Trusted Design

APT on Taiwan - insight into advances of adversary TTPs

概要

The summer months dawn on us and the financial year comes to a close. It is in the run up to this time that most organisations see an increase in targeted attack activity. We begin by reading news of an attack against the Taiwanese Government. Whilst we would prefer to disassociate ourselves with APT attacks against Governments our interest was piqued by a particular blog written by our friends over at TrendMicro[1]. There were several things that struck us as both interesting and concerning about the details; a threat actor known to operate in South East Asia is now using secure sockets layer (“SSL”) encryption in their malware. SSL is typically used to encrypt data between the client and the server, thus making the content unreadable by any systems sitting between the two end points, and significantly raising the cost of defence. Without the use of SSL interception traditional IDS/IPS systems could cease to detect compromised systems.

Created: 2026-02-23

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Kimsuky

Score: 34.48
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1560.003 - Archive via Custom Method
  • T1040 - Network Sniffing
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1071.003 - Mail Protocols
  • T1583.004 - Server
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1071.001 - Web Protocols
  • T1587 - Develop Capabilities
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Sea Turtle

Score: 10.23
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1190 - Exploit Public-Facing Application
  • T1608.003 - Install Digital Certificate
  • T1071.001 - Web Protocols
MITREへのリンク →

Ember Bear

Score: 13.91
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1491.002 - External Defacement
  • T1190 - Exploit Public-Facing Application
  • T1572 - Protocol Tunneling
  • T1210 - Exploitation of Remote Services
MITREへのリンク →

Indrik Spider

Score: 5.87
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1584.004 - Server
MITREへのリンク →

Agrius

Score: 4.50
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1190 - Exploit Public-Facing Application
MITREへのリンク →

Contagious Interview

Score: 29.70
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1608.001 - Upload Malware
  • T1567 - Exfiltration Over Web Service
  • T1071.003 - Mail Protocols
  • T1681 - Search Threat Vendor Data
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1587 - Develop Capabilities
  • T1566.003 - Spearphishing via Service
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Sandworm Team

Score: 27.89
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1491.002 - External Defacement
  • T1040 - Network Sniffing
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1583.004 - Server
  • T1102.002 - Bidirectional Communication
  • T1499 - Endpoint Denial of Service
  • T1071.001 - Web Protocols
  • T1584.004 - Server
MITREへのリンク →

Star Blizzard

Score: 5.01
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1608.001 - Upload Malware
MITREへのリンク →

FIN6

Score: 16.21
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1572 - Protocol Tunneling
  • T1102 - Web Service
  • T1573.002 - Asymmetric Cryptography
  • T1566.003 - Spearphishing via Service
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

CopyKittens

Score: 3.15
Matched TTPs:
  • T1560.003 - Archive via Custom Method
MITREへのリンク →

Mustang Panda

Score: 24.09
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1608.001 - Upload Malware
  • T1572 - Protocol Tunneling
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1001.003 - Protocol or Service Impersonation
  • T1071.001 - Web Protocols
  • T1027.007 - Dynamic API Resolution
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

UNC3886

Score: 14.38
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1040 - Network Sniffing
  • T1190 - Exploit Public-Facing Application
  • T1681 - Search Threat Vendor Data
  • T1124 - System Time Discovery
MITREへのリンク →

Lotus Blossom

Score: 3.15
Matched TTPs:
  • T1560.003 - Archive via Custom Method
MITREへのリンク →

Lazarus Group

Score: 31.04
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1583.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1001.003 - Protocol or Service Impersonation
  • T1071.001 - Web Protocols
  • T1584.004 - Server
  • T1027.007 - Dynamic API Resolution
  • T1124 - System Time Discovery
  • T1566.003 - Spearphishing via Service
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Volt Typhoon

Score: 17.93
Matched TTPs:
  • T1584.008 - Network Devices
  • T1584.003 - Virtual Private Server
  • T1190 - Exploit Public-Facing Application
  • T1217 - Browser Information Discovery
  • T1584.004 - Server
  • T1124 - System Time Discovery
MITREへのリンク →

APT28

Score: 36.59
Matched TTPs:
  • T1584.008 - Network Devices
  • T1040 - Network Sniffing
  • T1190 - Exploit Public-Facing Application
  • T1567 - Exfiltration Over Web Service
  • T1557.004 - Evil Twin
  • T1071.003 - Mail Protocols
  • T1583.006 - Web Services
  • T1210 - Exploitation of Remote Services
  • T1102.002 - Bidirectional Communication
  • T1498 - Network Denial of Service
  • T1071.001 - Web Protocols
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

ZIRCONIUM

Score: 10.62
Matched TTPs:
  • T1584.008 - Network Devices
  • T1583.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1124 - System Time Discovery
MITREへのリンク →

Leviathan

Score: 14.58
Matched TTPs:
  • T1584.008 - Network Devices
  • T1190 - Exploit Public-Facing Application
  • T1572 - Protocol Tunneling
  • T1102.003 - One-Way Communication
  • T1584.004 - Server
MITREへのリンク →

HAFNIUM

Score: 8.52
Matched TTPs:
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1583.006 - Web Services
  • T1071.001 - Web Protocols
MITREへのリンク →

APT5

Score: 5.31
Matched TTPs:
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
MITREへのリンク →

Ke3chang

Score: 6.50
Matched TTPs:
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1071.001 - Web Protocols
MITREへのリンク →

Velvet Ant

Score: 9.91
Matched TTPs:
  • T1040 - Network Sniffing
  • T1573.002 - Asymmetric Cryptography
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

Salt Typhoon

Score: 9.77
Matched TTPs:
  • T1040 - Network Sniffing
  • T1190 - Exploit Public-Facing Application
  • T1572 - Protocol Tunneling
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

APT33

Score: 6.97
Matched TTPs:
  • T1040 - Network Sniffing
  • T1071.001 - Web Protocols
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

DarkVishnya

Score: 3.03
Matched TTPs:
  • T1040 - Network Sniffing
MITREへのリンク →

Turla

Score: 24.59
Matched TTPs:
  • T1584.003 - Virtual Private Server
  • T1071.003 - Mail Protocols
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1584.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1071.001 - Web Protocols
  • T1584.004 - Server
  • T1124 - System Time Discovery
MITREへのリンク →

TA2541

Score: 6.73
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1573.002 - Asymmetric Cryptography
MITREへのリンク →

Earth Lusca

Score: 17.94
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1583.004 - Server
  • T1583.006 - Web Services
  • T1210 - Exploitation of Remote Services
  • T1584.006 - Web Services
  • T1584.004 - Server
MITREへのリンク →

LuminousMoth

Score: 3.16
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1071.001 - Web Protocols
MITREへのリンク →

Mustard Tempest

Score: 5.26
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.004 - Server
MITREへのリンク →

OilRig

Score: 13.70
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1572 - Protocol Tunneling
  • T1573.002 - Asymmetric Cryptography
  • T1071.001 - Web Protocols
  • T1566.003 - Spearphishing via Service
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

TeamTNT

Score: 9.82
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1102 - Web Service
  • T1048 - Exfiltration Over Alternative Protocol
  • T1071.001 - Web Protocols
MITREへのリンク →

LazyScripter

Score: 6.51
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1102 - Web Service
  • T1583.006 - Web Services
MITREへのリンク →

Gamaredon Group

Score: 14.23
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1102.003 - One-Way Communication
  • T1102.002 - Bidirectional Communication
  • T1071.001 - Web Protocols
MITREへのリンク →

Threat Group-3390

Score: 7.38
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1210 - Exploitation of Remote Services
  • T1071.001 - Web Protocols
MITREへのリンク →

TA505

Score: 3.16
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1071.001 - Web Protocols
MITREへのリンク →

BlackByte

Score: 8.25
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1567 - Exfiltration Over Web Service
  • T1071.001 - Web Protocols
MITREへのリンク →

BITTER

Score: 6.78
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1573 - Encrypted Channel
  • T1071.001 - Web Protocols
MITREへのリンク →

APT32

Score: 17.57
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1071.003 - Mail Protocols
  • T1550.003 - Pass the Ticket
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1071.001 - Web Protocols
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

HEXANE

Score: 4.37
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

Saint Bear

Score: 3.99
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
MITREへのリンク →

Moonstone Sleet

Score: 12.81
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1217 - Browser Information Discovery
  • T1071.001 - Web Protocols
  • T1587 - Develop Capabilities
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

FIN7

Score: 15.71
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1572 - Protocol Tunneling
  • T1583.006 - Web Services
  • T1210 - Exploitation of Remote Services
  • T1102.002 - Bidirectional Communication
  • T1124 - System Time Discovery
MITREへのリンク →

EXOTIC LILY

Score: 7.02
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1102 - Web Service
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT42

Score: 8.43
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1102 - Web Service
  • T1573.002 - Asymmetric Cryptography
  • T1071.001 - Web Protocols
MITREへのリンク →

Rocke

Score: 8.47
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1102 - Web Service
  • T1071.001 - Web Protocols
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

FIN13

Score: 7.70
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1572 - Protocol Tunneling
  • T1657 - Financial Theft
  • T1071.001 - Web Protocols
MITREへのリンク →

Magic Hound

Score: 19.36
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1567 - Exfiltration Over Web Service
  • T1572 - Protocol Tunneling
  • T1583.006 - Web Services
  • T1573 - Encrypted Channel
  • T1102.002 - Bidirectional Communication
  • T1071.001 - Web Protocols
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Medusa Group

Score: 18.10
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1573.002 - Asymmetric Cryptography
  • T1650 - Acquire Access
  • T1071.001 - Web Protocols
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Storm-0501

Score: 3.99
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
MITREへのリンク →

Fox Kitten

Score: 12.55
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1572 - Protocol Tunneling
  • T1217 - Browser Information Discovery
  • T1102 - Web Service
  • T1210 - Exploitation of Remote Services
MITREへのリンク →

Cinnamon Tempest

Score: 6.52
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1572 - Protocol Tunneling
  • T1657 - Financial Theft
MITREへのリンク →

menuPass

Score: 4.22
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1210 - Exploitation of Remote Services
MITREへのリンク →

ToddyCat

Score: 3.99
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

GALLIUM

Score: 4.76
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1583.004 - Server
MITREへのリンク →

Winter Vivern

Score: 10.82
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1056.003 - Web Portal Capture
  • T1584.006 - Web Services
  • T1071.001 - Web Protocols
MITREへのリンク →

APT29

Score: 13.47
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1550.003 - Pass the Ticket
  • T1583.006 - Web Services
  • T1573 - Encrypted Channel
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

INC Ransom

Score: 3.99
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
MITREへのリンク →

Dragonfly

Score: 7.05
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1210 - Exploitation of Remote Services
  • T1584.004 - Server
MITREへのリンク →

Axiom

Score: 6.01
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1001.002 - Steganography
MITREへのリンク →

APT41

Score: 5.94
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1071.001 - Web Protocols
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Play

Score: 8.13
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1048 - Exfiltration Over Alternative Protocol
MITREへのリンク →

MuddyWater

Score: 9.81
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1583.006 - Web Services
  • T1210 - Exploitation of Remote Services
  • T1102.002 - Bidirectional Communication
  • T1071.001 - Web Protocols
MITREへのリンク →

APT39

Score: 5.06
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1102.002 - Bidirectional Communication
  • T1071.001 - Web Protocols
MITREへのリンク →

MoustachedBouncer

Score: 4.54
Matched TTPs:
  • T1659 - Content Injection
MITREへのリンク →

Chimera

Score: 9.59
Matched TTPs:
  • T1572 - Protocol Tunneling
  • T1217 - Browser Information Discovery
  • T1071.001 - Web Protocols
  • T1124 - System Time Discovery
MITREへのリンク →

Cobalt Group

Score: 6.46
Matched TTPs:
  • T1572 - Protocol Tunneling
  • T1573.002 - Asymmetric Cryptography
  • T1071.001 - Web Protocols
MITREへのリンク →

Scattered Spider

Score: 12.87
Matched TTPs:
  • T1572 - Protocol Tunneling
  • T1217 - Browser Information Discovery
  • T1657 - Financial Theft
  • T1538 - Cloud Service Dashboard
MITREへのリンク →

SilverTerrier

Score: 7.00
Matched TTPs:
  • T1071.003 - Mail Protocols
  • T1657 - Financial Theft
  • T1071.001 - Web Protocols
MITREへのリンク →

APT38

Score: 8.09
Matched TTPs:
  • T1217 - Browser Information Discovery
  • T1071.001 - Web Protocols
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

CURIUM

Score: 12.02
Matched TTPs:
  • T1583.004 - Server
  • T1584.006 - Web Services
  • T1124 - System Time Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

BRONZE BUTLER

Score: 10.91
Matched TTPs:
  • T1550.003 - Pass the Ticket
  • T1071.001 - Web Protocols
  • T1124 - System Time Discovery
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

RedCurl

Score: 6.46
Matched TTPs:
  • T1102 - Web Service
  • T1573.002 - Asymmetric Cryptography
  • T1071.001 - Web Protocols
MITREへのリンク →

Inception

Score: 3.71
Matched TTPs:
  • T1102 - Web Service
  • T1071.001 - Web Protocols
MITREへのリンク →

FIN8

Score: 9.20
Matched TTPs:
  • T1102 - Web Service
  • T1573.002 - Asymmetric Cryptography
  • T1071.001 - Web Protocols
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Confucius

Score: 3.20
Matched TTPs:
  • T1583.006 - Web Services
  • T1071.001 - Web Protocols
MITREへのリンク →

POLONIUM

Score: 4.41
Matched TTPs:
  • T1583.006 - Web Services
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

Wizard Spider

Score: 6.68
Matched TTPs:
  • T1210 - Exploitation of Remote Services
  • T1071.001 - Web Protocols
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Tropic Trooper

Score: 7.56
Matched TTPs:
  • T1573 - Encrypted Channel
  • T1573.002 - Asymmetric Cryptography
  • T1071.001 - Web Protocols
MITREへのリンク →

APT37

Score: 7.21
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1071.001 - Web Protocols
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

RedEcho

Score: 3.93
Matched TTPs:
  • T1573.002 - Asymmetric Cryptography
  • T1071.001 - Web Protocols
MITREへのリンク →

Higaisa

Score: 7.62
Matched TTPs:
  • T1001.003 - Protocol or Service Impersonation
  • T1071.001 - Web Protocols
  • T1124 - System Time Discovery
MITREへのリンク →

Dark Caracal

Score: 3.71
Matched TTPs:
  • T1071.001 - Web Protocols
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Daggerfly

Score: 4.02
Matched TTPs:
  • T1071.001 - Web Protocols
  • T1584.004 - Server
MITREへのリンク →

Sidewinder

Score: 3.78
Matched TTPs:
  • T1071.001 - Web Protocols
  • T1124 - System Time Discovery
MITREへのリンク →

Windshift

Score: 3.71
Matched TTPs:
  • T1071.001 - Web Protocols
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

PLATINUM

Score: 4.54
Matched TTPs:
  • T1056.004 - Credential API Hooking
MITREへのリンク →

RTM

Score: 3.29
Matched TTPs:
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Patchwork

Score: 3.29
Matched TTPs:
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

APT28

Score: 0.81
Matched TTPs:
  • T1584.008 - Network Devices
  • T1071.001 - Web Protocols
  • T1210 - Exploitation of Remote Services
  • T1211 - Exploitation for Defense Evasion
  • T1567 - Exfiltration Over Web Service
  • T1102.002 - Bidirectional Communication
  • T1557.004 - Evil Twin
  • T1583.006 - Web Services
  • T1040 - Network Sniffing
  • T1190 - Exploit Public-Facing Application
  • T1071.003 - Mail Protocols
  • T1498 - Network Denial of Service
MITREへのリンク →

Kimsuky

Score: 0.78
Matched TTPs:
  • T1102.001 - Dead Drop Resolver
  • T1560.003 - Archive via Custom Method
  • T1071.001 - Web Protocols
  • T1102.002 - Bidirectional Communication
  • T1583.006 - Web Services
  • T1587 - Develop Capabilities
  • T1040 - Network Sniffing
  • T1190 - Exploit Public-Facing Application
  • T1071.003 - Mail Protocols
  • T1583.004 - Server
  • T1583 - Acquire Infrastructure
  • T1608.001 - Upload Malware
  • T1657 - Financial Theft
MITREへのリンク →

Lazarus Group

Score: 0.69
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1071.001 - Web Protocols
  • T1584.004 - Server
  • T1566.003 - Spearphishing via Service
  • T1124 - System Time Discovery
  • T1102.002 - Bidirectional Communication
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
  • T1583.006 - Web Services
  • T1001.003 - Protocol or Service Impersonation
  • T1529 - System Shutdown/Reboot
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

Contagious Interview

Score: 0.68
Matched TTPs:
  • T1566.003 - Spearphishing via Service
  • T1567 - Exfiltration Over Web Service
  • T1681 - Search Threat Vendor Data
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
  • T1583.006 - Web Services
  • T1587 - Develop Capabilities
  • T1071.003 - Mail Protocols
  • T1583 - Acquire Infrastructure
  • T1608.001 - Upload Malware
  • T1657 - Financial Theft
MITREへのリンク →

Sandworm Team

Score: 0.64
Matched TTPs:
  • T1071.001 - Web Protocols
  • T1584.004 - Server
  • T1499 - Endpoint Denial of Service
  • T1102.002 - Bidirectional Communication
  • T1491.002 - External Defacement
  • T1040 - Network Sniffing
  • T1190 - Exploit Public-Facing Application
  • T1583.004 - Server
  • T1583 - Acquire Infrastructure
  • T1608.001 - Upload Malware
MITREへのリンク →

Turla

Score: 0.60
Matched TTPs:
  • T1071.001 - Web Protocols
  • T1584.004 - Server
  • T1584.003 - Virtual Private Server
  • T1124 - System Time Discovery
  • T1102.002 - Bidirectional Communication
  • T1583.006 - Web Services
  • T1584.006 - Web Services
  • T1102 - Web Service
  • T1071.003 - Mail Protocols
MITREへのリンク →

Mustang Panda

Score: 0.58
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1071.001 - Web Protocols
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
  • T1583.006 - Web Services
  • T1001.003 - Protocol or Service Impersonation
  • T1572 - Protocol Tunneling
  • T1102 - Web Service
  • T1027.007 - Dynamic API Resolution
  • T1608.001 - Upload Malware
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る