Trusted Design

Defending the White Elephant

概要

Myanmar is a country currently engaged in an important political process. A pro-democracy reform took place in 2011 which has helped the government create an atmopshere conducive to investor interest. APT groups from multiple countries – including China – have been known to target organizations of strategic interest with aggressive malware-based espionage campaigns. One of the malware families used in such a scenario is the well-known Remote Access Trojan PlugX, also known as Korplug, that enables full access to the victim’s machine and network. Multiple instances of PlugX and related downloader malware were recently observed to be hosted on a Myanmar government website. Arbor ASERT provided information to the Myanmar CERT to help remediate the situation at hand in early August of 2015.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Kimsuky

Score: 25.92
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1585.001 - Social Media Accounts
  • T1218.010 - Regsvr32
  • T1027.002 - Software Packing
  • T1021.001 - Remote Desktop Protocol
  • T1588.005 - Exploits
MITREへのリンク →

Sea Turtle

Score: 9.59
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1190 - Exploit Public-Facing Application
  • T1199 - Trusted Relationship
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Ember Bear

Score: 20.57
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1491.002 - External Defacement
  • T1195 - Supply Chain Compromise
  • T1190 - Exploit Public-Facing Application
  • T1588.001 - Malware
  • T1203 - Exploitation for Client Execution
  • T1588.005 - Exploits
MITREへのリンク →

Indrik Spider

Score: 10.62
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1587.001 - Malware
  • T1136 - Create Account
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Agrius

Score: 7.72
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Contagious Interview

Score: 27.34
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1681 - Search Threat Vendor Data
  • T1593.003 - Code Repositories
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1585.001 - Social Media Accounts
  • T1204.004 - Malicious Copy and Paste
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Sandworm Team

Score: 32.32
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1491.002 - External Defacement
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1190 - Exploit Public-Facing Application
  • T1199 - Trusted Relationship
  • T1588.002 - Tool
  • T1585.001 - Social Media Accounts
  • T1592.002 - Software
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Star Blizzard

Score: 8.20
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1585.001 - Social Media Accounts
MITREへのリンク →

FIN13

Score: 7.63
Matched TTPs:
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Moonstone Sleet

Score: 13.43
Matched TTPs:
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1585.001 - Social Media Accounts
  • T1195.002 - Compromise Software Supply Chain
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Lazarus Group

Score: 23.02
Matched TTPs:
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1585.001 - Social Media Accounts
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1027.007 - Dynamic API Resolution
  • T1021.001 - Remote Desktop Protocol
  • T1124 - System Time Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

OilRig

Score: 21.89
Matched TTPs:
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1069.001 - Local Groups
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1573.002 - Asymmetric Cryptography
  • T1021.001 - Remote Desktop Protocol
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

UNC3886

Score: 14.24
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1681 - Search Threat Vendor Data
  • T1588.001 - Malware
  • T1203 - Exploitation for Client Execution
  • T1124 - System Time Discovery
MITREへのリンク →

LuminousMoth

Score: 7.38
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

Salt Typhoon

Score: 8.26
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1136 - Create Account
MITREへのリンク →

APT29

Score: 19.78
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1583.006 - Web Services
  • T1199 - Trusted Relationship
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1090.004 - Domain Fronting
  • T1027.002 - Software Packing
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Play

Score: 4.41
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
MITREへのリンク →

Aoqin Dragon

Score: 6.49
Matched TTPs:
  • T1587.001 - Malware
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1027.002 - Software Packing
MITREへのリンク →

RedCurl

Score: 7.59
Matched TTPs:
  • T1587.001 - Malware
  • T1199 - Trusted Relationship
  • T1573.002 - Asymmetric Cryptography
MITREへのリンク →

Cleaver

Score: 5.29
Matched TTPs:
  • T1587.001 - Malware
  • T1588.002 - Tool
  • T1585.001 - Social Media Accounts
MITREへのリンク →

Moses Staff

Score: 4.41
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
MITREへのリンク →

Turla

Score: 16.49
Matched TTPs:
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1069.001 - Local Groups
  • T1588.002 - Tool
  • T1189 - Drive-by Compromise
  • T1124 - System Time Discovery
MITREへのリンク →

Ke3chang

Score: 5.98
Matched TTPs:
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
MITREへのリンク →

Mustang Panda

Score: 25.95
Matched TTPs:
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1176.002 - IDE Extensions
  • T1608 - Stage Capabilities
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

TeamTNT

Score: 7.69
Matched TTPs:
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1027.002 - Software Packing
MITREへのリンク →

FIN7

Score: 17.14
Matched TTPs:
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1021.001 - Remote Desktop Protocol
  • T1124 - System Time Discovery
MITREへのリンク →

BRONZE BUTLER

Score: 11.01
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1518 - Software Discovery
  • T1124 - System Time Discovery
MITREへのリンク →

APT39

Score: 7.59
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1027.002 - Software Packing
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

WIRTE

Score: 5.16
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
MITREへのリンク →

APT38

Score: 6.24
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.002 - Tool
  • T1189 - Drive-by Compromise
  • T1027.002 - Software Packing
MITREへのリンク →

Volt Typhoon

Score: 16.08
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1069.001 - Local Groups
  • T1588.002 - Tool
  • T1027.002 - Software Packing
  • T1518 - Software Discovery
  • T1021.001 - Remote Desktop Protocol
  • T1124 - System Time Discovery
MITREへのリンク →

Darkhotel

Score: 7.42
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1124 - System Time Discovery
MITREへのリンク →

Earth Lusca

Score: 12.10
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1189 - Drive-by Compromise
MITREへのリンク →

Storm-1811

Score: 4.94
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.002 - Tool
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

ZIRCONIUM

Score: 8.22
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1583.006 - Web Services
  • T1027.002 - Software Packing
  • T1124 - System Time Discovery
MITREへのリンク →

MuddyWater

Score: 10.14
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

Gamaredon Group

Score: 6.40
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
MITREへのリンク →

TA505

Score: 8.90
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1027.002 - Software Packing
MITREへのリンク →

Threat Group-3390

Score: 20.98
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1608.002 - Upload Tool
  • T1199 - Trusted Relationship
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1027.002 - Software Packing
MITREへのリンク →

APT28

Score: 20.57
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1583.006 - Web Services
  • T1199 - Trusted Relationship
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1669 - Wi-Fi Networks
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

Winter Vivern

Score: 4.80
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1189 - Drive-by Compromise
MITREへのリンク →

menuPass

Score: 8.28
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1199 - Trusted Relationship
  • T1588.002 - Tool
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

BlackByte

Score: 6.66
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Leviathan

Score: 13.03
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1585.001 - Social Media Accounts
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Cinnamon Tempest

Score: 3.89
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
MITREへのリンク →

Rocke

Score: 5.09
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1027.002 - Software Packing
MITREへのリンク →

Tropic Trooper

Score: 8.55
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1203 - Exploitation for Client Execution
  • T1573.002 - Asymmetric Cryptography
  • T1518 - Software Discovery
MITREへのリンク →

APT19

Score: 6.93
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
  • T1189 - Drive-by Compromise
MITREへのリンク →

Higaisa

Score: 5.65
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1203 - Exploitation for Client Execution
  • T1124 - System Time Discovery
MITREへのリンク →

TA2541

Score: 12.09
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1573.002 - Asymmetric Cryptography
  • T1027.002 - Software Packing
MITREへのリンク →

Mustard Tempest

Score: 3.74
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1189 - Drive-by Compromise
MITREへのリンク →

LazyScripter

Score: 6.44
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1583.006 - Web Services
MITREへのリンク →

SideCopy

Score: 4.72
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1518 - Software Discovery
MITREへのリンク →

BITTER

Score: 4.32
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT32

Score: 13.18
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1585.001 - Social Media Accounts
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

HEXANE

Score: 12.71
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1069.001 - Local Groups
  • T1588.002 - Tool
  • T1585.001 - Social Media Accounts
  • T1518 - Software Discovery
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Saint Bear

Score: 7.53
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1027.002 - Software Packing
MITREへのリンク →

EXOTIC LILY

Score: 8.33
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1585.001 - Social Media Accounts
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT42

Score: 5.57
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1573.002 - Asymmetric Cryptography
MITREへのリンク →

BackdoorDiplomacy

Score: 4.78
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

GOLD SOUTHFIELD

Score: 7.14
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1199 - Trusted Relationship
  • T1195.002 - Compromise Software Supply Chain
MITREへのリンク →

BlackTech

Score: 3.81
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Magic Hound

Score: 16.45
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1585.001 - Social Media Accounts
  • T1592.002 - Software
  • T1189 - Drive-by Compromise
  • T1021.001 - Remote Desktop Protocol
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Medusa Group

Score: 21.79
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1608.002 - Upload Tool
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1585.001 - Social Media Accounts
  • T1573.002 - Asymmetric Cryptography
  • T1650 - Acquire Access
  • T1027.002 - Software Packing
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Storm-0501

Score: 10.40
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1580 - Cloud Infrastructure Discovery
  • T1218.010 - Regsvr32
  • T1027.002 - Software Packing
MITREへのリンク →

Fox Kitten

Score: 5.46
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1585.001 - Social Media Accounts
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

ToddyCat

Score: 3.99
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Blue Mockingbird

Score: 11.25
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
  • T1021.001 - Remote Desktop Protocol
  • T1574.012 - COR_PROFILER
MITREへのリンク →

GALLIUM

Score: 4.37
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1027.002 - Software Packing
MITREへのリンク →

INC Ransom

Score: 3.97
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Dragonfly

Score: 10.15
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Axiom

Score: 10.91
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1021.001 - Remote Desktop Protocol
  • T1001.002 - Steganography
MITREへのリンク →

APT41

Score: 10.44
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1027.002 - Software Packing
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

HAFNIUM

Score: 10.07
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1593.003 - Code Repositories
  • T1583.006 - Web Services
  • T1199 - Trusted Relationship
MITREへのリンク →

APT5

Score: 3.12
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Scattered Spider

Score: 15.27
Matched TTPs:
  • T1580 - Cloud Infrastructure Discovery
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1585.001 - Social Media Accounts
  • T1136 - Create Account
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

LAPSUS$

Score: 9.90
Matched TTPs:
  • T1593.003 - Code Repositories
  • T1588.001 - Malware
  • T1199 - Trusted Relationship
  • T1588.002 - Tool
MITREへのリンク →

Metador

Score: 3.31
Matched TTPs:
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

APT1

Score: 4.96
Matched TTPs:
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Aquatic Panda

Score: 4.96
Matched TTPs:
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Andariel

Score: 9.56
Matched TTPs:
  • T1588.001 - Malware
  • T1592.002 - Software
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Confucius

Score: 3.51
Matched TTPs:
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

POLONIUM

Score: 5.61
Matched TTPs:
  • T1583.006 - Web Services
  • T1199 - Trusted Relationship
  • T1588.002 - Tool
MITREへのリンク →

APT33

Score: 6.48
Matched TTPs:
  • T1552.006 - Group Policy Preferences
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Wizard Spider

Score: 6.63
Matched TTPs:
  • T1552.006 - Group Policy Preferences
  • T1588.002 - Tool
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Tonto Team

Score: 4.65
Matched TTPs:
  • T1069.001 - Local Groups
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

admin@338

Score: 4.65
Matched TTPs:
  • T1069.001 - Local Groups
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Chimera

Score: 8.24
Matched TTPs:
  • T1069.001 - Local Groups
  • T1588.002 - Tool
  • T1021.001 - Remote Desktop Protocol
  • T1124 - System Time Discovery
MITREへのリンク →

Inception

Score: 7.83
Matched TTPs:
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

FIN8

Score: 5.24
Matched TTPs:
  • T1588.002 - Tool
  • T1573.002 - Asymmetric Cryptography
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

FIN6

Score: 7.77
Matched TTPs:
  • T1588.002 - Tool
  • T1573.002 - Asymmetric Cryptography
  • T1021.001 - Remote Desktop Protocol
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Patchwork

Score: 7.81
Matched TTPs:
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1027.002 - Software Packing
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Cobalt Group

Score: 12.41
Matched TTPs:
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1573.002 - Asymmetric Cryptography
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

CURIUM

Score: 9.22
Matched TTPs:
  • T1585.001 - Social Media Accounts
  • T1189 - Drive-by Compromise
  • T1124 - System Time Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Daggerfly

Score: 4.69
Matched TTPs:
  • T1195.002 - Compromise Software Supply Chain
  • T1189 - Drive-by Compromise
MITREへのリンク →

Sidewinder

Score: 6.83
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
  • T1124 - System Time Discovery
MITREへのリンク →

The White Company

Score: 6.14
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1027.002 - Software Packing
  • T1124 - System Time Discovery
MITREへのリンク →

APT37

Score: 3.26
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

APT3

Score: 5.19
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1027.002 - Software Packing
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Transparent Tribe

Score: 3.26
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Elderwood

Score: 5.31
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1027.002 - Software Packing
MITREへのリンク →

Velvet Ant

Score: 6.88
Matched TTPs:
  • T1573.002 - Asymmetric Cryptography
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

Windshift

Score: 7.03
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1518 - Software Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Dark Caracal

Score: 6.34
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1027.002 - Software Packing
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Windigo

Score: 4.51
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1518 - Software Discovery
MITREへのリンク →

Equation

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

Strider

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Sandworm Team

Score: 0.84
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1608.001 - Upload Malware
  • T1199 - Trusted Relationship
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1195 - Supply Chain Compromise
  • T1592.002 - Software
  • T1140 - Deobfuscate/Decode Files or Information
  • T1585.001 - Social Media Accounts
  • T1491.002 - External Defacement
  • T1583 - Acquire Infrastructure
MITREへのリンク →

Contagious Interview

Score: 0.71
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1593.003 - Code Repositories
  • T1566.003 - Spearphishing via Service
  • T1587.001 - Malware
  • T1681 - Search Threat Vendor Data
  • T1588.002 - Tool
  • T1204.004 - Malicious Copy and Paste
  • T1583.006 - Web Services
  • T1583 - Acquire Infrastructure
  • T1585.001 - Social Media Accounts
MITREへのリンク →

Kimsuky

Score: 0.70
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1608.001 - Upload Malware
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1021.001 - Remote Desktop Protocol
  • T1588.005 - Exploits
  • T1588.002 - Tool
  • T1027.002 - Software Packing
  • T1583.006 - Web Services
  • T1140 - Deobfuscate/Decode Files or Information
  • T1583 - Acquire Infrastructure
  • T1585.001 - Social Media Accounts
MITREへのリンク →

Mustang Panda

Score: 0.70
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1608.001 - Upload Malware
  • T1587.001 - Malware
  • T1176.002 - IDE Extensions
  • T1588.002 - Tool
  • T1518 - Software Discovery
  • T1027.007 - Dynamic API Resolution
  • T1608 - Stage Capabilities
  • T1583.006 - Web Services
  • T1140 - Deobfuscate/Decode Files or Information
MITREへのリンク →

Lazarus Group

Score: 0.64
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
  • T1587.001 - Malware
  • T1021.001 - Remote Desktop Protocol
  • T1189 - Drive-by Compromise
  • T1588.002 - Tool
  • T1124 - System Time Discovery
  • T1027.007 - Dynamic API Resolution
  • T1583.006 - Web Services
  • T1140 - Deobfuscate/Decode Files or Information
  • T1585.001 - Social Media Accounts
MITREへのリンク →

Medusa Group

Score: 0.62
Matched TTPs:
  • T1650 - Acquire Access
  • T1608.002 - Upload Tool
  • T1190 - Exploit Public-Facing Application
  • T1021.001 - Remote Desktop Protocol
  • T1573.002 - Asymmetric Cryptography
  • T1588.002 - Tool
  • T1027.002 - Software Packing
  • T1583.006 - Web Services
  • T1585.001 - Social Media Accounts
MITREへのリンク →

OilRig

Score: 0.61
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1608.001 - Upload Malware
  • T1587.001 - Malware
  • T1021.001 - Remote Desktop Protocol
  • T1573.002 - Asymmetric Cryptography
  • T1588.002 - Tool
  • T1069.001 - Local Groups
  • T1195 - Supply Chain Compromise
  • T1140 - Deobfuscate/Decode Files or Information
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Threat Group-3390

Score: 0.60
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1608.001 - Upload Malware
  • T1199 - Trusted Relationship
  • T1608.002 - Upload Tool
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1027.002 - Software Packing
  • T1140 - Deobfuscate/Decode Files or Information
  • T1189 - Drive-by Compromise
MITREへのリンク →

APT28

Score: 0.58
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1199 - Trusted Relationship
  • T1190 - Exploit Public-Facing Application
  • T1669 - Wi-Fi Networks
  • T1588.002 - Tool
  • T1211 - Exploitation for Defense Evasion
  • T1583.006 - Web Services
  • T1140 - Deobfuscate/Decode Files or Information
  • T1189 - Drive-by Compromise
MITREへのリンク →

APT29

Score: 0.55
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1199 - Trusted Relationship
  • T1090.004 - Domain Fronting
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1027.002 - Software Packing
  • T1583.006 - Web Services
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る