Score: 6.51
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1612 - Build Image on Host
  • T1608.005 - Link Target
MITREへのリンク →

Gamaredon Group

Score: 14.23
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1612 - Build Image on Host
  • T1608.005 - Link Target
  • T1554 - Compromise Host Software Binary
  • T1547.002 - Authentication Package
  • T1556.005 - Reversible Encryption
MITREへのリンク →

Threat Group-3390

Score: 7.38
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1140 - Deobfuscate/Decode Files or Information
  • T1059.001 - PowerShell
  • T1556.005 - Reversible Encryption
MITREへのリンク →

TA505

Score: 3.16
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1556.005 - Reversible Encryption
MITREへのリンク →

BlackByte

Score: 8.25
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1140 - Deobfuscate/Decode Files or Information
  • T1586.003 - Cloud Accounts
  • T1556.005 - Reversible Encryption
MITREへのリンク →

BITTER

Score: 6.78
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1683 - Generate Content
  • T1556.005 - Reversible Encryption
MITREへのリンク →

APT32

Score: 17.57
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1131 - Authentication Package
  • T1592.004 - Client Configurations
  • T1612 - Build Image on Host
  • T1608.005 - Link Target
  • T1556.005 - Reversible Encryption
  • T1556 - Modify Authentication Process
MITREへのリンク →

HEXANE

Score: 4.37
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1547.002 - Authentication Package
MITREへのリンク →

Saint Bear

Score: 3.99
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1608.005 - Link Target
MITREへのリンク →

Moonstone Sleet

Score: 12.81
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1491 - Defacement
  • T1556.005 - Reversible Encryption
  • T1126 - Network Share Connection Removal
  • T1547.008 - LSASS Driver
MITREへのリンク →

FIN7

Score: 15.71
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1140 - Deobfuscate/Decode Files or Information
  • T1062 - Hypervisor
  • T1608.005 - Link Target
  • T1059.001 - PowerShell
  • T1547.002 - Authentication Package
  • T1578.001 - Create Snapshot
MITREへのリンク →

EXOTIC LILY

Score: 7.02
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1612 - Build Image on Host
  • T1547.008 - LSASS Driver
MITREへのリンク →

APT42

Score: 8.43
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1612 - Build Image on Host
  • T1128 - Netsh Helper DLL
  • T1556.005 - Reversible Encryption
MITREへのリンク →

Rocke

Score: 8.47
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1612 - Build Image on Host
  • T1556.005 - Reversible Encryption
  • T1008 - Fallback Channels
MITREへのリンク →

FIN13

Score: 7.70
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1062 - Hypervisor
  • T1552.003 - Shell History
  • T1556.005 - Reversible Encryption
MITREへのリンク →

Magic Hound

Score: 19.36
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1586.003 - Cloud Accounts
  • T1062 - Hypervisor
  • T1608.005 - Link Target
  • T1683 - Generate Content
  • T1547.002 - Authentication Package
  • T1556.005 - Reversible Encryption
  • T1547.008 - LSASS Driver
MITREへのリンク →

Medusa Group

Score: 18.10
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1552.003 - Shell History
  • T1608.005 - Link Target
  • T1128 - Netsh Helper DLL
  • T1598 - Phishing for Information
  • T1556.005 - Reversible Encryption
  • T1216 - System Script Proxy Execution
MITREへのリンク →

Storm-0501

Score: 3.99
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1552.003 - Shell History
MITREへのリンク →

Fox Kitten

Score: 12.55
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1062 - Hypervisor
  • T1491 - Defacement
  • T1612 - Build Image on Host
  • T1059.001 - PowerShell
MITREへのリンク →

Cinnamon Tempest

Score: 6.52
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1062 - Hypervisor
  • T1552.003 - Shell History
MITREへのリンク →

menuPass

Score: 4.22
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1059.001 - PowerShell
MITREへのリンク →

ToddyCat

Score: 3.99
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1547.008 - LSASS Driver
MITREへのリンク →

GALLIUM

Score: 4.76
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1557.003 - DHCP Spoofing
MITREへのリンク →

Winter Vivern

Score: 10.82
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1548 - Abuse Elevation Control Mechanism
  • T1218.001 - Compiled HTML File
  • T1556.005 - Reversible Encryption
MITREへのリンク →

APT29

Score: 13.47
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1592.004 - Client Configurations
  • T1608.005 - Link Target
  • T1683 - Generate Content
  • T1547.008 - LSASS Driver
MITREへのリンク →

INC Ransom

Score: 3.99
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1552.003 - Shell History
MITREへのリンク →

Dragonfly

Score: 7.05
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1059.001 - PowerShell
  • T1546.016 - Installer Packages
MITREへのリンク →

Axiom

Score: 6.01
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1160 - Launch Daemon
MITREへのリンク →

APT41

Score: 5.94
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1556.005 - Reversible Encryption
  • T1008 - Fallback Channels
MITREへのリンク →

Play

Score: 8.13
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1552.003 - Shell History
  • T1142 - Keychain
MITREへのリンク →

MuddyWater

Score: 9.81
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.005 - Link Target
  • T1059.001 - PowerShell
  • T1547.002 - Authentication Package
  • T1556.005 - Reversible Encryption
MITREへのリンク →

APT39

Score: 5.06
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1547.002 - Authentication Package
  • T1556.005 - Reversible Encryption
MITREへのリンク →

MoustachedBouncer

Score: 4.54
Matched TTPs:
  • T1055.003 - Thread Execution Hijacking
MITREへのリンク →

Chimera

Score: 9.59
Matched TTPs:
  • T1062 - Hypervisor
  • T1491 - Defacement
  • T1556.005 - Reversible Encryption
  • T1578.001 - Create Snapshot
MITREへのリンク →

Cobalt Group

Score: 6.46
Matched TTPs:
  • T1062 - Hypervisor
  • T1128 - Netsh Helper DLL
  • T1556.005 - Reversible Encryption
MITREへのリンク →

Scattered Spider

Score: 12.87
Matched TTPs:
  • T1062 - Hypervisor
  • T1491 - Defacement
  • T1552.003 - Shell History
  • T1027.002 - Software Packing
MITREへのリンク →

SilverTerrier

Score: 7.00
Matched TTPs:
  • T1131 - Authentication Package
  • T1552.003 - Shell History
  • T1556.005 - Reversible Encryption
MITREへのリンク →

APT38

Score: 8.09
Matched TTPs:
  • T1491 - Defacement
  • T1556.005 - Reversible Encryption
  • T1216 - System Script Proxy Execution
MITREへのリンク →

CURIUM

Score: 12.02
Matched TTPs:
  • T1557.003 - DHCP Spoofing
  • T1218.001 - Compiled HTML File
  • T1578.001 - Create Snapshot
  • T1547.008 - LSASS Driver
MITREへのリンク →

BRONZE BUTLER

Score: 10.91
Matched TTPs:
  • T1592.004 - Client Configurations
  • T1556.005 - Reversible Encryption
  • T1578.001 - Create Snapshot
  • T1008 - Fallback Channels
MITREへのリンク →

RedCurl

Score: 6.46
Matched TTPs:
  • T1612 - Build Image on Host
  • T1128 - Netsh Helper DLL
  • T1556.005 - Reversible Encryption
MITREへのリンク →

Inception

Score: 3.71
Matched TTPs:
  • T1612 - Build Image on Host
  • T1556.005 - Reversible Encryption
MITREへのリンク →

FIN8

Score: 9.20
Matched TTPs:
  • T1612 - Build Image on Host
  • T1128 - Netsh Helper DLL
  • T1556.005 - Reversible Encryption
  • T1556 - Modify Authentication Process
MITREへのリンク →

Confucius

Score: 3.20
Matched TTPs:
  • T1608.005 - Link Target
  • T1556.005 - Reversible Encryption
MITREへのリンク →

POLONIUM

Score: 4.41
Matched TTPs:
  • T1608.005 - Link Target
  • T1547.002 - Authentication Package
MITREへのリンク →

Wizard Spider

Score: 6.68
Matched TTPs:
  • T1059.001 - PowerShell
  • T1556.005 - Reversible Encryption
  • T1556 - Modify Authentication Process
MITREへのリンク →

Tropic Trooper

Score: 7.56
Matched TTPs:
  • T1683 - Generate Content
  • T1128 - Netsh Helper DLL
  • T1556.005 - Reversible Encryption
MITREへのリンク →

APT37

Score: 7.21
Matched TTPs:
  • T1547.002 - Authentication Package
  • T1556.005 - Reversible Encryption
  • T1216 - System Script Proxy Execution
MITREへのリンク →

RedEcho

Score: 3.93
Matched TTPs:
  • T1128 - Netsh Helper DLL
  • T1556.005 - Reversible Encryption
MITREへのリンク →

Higaisa

Score: 7.62
Matched TTPs:
  • T1567.002 - Exfiltration to Cloud Storage
  • T1556.005 - Reversible Encryption
  • T1578.001 - Create Snapshot
MITREへのリンク →

Dark Caracal

Score: 3.71
Matched TTPs:
  • T1556.005 - Reversible Encryption
  • T1547.008 - LSASS Driver
MITREへのリンク →

Daggerfly

Score: 4.02
Matched TTPs:
  • T1556.005 - Reversible Encryption
  • T1546.016 - Installer Packages
MITREへのリンク →

Sidewinder

Score: 3.78
Matched TTPs:
  • T1556.005 - Reversible Encryption
  • T1578.001 - Create Snapshot
MITREへのリンク →

Windshift

Score: 3.71
Matched TTPs:
  • T1556.005 - Reversible Encryption
  • T1547.008 - LSASS Driver
MITREへのリンク →

PLATINUM

Score: 4.54
Matched TTPs:
  • T1686 - Disable or Modify System Firewall
MITREへのリンク →

RTM

Score: 3.29
Matched TTPs:
  • T1008 - Fallback Channels
MITREへのリンク →

Patchwork

Score: 3.29
Matched TTPs:
  • T1008 - Fallback Channels
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

APT28

Score: 0.81
Matched TTPs:
  • T1566.003 - Spearphishing via Service
  • T1547.002 - Authentication Package
  • T1586.003 - Cloud Accounts
  • T1140 - Deobfuscate/Decode Files or Information
  • T1059.001 - PowerShell
  • T1556.005 - Reversible Encryption
  • T1583.005 - Botnet
  • T1608.005 - Link Target
  • T1685.001 - Disable or Modify Windows Event Log
  • T1131 - Authentication Package
  • T1139 - Bash History
  • T1146 - Clear Command History
MITREへのリンク →

Kimsuky

Score: 0.78
Matched TTPs:
  • T1547.002 - Authentication Package
  • T1140 - Deobfuscate/Decode Files or Information
  • T1091 - Replication Through Removable Media
  • T1126 - Network Share Connection Removal
  • T1033 - System Owner/User Discovery
  • T1556.005 - Reversible Encryption
  • T1583.005 - Botnet
  • T1016.001 - Internet Connection Discovery
  • T1608.005 - Link Target
  • T1008 - Fallback Channels
  • T1131 - Authentication Package
  • T1552.003 - Shell History
  • T1557.003 - DHCP Spoofing
MITREへのリンク →

Lazarus Group

Score: 0.69
Matched TTPs:
  • T1567.002 - Exfiltration to Cloud Storage
  • T1055.005 - Thread Local Storage
  • T1547.002 - Authentication Package
  • T1547.008 - LSASS Driver
  • T1578.001 - Create Snapshot
  • T1216 - System Script Proxy Execution
  • T1556.005 - Reversible Encryption
  • T1608.005 - Link Target
  • T1016.001 - Internet Connection Discovery
  • T1546.016 - Installer Packages
  • T1556 - Modify Authentication Process
MITREへのリンク →

Contagious Interview

Score: 0.68
Matched TTPs:
  • T1586.003 - Cloud Accounts
  • T1091 - Replication Through Removable Media
  • T1126 - Network Share Connection Removal
  • T1547.008 - LSASS Driver
  • T1021.006 - Windows Remote Management
  • T1033 - System Owner/User Discovery
  • T1608.005 - Link Target
  • T1131 - Authentication Package
  • T1552.003 - Shell History
  • T1556 - Modify Authentication Process
MITREへのリンク →

Sandworm Team

Score: 0.64
Matched TTPs:
  • T1564.008 - Email Hiding Rules
  • T1547.002 - Authentication Package
  • T1140 - Deobfuscate/Decode Files or Information
  • T1091 - Replication Through Removable Media
  • T1075 - Pass the Hash
  • T1033 - System Owner/User Discovery
  • T1556.005 - Reversible Encryption
  • T1583.005 - Botnet
  • T1546.016 - Installer Packages
  • T1557.003 - DHCP Spoofing
MITREへのリンク →

Turla

Score: 0.60
Matched TTPs:
  • T1218.001 - Compiled HTML File
  • T1547.002 - Authentication Package
  • T1612 - Build Image on Host
  • T1176 - Software Extensions
  • T1578.001 - Create Snapshot
  • T1556.005 - Reversible Encryption
  • T1608.005 - Link Target
  • T1546.016 - Installer Packages
  • T1131 - Authentication Package
MITREへのリンク →

Mustang Panda

Score: 0.58
Matched TTPs:
  • T1567.002 - Exfiltration to Cloud Storage
  • T1055.005 - Thread Local Storage
  • T1062 - Hypervisor
  • T1091 - Replication Through Removable Media
  • T1612 - Build Image on Host
  • T1556.005 - Reversible Encryption
  • T1608.005 - Link Target
  • T1016.001 - Internet Connection Discovery
  • T1556 - Modify Authentication Process
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る