Trusted Design

Darkhotel’s attacks in 2015

概要

Darkhotel APT attacks dated 2014 and earlier are characterized by the misuse of stolen certificates, the deployment of .hta files with multiple techniques, and the use of unusual methods like the infiltration of hotel Wi-Fi to place backdoors in targets’ systems. In 2015, many of these techniques and activities remain in use. However, in addition to new variants of malicious .hta, we find new victims, .rar attachments with RTLO spearphishing, and the deployment of a 0day from Hacking Team. Kaspersky Labs' Global Research & Analysis Team

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Volt Typhoon

Score: 29.97
Matched TTPs:
  • T1584.008 - Network Devices
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1591 - Gather Victim Org Information
  • T1590 - Gather Victim Network Information
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1570 - Lateral Tool Transfer
  • T1518 - Software Discovery
  • T1596.005 - Scan Databases
  • T1090.001 - Internal Proxy
MITREへのリンク →

APT28

Score: 56.20
Matched TTPs:
  • T1584.008 - Network Devices
  • T1025 - Data from Removable Media
  • T1040 - Network Sniffing
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1557.004 - Evil Twin
  • T1595.002 - Vulnerability Scanning
  • T1596 - Search Open Technical Databases
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1598 - Phishing for Information
  • T1498 - Network Denial of Service
  • T1669 - Wi-Fi Networks
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

ZIRCONIUM

Score: 15.23
Matched TTPs:
  • T1584.008 - Network Devices
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1583.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1598 - Phishing for Information
MITREへのリンク →

Leviathan

Score: 13.90
Matched TTPs:
  • T1584.008 - Network Devices
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1595.002 - Vulnerability Scanning
  • T1203 - Exploitation for Client Execution
  • T1027.015 - Compression
MITREへのリンク →

Mustard Tempest

Score: 11.05
Matched TTPs:
  • T1583.008 - Malvertising
  • T1608.001 - Upload Malware
  • T1608.006 - SEO Poisoning
MITREへのリンク →

OilRig

Score: 20.15
Matched TTPs:
  • T1025 - Data from Removable Media
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Gamaredon Group

Score: 18.10
Matched TTPs:
  • T1025 - Data from Removable Media
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1027.015 - Compression
MITREへのリンク →

Turla

Score: 23.85
Matched TTPs:
  • T1025 - Data from Removable Media
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1584.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1570 - Lateral Tool Transfer
  • T1090.001 - Internal Proxy
MITREへのリンク →

Kimsuky

Score: 32.83
Matched TTPs:
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1596 - Search Open Technical Databases
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1598 - Phishing for Information
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

FIN13

Score: 11.10
Matched TTPs:
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1090.001 - Internal Proxy
MITREへのリンク →

Moonstone Sleet

Score: 17.81
Matched TTPs:
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1591 - Gather Victim Org Information
  • T1195.002 - Compromise Software Supply Chain
  • T1598 - Phishing for Information
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Indrik Spider

Score: 5.94
Matched TTPs:
  • T1587.001 - Malware
  • T1590 - Gather Victim Network Information
MITREへのリンク →

Lazarus Group

Score: 26.40
Matched TTPs:
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1070 - Indicator Removal
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
  • T1090.001 - Internal Proxy
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Contagious Interview

Score: 31.98
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1681 - Search Threat Vendor Data
  • T1593.003 - Code Repositories
  • T1204.005 - Malicious Library
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1204.004 - Malicious Copy and Paste
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

UNC3886

Score: 14.46
Matched TTPs:
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1190 - Exploit Public-Facing Application
  • T1681 - Search Threat Vendor Data
  • T1203 - Exploitation for Client Execution
  • T1570 - Lateral Tool Transfer
MITREへのリンク →

LuminousMoth

Score: 4.92
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
MITREへのリンク →

Sandworm Team

Score: 39.64
Matched TTPs:
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1595.002 - Vulnerability Scanning
  • T1591.002 - Business Relationships
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1592.002 - Software
  • T1195.002 - Compromise Software Supply Chain
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1570 - Lateral Tool Transfer
MITREへのリンク →

Salt Typhoon

Score: 7.45
Matched TTPs:
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
MITREへのリンク →

APT29

Score: 21.20
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1595.002 - Vulnerability Scanning
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
  • T1562.008 - Disable or Modify Cloud Logs
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Play

Score: 4.41
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
MITREへのリンク →

Aoqin Dragon

Score: 8.86
Matched TTPs:
  • T1587.001 - Malware
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1570 - Lateral Tool Transfer
MITREへのリンク →

RedCurl

Score: 4.62
Matched TTPs:
  • T1587.001 - Malware
  • T1102 - Web Service
MITREへのリンク →

Moses Staff

Score: 4.41
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
MITREへのリンク →

Ke3chang

Score: 9.42
Matched TTPs:
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1036.002 - Right-to-Left Override
  • T1588.002 - Tool
MITREへのリンク →

Mustang Panda

Score: 31.24
Matched TTPs:
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1070 - Indicator Removal
  • T1102 - Web Service
  • T1608 - Stage Capabilities
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1678 - Delay Execution
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

TeamTNT

Score: 17.48
Matched TTPs:
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1595.002 - Vulnerability Scanning
  • T1610 - Deploy Container
  • T1102 - Web Service
MITREへのリンク →

FIN7

Score: 21.33
Matched TTPs:
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

Velvet Ant

Score: 12.33
Matched TTPs:
  • T1040 - Network Sniffing
  • T1570 - Lateral Tool Transfer
  • T1090.001 - Internal Proxy
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

APT33

Score: 5.38
Matched TTPs:
  • T1040 - Network Sniffing
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

DarkVishnya

Score: 8.42
Matched TTPs:
  • T1040 - Network Sniffing
  • T1588.002 - Tool
  • T1200 - Hardware Additions
MITREへのリンク →

BRONZE BUTLER

Score: 15.57
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1036.002 - Right-to-Left Override
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

APT39

Score: 9.21
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1090.001 - Internal Proxy
MITREへのリンク →

Agrius

Score: 7.46
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1570 - Lateral Tool Transfer
MITREへのリンク →

APT38

Score: 6.04
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.002 - Tool
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Molerats

Score: 4.72
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1027.015 - Compression
MITREへのリンク →

Darkhotel

Score: 3.06
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Earth Lusca

Score: 16.83
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1595.002 - Vulnerability Scanning
  • T1583.006 - Web Services
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1584.006 - Web Services
MITREへのリンク →

Storm-1811

Score: 13.90
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1566.004 - Spearphishing Voice
  • T1570 - Lateral Tool Transfer
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

MuddyWater

Score: 15.28
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1583.006 - Web Services
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

TA505

Score: 4.39
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
MITREへのリンク →

Threat Group-3390

Score: 20.31
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1608.002 - Upload Tool
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1027.015 - Compression
MITREへのリンク →

Winter Vivern

Score: 15.98
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1595.002 - Vulnerability Scanning
  • T1056.003 - Web Portal Capture
  • T1584.006 - Web Services
MITREへのリンク →

menuPass

Score: 8.82
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
MITREへのリンク →

BlackByte

Score: 7.25
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1570 - Lateral Tool Transfer
MITREへのリンク →

Cinnamon Tempest

Score: 3.89
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
MITREへのリンク →

Rocke

Score: 8.85
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1102 - Web Service
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Tropic Trooper

Score: 9.43
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

Higaisa

Score: 9.14
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1203 - Exploitation for Client Execution
  • T1090.001 - Internal Proxy
  • T1027.015 - Compression
MITREへのリンク →

TA2541

Score: 7.99
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1027.015 - Compression
MITREへのリンク →

LazyScripter

Score: 8.69
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1102 - Web Service
  • T1583.006 - Web Services
MITREへのリンク →

Star Blizzard

Score: 9.73
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1598.002 - Spearphishing Attachment
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
MITREへのリンク →

SideCopy

Score: 8.34
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1598.002 - Spearphishing Attachment
  • T1518 - Software Discovery
MITREへのリンク →

BITTER

Score: 7.94
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT32

Score: 13.27
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1570 - Lateral Tool Transfer
MITREへのリンク →

HEXANE

Score: 7.97
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1518 - Software Discovery
MITREへのリンク →

Saint Bear

Score: 5.48
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

EXOTIC LILY

Score: 8.51
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1102 - Web Service
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT42

Score: 8.97
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1070 - Indicator Removal
  • T1102 - Web Service
  • T1588.002 - Tool
MITREへのリンク →

Ember Bear

Score: 16.57
Matched TTPs:
  • T1195 - Supply Chain Compromise
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1595.002 - Vulnerability Scanning
  • T1210 - Exploitation of Remote Services
  • T1203 - Exploitation for Client Execution
  • T1570 - Lateral Tool Transfer
MITREへのリンク →

GOLD SOUTHFIELD

Score: 4.40
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1195.002 - Compromise Software Supply Chain
MITREへのリンク →

BlackTech

Score: 7.25
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1036.002 - Right-to-Left Override
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Magic Hound

Score: 30.62
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1016.002 - Wi-Fi Discovery
  • T1595.002 - Vulnerability Scanning
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1573 - Encrypted Channel
  • T1592.002 - Software
  • T1102.002 - Bidirectional Communication
  • T1570 - Lateral Tool Transfer
  • T1591.001 - Determine Physical Locations
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Medusa Group

Score: 18.86
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1608.002 - Upload Tool
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1570 - Lateral Tool Transfer
  • T1529 - System Shutdown/Reboot
  • T1218.014 - MMC
MITREへのリンク →

Sea Turtle

Score: 3.81
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Fox Kitten

Score: 6.74
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1102 - Web Service
  • T1210 - Exploitation of Remote Services
MITREへのリンク →

ToddyCat

Score: 3.99
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

GALLIUM

Score: 4.55
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1570 - Lateral Tool Transfer
MITREへのリンク →

Volatile Cedar

Score: 8.19
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1595.002 - Vulnerability Scanning
  • T1595.003 - Wordlist Scanning
MITREへのリンク →

INC Ransom

Score: 4.55
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1570 - Lateral Tool Transfer
MITREへのリンク →

Dragonfly

Score: 19.55
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1595.002 - Vulnerability Scanning
  • T1591.002 - Business Relationships
  • T1598.002 - Spearphishing Attachment
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT41

Score: 26.96
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1595.002 - Vulnerability Scanning
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1595.003 - Wordlist Scanning
  • T1570 - Lateral Tool Transfer
  • T1213.003 - Code Repositories
  • T1596.005 - Scan Databases
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

HAFNIUM

Score: 15.71
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1593.003 - Code Repositories
  • T1592.004 - Client Configurations
  • T1583.006 - Web Services
  • T1590 - Gather Victim Network Information
MITREへのリンク →

APT5

Score: 5.09
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1070 - Indicator Removal
MITREへのリンク →

Windshift

Score: 7.46
Matched TTPs:
  • T1036 - Masquerading
  • T1518 - Software Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

MoustachedBouncer

Score: 4.54
Matched TTPs:
  • T1659 - Content Injection
MITREへのリンク →

Aquatic Panda

Score: 3.44
Matched TTPs:
  • T1595.002 - Vulnerability Scanning
  • T1588.002 - Tool
MITREへのリンク →

LAPSUS$

Score: 12.38
Matched TTPs:
  • T1591.002 - Business Relationships
  • T1593.003 - Code Repositories
  • T1588.002 - Tool
  • T1213.003 - Code Repositories
MITREへのリンク →

Ferocious Kitten

Score: 4.29
Matched TTPs:
  • T1036.002 - Right-to-Left Override
  • T1588.002 - Tool
MITREへのリンク →

Scarlet Mimic

Score: 3.44
Matched TTPs:
  • T1036.002 - Right-to-Left Override
MITREへのリンク →

Inception

Score: 7.61
Matched TTPs:
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

FIN6

Score: 5.90
Matched TTPs:
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

FIN8

Score: 3.37
Matched TTPs:
  • T1102 - Web Service
  • T1588.002 - Tool
MITREへのリンク →

Confucius

Score: 3.51
Matched TTPs:
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

POLONIUM

Score: 5.26
Matched TTPs:
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

Sidewinder

Score: 7.86
Matched TTPs:
  • T1598.002 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

Wizard Spider

Score: 5.83
Matched TTPs:
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1570 - Lateral Tool Transfer
MITREへのリンク →

Tonto Team

Score: 4.24
Matched TTPs:
  • T1210 - Exploitation of Remote Services
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Scattered Spider

Score: 8.13
Matched TTPs:
  • T1588.002 - Tool
  • T1598 - Phishing for Information
  • T1213.003 - Code Repositories
MITREへのリンク →

Patchwork

Score: 5.63
Matched TTPs:
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Cobalt Group

Score: 5.27
Matched TTPs:
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Lotus Blossom

Score: 3.78
Matched TTPs:
  • T1588.002 - Tool
  • T1090.001 - Internal Proxy
MITREへのリンク →

FIN10

Score: 3.08
Matched TTPs:
  • T1588.002 - Tool
  • T1570 - Lateral Tool Transfer
MITREへのリンク →

Chimera

Score: 3.08
Matched TTPs:
  • T1588.002 - Tool
  • T1570 - Lateral Tool Transfer
MITREへのリンク →

Carbanak

Score: 3.25
Matched TTPs:
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

CURIUM

Score: 6.14
Matched TTPs:
  • T1584.006 - Web Services
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Andariel

Score: 5.34
Matched TTPs:
  • T1592.002 - Software
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT37

Score: 7.51
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

APT12

Score: 3.89
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Equation

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

Strider

Score: 7.06
Matched TTPs:
  • T1564.005 - Hidden File System
  • T1090.001 - Internal Proxy
MITREへのリンク →

RTM

Score: 3.29
Matched TTPs:
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Mofang

Score: 3.15
Matched TTPs:
  • T1027.015 - Compression
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

APT28

Score: 0.86
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1596 - Search Open Technical Databases
  • T1203 - Exploitation for Client Execution
  • T1584.008 - Network Devices
  • T1583.006 - Web Services
  • T1211 - Exploitation for Defense Evasion
  • T1557.004 - Evil Twin
  • T1102.002 - Bidirectional Communication
  • T1040 - Network Sniffing
  • T1669 - Wi-Fi Networks
  • T1595.002 - Vulnerability Scanning
  • T1598 - Phishing for Information
  • T1140 - Deobfuscate/Decode Files or Information
  • T1025 - Data from Removable Media
  • T1210 - Exploitation of Remote Services
  • T1036 - Masquerading
  • T1591 - Gather Victim Org Information
  • T1498 - Network Denial of Service
  • T1588.002 - Tool
MITREへのリンク →

Sandworm Team

Score: 0.61
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1190 - Exploit Public-Facing Application
  • T1040 - Network Sniffing
  • T1587.001 - Malware
  • T1591.002 - Business Relationships
  • T1593 - Search Open Websites/Domains
  • T1203 - Exploitation for Client Execution
  • T1036 - Masquerading
  • T1592.002 - Software
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1595.002 - Vulnerability Scanning
  • T1140 - Deobfuscate/Decode Files or Information
  • T1195.002 - Compromise Software Supply Chain
  • T1570 - Lateral Tool Transfer
  • T1195 - Supply Chain Compromise
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る