Trusted Design

UPS: Observations on CVE-2015-3113

概要

A June 23 FireEye blog post titled “Operation Clandestine Wolf” discussed a cyber espionage group, known as APT3, that had been exploiting a zero-day vulnerability in Adobe Flash. Unit 42 also tracks the APT3 group using the name UPS, which is an intrusion set with Chinese origins that is known for having early access to zero-day vulnerabilities and delivering a backdoor called Pirpi.

Created: 2026-02-23

Indicators

類似Pulses

APT Group UPS Targets US Government with HT Flash Exploit (score: 0.78)
Operation Clandestine Wolf – Adobe Flash Zero-Day APT3 Phishing (score: 0.72)
Multiple Chinese APT Groups Quickly Use Flash Zero-Day (score: 0.71)
Operation RussianDoll (score: 0.65)
An analysis of exploit supply chains and digital quartermasters (score: 0.65)

このPulseに関連する脅威アクター (事実ベース)

Ember Bear

Score: 9.65

Matched TTPs:

T1564.008 - Email Hiding Rules
T1070.009 - Clear Persistence
T1003.003 - NTDS

MITREへのリンク →

Sandworm Team

Score: 9.36

Matched TTPs:

T1564.008 - Email Hiding Rules
T1686.003 - Windows Host Firewall
T1070.009 - Clear Persistence

MITREへのリンク →

Volt Typhoon

Score: 8.51

Matched TTPs:

T1686.003 - Windows Host Firewall
T1057 - Process Discovery
T1070.009 - Clear Persistence

MITREへのリンク →

Storm-0501

Score: 8.69

Matched TTPs:

T1686.003 - Windows Host Firewall
T1588.001 - Malware
T1027.014 - Polymorphic Code

MITREへのリンク →

UNC3886

Score: 7.61

Matched TTPs:

T1021.006 - Windows Remote Management
T1588.001 - Malware
T1070.009 - Clear Persistence

MITREへのリンク →

Contagious Interview

Score: 5.51

Matched TTPs:

T1021.006 - Windows Remote Management
T1070.009 - Clear Persistence

MITREへのリンク →

APT29

Score: 5.23

Matched TTPs:

T1592.004 - Client Configurations
T1070.009 - Clear Persistence

MITREへのリンク →

APT32

Score: 10.07

Matched TTPs:

T1592.004 - Client Configurations
T1588.001 - Malware
T1027.014 - Polymorphic Code
T1070.009 - Clear Persistence

MITREへのリンク →

BRONZE BUTLER

Score: 5.23

Matched TTPs:

T1592.004 - Client Configurations
T1070.009 - Clear Persistence

MITREへのリンク →

Aquatic Panda

Score: 3.48

Matched TTPs:

T1588.001 - Malware
T1070.009 - Clear Persistence

MITREへのリンク →

Kimsuky

Score: 13.64

Matched TTPs:

T1588.001 - Malware
T1057 - Process Discovery
T1027.014 - Polymorphic Code
T1070.009 - Clear Persistence
T1003.003 - NTDS

MITREへのリンク →

FIN7

Score: 5.38

Matched TTPs:

T1588.001 - Malware
T1057 - Process Discovery

MITREへのリンク →

Wizard Spider

Score: 7.61

Matched TTPs:

T1588.001 - Malware
T1567.001 - Exfiltration to Code Repository
T1070.009 - Clear Persistence

MITREへのリンク →

FIN6

Score: 6.22

Matched TTPs:

T1588.001 - Malware
T1128 - Netsh Helper DLL
T1070.009 - Clear Persistence

MITREへのリンク →

Magic Hound

Score: 3.48

Matched TTPs:

T1588.001 - Malware
T1070.009 - Clear Persistence

MITREへのリンク →

Lazarus Group

Score: 6.76

Matched TTPs:

T1588.001 - Malware
T1057 - Process Discovery
T1070.009 - Clear Persistence

MITREへのリンク →

APT41

Score: 3.48

Matched TTPs:

T1588.001 - Malware
T1070.009 - Clear Persistence

MITREへのリンク →

APT33

Score: 4.13

Matched TTPs:

T1567.001 - Exfiltration to Code Repository

MITREへのリンク →

APT28

Score: 9.20

Matched TTPs:

T1057 - Process Discovery
T1070.009 - Clear Persistence
T1546.007 - Netsh Helper DLL

MITREへのリンク →

Moonstone Sleet

Score: 3.29

Matched TTPs:

T1057 - Process Discovery

MITREへのリンク →

Cobalt Group

Score: 6.87

Matched TTPs:

T1027.014 - Polymorphic Code
T1128 - Netsh Helper DLL
T1070.009 - Clear Persistence

MITREへのリンク →

Tropic Trooper

Score: 4.13

Matched TTPs:

T1128 - Netsh Helper DLL
T1070.009 - Clear Persistence

MITREへのリンク →

RedCurl

Score: 4.13

Matched TTPs:

T1128 - Netsh Helper DLL
T1070.009 - Clear Persistence

MITREへのリンク →

Medusa Group

Score: 4.13

Matched TTPs:

T1128 - Netsh Helper DLL
T1070.009 - Clear Persistence

MITREへのリンク →

OilRig

Score: 4.13

Matched TTPs:

T1128 - Netsh Helper DLL
T1070.009 - Clear Persistence

MITREへのリンク →

FIN8

Score: 4.13

Matched TTPs:

T1128 - Netsh Helper DLL
T1070.009 - Clear Persistence

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.82

Matched TTPs:

T1027.014 - Polymorphic Code
T1588.001 - Malware
T1057 - Process Discovery
T1003.003 - NTDS
T1070.009 - Clear Persistence

MITREへのリンク →

APT32

Score: 0.68

Matched TTPs:

T1027.014 - Polymorphic Code
T1592.004 - Client Configurations
T1588.001 - Malware
T1070.009 - Clear Persistence

MITREへのリンク →

APT28

Score: 0.63

Matched TTPs:

T1070.009 - Clear Persistence
T1546.007 - Netsh Helper DLL
T1057 - Process Discovery

MITREへのリンク →

Sandworm Team

Score: 0.62

Matched TTPs:

T1070.009 - Clear Persistence
T1564.008 - Email Hiding Rules
T1686.003 - Windows Host Firewall

MITREへのリンク →

Ember Bear

Score: 0.61

Matched TTPs:

T1003.003 - NTDS
T1070.009 - Clear Persistence
T1564.008 - Email Hiding Rules

MITREへのリンク →

Storm-0501

Score: 0.58

Matched TTPs:

T1027.014 - Polymorphic Code
T1588.001 - Malware
T1686.003 - Windows Host Firewall

MITREへのリンク →

Volt Typhoon

Score: 0.56

Matched TTPs:

T1070.009 - Clear Persistence
T1057 - Process Discovery
T1686.003 - Windows Host Firewall

MITREへのリンク →

Related CVEs

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る