Pulse Detail-

Signed Dridex Campaign

概要

Malware authors use various means to make their malware look similar to legitimate software. One such approach involves signing a malware sample with a digital certificate. Recently we saw Dridex malware authors using this technique while reviewing the samples in our Cloud Sandbox. Dridex is a banking Trojan which typically arrives to a system via malicious spam email with a Microsoft Office file as an attachment. These files will have embedded macros that lead to the download and installation of the Dridex Trojan. Dridex then attempts to steal the victim's banking credentials and system information.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

New Dridex infection vector identified (score: 0.79)
Drixed / Dridex - Sophisticated Banking Malware (score: 0.77)
Banking Malware Dridex Arrives via Phishing Email (score: 0.73)
Banking Trojan DRIDEX (score: 0.70)
Dridex actors distributing the Shifu banking Trojan (score: 0.70)

このPulseに関連する脅威アクター (事実ベース)

Lazarus Group

Score: 30.28

Matched TTPs:

T1132.001 - Standard Encoding
T1606.002 - SAML Tokens
T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1103 - AppInit DLLs
T1059.010 - AutoHotKey & AutoIT
T1070.008 - Clear Mailbox Data
T1199 - Trusted Relationship
T1567.002 - Exfiltration to Cloud Storage
T1055.005 - Thread Local Storage
T1578.001 - Create Snapshot
T1216 - System Script Proxy Execution

MITREへのリンク →

TA577

Score: 5.20

Matched TTPs:

T1132.001 - Standard Encoding
T1027.018 - Invisible Unicode

MITREへのリンク →

Moonstone Sleet

Score: 11.14

Matched TTPs:

T1132.001 - Standard Encoding
T1606.002 - SAML Tokens
T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media

MITREへのリンク →

Mustard Tempest

Score: 7.87

Matched TTPs:

T1682 - Query Public AI Services
T1091 - Replication Through Removable Media
T1027.018 - Invisible Unicode

MITREへのリンク →

Kimsuky

Score: 26.22

Matched TTPs:

T1606.002 - SAML Tokens
T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1103 - AppInit DLLs
T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media
T1552.003 - Shell History
T1199 - Trusted Relationship
T1562.013 - Disable or Modify Network Device Firewall
T1001 - Data Obfuscation
T1526 - Cloud Service Discovery
T1027.018 - Invisible Unicode
T1490 - Inhibit System Recovery

MITREへのリンク →

FIN13

Score: 7.04

Matched TTPs:

T1606.002 - SAML Tokens
T1059.010 - AutoHotKey & AutoIT
T1552.003 - Shell History
T1199 - Trusted Relationship

MITREへのリンク →

Contagious Interview

Score: 17.97

Matched TTPs:

T1606.002 - SAML Tokens
T1087.002 - Domain Account
T1091 - Replication Through Removable Media
T1064 - Scripting
T1552.003 - Shell History
T1199 - Trusted Relationship
T1221 - Template Injection
T1027.018 - Invisible Unicode

MITREへのリンク →

OilRig

Score: 22.06

Matched TTPs:

T1606.002 - SAML Tokens
T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1103 - AppInit DLLs
T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media
T1005 - Data from Local System
T1199 - Trusted Relationship
T1556.009 - Conditional Access Policies
T1526 - Cloud Service Discovery
T1027.018 - Invisible Unicode

MITREへのリンク →

UNC3886

Score: 7.15

Matched TTPs:

T1606.002 - SAML Tokens
T1136.002 - Domain Account
T1578.001 - Create Snapshot

MITREへのリンク →

LuminousMoth

Score: 10.67

Matched TTPs:

T1606.002 - SAML Tokens
T1103 - AppInit DLLs
T1091 - Replication Through Removable Media
T1136.002 - Domain Account
T1199 - Trusted Relationship
T1027.018 - Invisible Unicode

MITREへのリンク →

Sandworm Team

Score: 13.35

Matched TTPs:

T1606.002 - SAML Tokens
T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media
T1005 - Data from Local System
T1199 - Trusted Relationship
T1027.018 - Invisible Unicode

MITREへのリンク →

APT29

Score: 19.94

Matched TTPs:

T1606.002 - SAML Tokens
T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1592.004 - Client Configurations
T1568 - Dynamic Resolution
T1199 - Trusted Relationship
T1027.018 - Invisible Unicode
T1021.001 - Remote Desktop Protocol
T1490 - Inhibit System Recovery

MITREへのリンク →

Play

Score: 8.13

Matched TTPs:

T1606.002 - SAML Tokens
T1552.003 - Shell History
T1199 - Trusted Relationship
T1490 - Inhibit System Recovery

MITREへのリンク →

Aoqin Dragon

Score: 3.73

Matched TTPs:

T1606.002 - SAML Tokens
T1087.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

RedCurl

Score: 9.25

Matched TTPs:

T1606.002 - SAML Tokens
T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1574.010 - Services File Permissions Weakness
T1027.018 - Invisible Unicode

MITREへのリンク →

Moses Staff

Score: 4.88

Matched TTPs:

T1606.002 - SAML Tokens
T1103 - AppInit DLLs
T1199 - Trusted Relationship

MITREへのリンク →

Turla

Score: 17.21

Matched TTPs:

T1606.002 - SAML Tokens
T1059.010 - AutoHotKey & AutoIT
T1136.002 - Domain Account
T1199 - Trusted Relationship
T1556.009 - Conditional Access Policies
T1027.018 - Invisible Unicode
T1578.001 - Create Snapshot
T1490 - Inhibit System Recovery

MITREへのリンク →

Ke3chang

Score: 7.44

Matched TTPs:

T1606.002 - SAML Tokens
T1059.010 - AutoHotKey & AutoIT
T1199 - Trusted Relationship
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Mustang Panda

Score: 22.57

Matched TTPs:

T1606.002 - SAML Tokens
T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1103 - AppInit DLLs
T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media
T1199 - Trusted Relationship
T1567.002 - Exfiltration to Cloud Storage
T1526 - Cloud Service Discovery
T1055.005 - Thread Local Storage
T1027.018 - Invisible Unicode

MITREへのリンク →

TeamTNT

Score: 5.64

Matched TTPs:

T1606.002 - SAML Tokens
T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media

MITREへのリンク →

FIN7

Score: 21.24

Matched TTPs:

T1606.002 - SAML Tokens
T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1103 - AppInit DLLs
T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media
T1011.001 - Exfiltration Over Bluetooth
T1199 - Trusted Relationship
T1027.018 - Invisible Unicode
T1578.001 - Create Snapshot
T1490 - Inhibit System Recovery

MITREへのリンク →

Malteiro

Score: 5.75

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1059.010 - AutoHotKey & AutoIT
T1552.003 - Shell History

MITREへのリンク →

Machete

Score: 6.31

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1685.002 - Disable or Modify Cloud Log
T1027.018 - Invisible Unicode

MITREへのリンク →

Elderwood

Score: 3.02

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1027.018 - Invisible Unicode

MITREへのリンク →

Transparent Tribe

Score: 3.02

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1027.018 - Invisible Unicode

MITREへのリンク →

WIRTE

Score: 4.08

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1059.010 - AutoHotKey & AutoIT
T1199 - Trusted Relationship

MITREへのリンク →

CURIUM

Score: 4.25

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1578.001 - Create Snapshot

MITREへのリンク →

Tropic Trooper

Score: 5.90

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1059.010 - AutoHotKey & AutoIT
T1490 - Inhibit System Recovery

MITREへのリンク →

menuPass

Score: 9.17

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1103 - AppInit DLLs
T1059.010 - AutoHotKey & AutoIT
T1199 - Trusted Relationship
T1001 - Data Obfuscation

MITREへのリンク →

HEXANE

Score: 3.61

Matched TTPs:

T1087.002 - Domain Account
T1091 - Replication Through Removable Media
T1199 - Trusted Relationship

MITREへのリンク →

FIN8

Score: 7.02

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1199 - Trusted Relationship
T1526 - Cloud Service Discovery
T1027.018 - Invisible Unicode

MITREへのリンク →

Threat Group-3390

Score: 15.51

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media
T1199 - Trusted Relationship
T1001 - Data Obfuscation
T1526 - Cloud Service Discovery
T1546.017 - Udev Rules

MITREへのリンク →

BITTER

Score: 4.48

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1091 - Replication Through Removable Media
T1199 - Trusted Relationship

MITREへのリンク →

APT37

Score: 9.42

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1078 - Valid Accounts
T1216 - System Script Proxy Execution

MITREへのリンク →

LazyScripter

Score: 7.45

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1091 - Replication Through Removable Media
T1136.002 - Domain Account
T1027.018 - Invisible Unicode

MITREへのリンク →

PROMETHIUM

Score: 9.23

Matched TTPs:

T1087.002 - Domain Account
T1103 - AppInit DLLs
T1530 - Data from Cloud Storage
T1490 - Inhibit System Recovery

MITREへのリンク →

TA505

Score: 15.09

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1103 - AppInit DLLs
T1685.002 - Disable or Modify Cloud Log
T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media
T1136.002 - Domain Account
T1199 - Trusted Relationship
T1027.018 - Invisible Unicode

MITREへのリンク →

APT39

Score: 5.44

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1059.010 - AutoHotKey & AutoIT
T1199 - Trusted Relationship
T1027.018 - Invisible Unicode

MITREへのリンク →

Star Blizzard

Score: 4.48

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1091 - Replication Through Removable Media
T1199 - Trusted Relationship

MITREへのリンク →

Higaisa

Score: 12.82

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1059.010 - AutoHotKey & AutoIT
T1567.002 - Exfiltration to Cloud Storage
T1578.001 - Create Snapshot
T1546.017 - Udev Rules

MITREへのリンク →

Rancor

Score: 4.95

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1685.002 - Disable or Modify Cloud Log

MITREへのリンク →

Wizard Spider

Score: 12.58

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1103 - AppInit DLLs
T1199 - Trusted Relationship
T1556.009 - Conditional Access Policies
T1526 - Cloud Service Discovery
T1027.018 - Invisible Unicode

MITREへのリンク →

FIN4

Score: 7.16

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1574.010 - Services File Permissions Weakness
T1027.018 - Invisible Unicode

MITREへのリンク →

Cobalt Group

Score: 3.87

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1199 - Trusted Relationship
T1027.018 - Invisible Unicode

MITREへのリンク →

Storm-1811

Score: 3.21

Matched TTPs:

T1087.002 - Domain Account
T1059.010 - AutoHotKey & AutoIT
T1199 - Trusted Relationship

MITREへのリンク →

EXOTIC LILY

Score: 5.00

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1091 - Replication Through Removable Media
T1027.018 - Invisible Unicode

MITREへのリンク →

Saint Bear

Score: 10.78

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1103 - AppInit DLLs
T1091 - Replication Through Removable Media
T1064 - Scripting
T1027.018 - Invisible Unicode

MITREへのリンク →

FIN6

Score: 4.45

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1103 - AppInit DLLs
T1199 - Trusted Relationship

MITREへのリンク →

Patchwork

Score: 12.80

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1103 - AppInit DLLs
T1530 - Data from Cloud Storage
T1199 - Trusted Relationship
T1001 - Data Obfuscation
T1027.018 - Invisible Unicode

MITREへのリンク →

APT28

Score: 17.04

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1059.010 - AutoHotKey & AutoIT
T1199 - Trusted Relationship
T1588.003 - Code Signing Certificates
T1027.018 - Invisible Unicode
T1021.001 - Remote Desktop Protocol
T1566.003 - Spearphishing via Service

MITREへのリンク →

Gorgon Group

Score: 7.23

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1059.010 - AutoHotKey & AutoIT
T1199 - Trusted Relationship
T1001 - Data Obfuscation

MITREへのリンク →

APT19

Score: 4.08

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1059.010 - AutoHotKey & AutoIT
T1199 - Trusted Relationship

MITREへのリンク →

TA2541

Score: 14.61

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1091 - Replication Through Removable Media
T1136.002 - Domain Account
T1199 - Trusted Relationship
T1001 - Data Obfuscation
T1027.018 - Invisible Unicode
T1546.017 - Udev Rules

MITREへのリンク →

Earth Lusca

Score: 9.00

Matched TTPs:

T1087.002 - Domain Account
T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media
T1136.002 - Domain Account
T1199 - Trusted Relationship
T1027.018 - Invisible Unicode

MITREへのリンク →

SideCopy

Score: 7.77

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1091 - Replication Through Removable Media
T1584.002 - DNS Server

MITREへのリンク →

Mofang

Score: 6.17

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1027.018 - Invisible Unicode
T1546.017 - Udev Rules

MITREへのリンク →

Leviathan

Score: 9.68

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1103 - AppInit DLLs
T1059.010 - AutoHotKey & AutoIT
T1027.018 - Invisible Unicode
T1546.017 - Udev Rules

MITREへのリンク →

Andariel

Score: 4.12

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1136.002 - Domain Account

MITREへのリンク →

BRONZE BUTLER

Score: 10.52

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1059.010 - AutoHotKey & AutoIT
T1592.004 - Client Configurations
T1199 - Trusted Relationship
T1578.001 - Create Snapshot

MITREへのリンク →

APT38

Score: 16.88

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1685.002 - Disable or Modify Cloud Log
T1059.010 - AutoHotKey & AutoIT
T1199 - Trusted Relationship
T1059.005 - Visual Basic
T1027.018 - Invisible Unicode
T1216 - System Script Proxy Execution

MITREへのリンク →

MuddyWater

Score: 9.06

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1059.010 - AutoHotKey & AutoIT
T1199 - Trusted Relationship
T1059.013 - Container CLI/API
T1027.018 - Invisible Unicode

MITREへのリンク →

Molerats

Score: 12.96

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1103 - AppInit DLLs
T1685.002 - Disable or Modify Cloud Log
T1059.010 - AutoHotKey & AutoIT
T1027.018 - Invisible Unicode
T1546.017 - Udev Rules

MITREへのリンク →

Gamaredon Group

Score: 18.72

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media
T1199 - Trusted Relationship
T1061 - Graphical User Interface
T1059.013 - Container CLI/API
T1027.018 - Invisible Unicode
T1546.017 - Udev Rules

MITREへのリンク →

Darkhotel

Score: 11.60

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1103 - AppInit DLLs
T1059.010 - AutoHotKey & AutoIT
T1064 - Scripting
T1578.001 - Create Snapshot

MITREへのリンク →

APT32

Score: 12.36

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1091 - Replication Through Removable Media
T1592.004 - Client Configurations
T1199 - Trusted Relationship
T1027.018 - Invisible Unicode
T1490 - Inhibit System Recovery

MITREへのリンク →

The White Company

Score: 4.25

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1578.001 - Create Snapshot

MITREへのリンク →

APT33

Score: 6.80

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1199 - Trusted Relationship
T1027.018 - Invisible Unicode
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Silence

Score: 4.45

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1103 - AppInit DLLs
T1199 - Trusted Relationship

MITREへのリンク →

Sidewinder

Score: 5.61

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1027.018 - Invisible Unicode
T1578.001 - Create Snapshot

MITREへのリンク →

Confucius

Score: 3.02

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1027.018 - Invisible Unicode

MITREへのリンク →

BlackTech

Score: 7.02

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1199 - Trusted Relationship
T1526 - Cloud Service Discovery
T1027.018 - Invisible Unicode

MITREへのリンク →

Windshift

Score: 7.16

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1078 - Valid Accounts
T1027.018 - Invisible Unicode

MITREへのリンク →

APT41

Score: 3.66

Matched TTPs:

T1598.003 - Spearphishing Link
T1103 - AppInit DLLs
T1199 - Trusted Relationship

MITREへのリンク →

Winter Vivern

Score: 3.80

Matched TTPs:

T1598.003 - Spearphishing Link
T1059.010 - AutoHotKey & AutoIT
T1027.018 - Invisible Unicode

MITREへのリンク →

APT1

Score: 4.18

Matched TTPs:

T1598.003 - Spearphishing Link
T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

Scattered Spider

Score: 10.69

Matched TTPs:

T1103 - AppInit DLLs
T1136.002 - Domain Account
T1552.003 - Shell History
T1199 - Trusted Relationship
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Medusa Group

Score: 13.47

Matched TTPs:

T1103 - AppInit DLLs
T1552.003 - Shell History
T1199 - Trusted Relationship
T1216 - System Script Proxy Execution
T1094 - Custom Command and Control Protocol

MITREへのリンク →

Daggerfly

Score: 7.14

Matched TTPs:

T1103 - AppInit DLLs
T1530 - Data from Cloud Storage
T1027.018 - Invisible Unicode

MITREへのリンク →

ZIRCONIUM

Score: 8.80

Matched TTPs:

T1685.002 - Disable or Modify Cloud Log
T1059.010 - AutoHotKey & AutoIT
T1027.018 - Invisible Unicode
T1578.001 - Create Snapshot

MITREへのリンク →

Volt Typhoon

Score: 13.27

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1070.008 - Clear Mailbox Data
T1199 - Trusted Relationship
T1584.002 - DNS Server
T1578.001 - Create Snapshot

MITREへのリンク →

BlackByte

Score: 6.69

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media
T1001 - Data Obfuscation

MITREへのリンク →

Cinnamon Tempest

Score: 4.94

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1552.003 - Shell History
T1199 - Trusted Relationship

MITREへのリンク →

Rocke

Score: 5.19

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1059.013 - Container CLI/API

MITREへのリンク →

Ember Bear

Score: 6.30

Matched TTPs:

T1005 - Data from Local System
T1136.002 - Domain Account

MITREへのリンク →

LAPSUS$

Score: 6.24

Matched TTPs:

T1136.002 - Domain Account
T1199 - Trusted Relationship
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Metador

Score: 3.31

Matched TTPs:

T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

Aquatic Panda

Score: 3.31

Matched TTPs:

T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

BackdoorDiplomacy

Score: 3.31

Matched TTPs:

T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

INC Ransom

Score: 6.66

Matched TTPs:

T1552.003 - Shell History
T1199 - Trusted Relationship
T1562.013 - Disable or Modify Network Device Firewall

MITREへのリンク →

Storm-0501

Score: 5.45

Matched TTPs:

T1552.003 - Shell History
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

AppleJeus

Score: 5.81

Matched TTPs:

T1552.003 - Shell History
T1562.013 - Disable or Modify Network Device Firewall

MITREへのリンク →

Sea Turtle

Score: 14.96

Matched TTPs:

T1199 - Trusted Relationship
T1562.013 - Disable or Modify Network Device Firewall
T1685 - Disable or Modify Tools
T1059.013 - Container CLI/API
T1490 - Inhibit System Recovery

MITREへのリンク →

FIN10

Score: 3.52

Matched TTPs:

T1199 - Trusted Relationship
T1490 - Inhibit System Recovery

MITREへのリンク →

Chimera

Score: 3.44

Matched TTPs:

T1199 - Trusted Relationship
T1578.001 - Create Snapshot

MITREへのリンク →

Axiom

Score: 3.29

Matched TTPs:

T1562.013 - Disable or Modify Network Device Firewall

MITREへのリンク →

GOLD SOUTHFIELD

Score: 3.29

Matched TTPs:

T1562.013 - Disable or Modify Network Device Firewall

MITREへのリンク →

Stealth Falcon

Score: 3.62

Matched TTPs:

T1556.009 - Conditional Access Policies

MITREへのリンク →

HAFNIUM

Score: 5.59

Matched TTPs:

T1021.001 - Remote Desktop Protocol
T1490 - Inhibit System Recovery

MITREへのリンク →

Velvet Ant

Score: 6.80

Matched TTPs:

T1490 - Inhibit System Recovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Lazarus Group

Score: 0.76

Matched TTPs:

T1103 - AppInit DLLs
T1199 - Trusted Relationship
T1059.010 - AutoHotKey & AutoIT
T1055.005 - Thread Local Storage
T1567.002 - Exfiltration to Cloud Storage
T1070.008 - Clear Mailbox Data
T1087.002 - Domain Account
T1132.001 - Standard Encoding
T1216 - System Script Proxy Execution
T1598.003 - Spearphishing Link
T1578.001 - Create Snapshot
T1606.002 - SAML Tokens

MITREへのリンク →

Kimsuky

Score: 0.66

Matched TTPs:

T1103 - AppInit DLLs
T1199 - Trusted Relationship
T1562.013 - Disable or Modify Network Device Firewall
T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media
T1552.003 - Shell History
T1087.002 - Domain Account
T1027.018 - Invisible Unicode
T1598.003 - Spearphishing Link
T1001 - Data Obfuscation
T1606.002 - SAML Tokens
T1490 - Inhibit System Recovery
T1526 - Cloud Service Discovery

MITREへのリンク →

FIN7

Score: 0.61

Matched TTPs:

T1103 - AppInit DLLs
T1199 - Trusted Relationship
T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media
T1011.001 - Exfiltration Over Bluetooth
T1087.002 - Domain Account
T1027.018 - Invisible Unicode
T1598.003 - Spearphishing Link
T1578.001 - Create Snapshot
T1606.002 - SAML Tokens
T1490 - Inhibit System Recovery

MITREへのリンク →

Mustang Panda

Score: 0.56

Matched TTPs:

T1103 - AppInit DLLs
T1199 - Trusted Relationship
T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media
T1055.005 - Thread Local Storage
T1567.002 - Exfiltration to Cloud Storage
T1087.002 - Domain Account
T1027.018 - Invisible Unicode
T1598.003 - Spearphishing Link
T1606.002 - SAML Tokens
T1526 - Cloud Service Discovery

MITREへのリンク →

OilRig

Score: 0.55

Matched TTPs:

T1103 - AppInit DLLs
T1199 - Trusted Relationship
T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media
T1556.009 - Conditional Access Policies
T1087.002 - Domain Account
T1027.018 - Invisible Unicode
T1005 - Data from Local System
T1598.003 - Spearphishing Link
T1606.002 - SAML Tokens
T1526 - Cloud Service Discovery

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る

Signed Dridex Campaign

概要

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

Pulse – 脅威アクター グラフ

Pulse – 脅威アクターグラフ