Trusted Design

Operation Arid Viper Slithers Back into View

概要

Earlier this year, researchers published analyses of targeted attack known as Operation Arid Viper (aka Desert Falcons, aka DHS) directed primarily at organizations in the Middle East. Delivering a backdoor and spyware, this campaign was designed to steal information from infected systems using a malware client capable of filtering out “uninteresting” files, and spread primarily via a targeted phishing email usually promising a pornographic video.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Volt Typhoon

Score: 42.31
Matched TTPs:
  • T1592 - Gather Victim Host Information
  • T1594 - Search Victim-Owned Websites
  • T1590.004 - Network Topology
  • T1140 - Deobfuscate/Decode Files or Information
  • T1590.006 - Network Security Appliances
  • T1584.005 - Botnet
  • T1591 - Gather Victim Org Information
  • T1590 - Gather Victim Network Information
  • T1593 - Search Open Websites/Domains
  • T1591.004 - Identify Roles
  • T1518 - Software Discovery
  • T1596.005 - Scan Databases
MITREへのリンク →

LAPSUS$

Score: 14.75
Matched TTPs:
  • T1597.002 - Purchase Technical Data
  • T1591.002 - Business Relationships
  • T1199 - Trusted Relationship
  • T1591.004 - Identify Roles
MITREへのリンク →

Ember Bear

Score: 18.38
Matched TTPs:
  • T1491.002 - External Defacement
  • T1036 - Masquerading
  • T1595.002 - Vulnerability Scanning
  • T1125 - Video Capture
  • T1203 - Exploitation for Client Execution
  • T1595.001 - Scanning IP Blocks
MITREへのリンク →

Sandworm Team

Score: 36.67
Matched TTPs:
  • T1491.002 - External Defacement
  • T1594 - Search Victim-Owned Websites
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1595.002 - Vulnerability Scanning
  • T1591.002 - Business Relationships
  • T1584.005 - Botnet
  • T1199 - Trusted Relationship
  • T1593 - Search Open Websites/Domains
  • T1592.002 - Software
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Andariel

Score: 9.18
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1592.002 - Software
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Magic Hound

Score: 22.98
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1595.002 - Vulnerability Scanning
  • T1583.006 - Web Services
  • T1573 - Encrypted Channel
  • T1592.002 - Software
  • T1591.001 - Determine Physical Locations
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

HAFNIUM

Score: 24.45
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1583.005 - Botnet
  • T1592.004 - Client Configurations
  • T1584.005 - Botnet
  • T1583.006 - Web Services
  • T1590 - Gather Victim Network Information
  • T1199 - Trusted Relationship
MITREへのリンク →

APT41

Score: 16.48
Matched TTPs:
  • T1568.002 - Domain Generation Algorithms
  • T1595.002 - Vulnerability Scanning
  • T1203 - Exploitation for Client Execution
  • T1595.003 - Wordlist Scanning
  • T1596.005 - Scan Databases
MITREへのリンク →

TA551

Score: 6.32
Matched TTPs:
  • T1568.002 - Domain Generation Algorithms
  • T1036 - Masquerading
MITREへのリンク →

Silent Librarian

Score: 3.29
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
MITREへのリンク →

Kimsuky

Score: 39.13
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1596 - Search Open Technical Databases
  • T1593.002 - Search Engines
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1593 - Search Open Websites/Domains
  • T1593.001 - Social Media
  • T1598 - Phishing for Information
  • T1588.003 - Code Signing Certificates
MITREへのリンク →

EXOTIC LILY

Score: 17.66
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1608.001 - Upload Malware
  • T1597 - Search Closed Sources
  • T1593.001 - Social Media
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

TA578

Score: 5.30
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1583.006 - Web Services
MITREへのリンク →

FIN13

Score: 12.22
Matched TTPs:
  • T1587.001 - Malware
  • T1590.004 - Network Topology
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1657 - Financial Theft
MITREへのリンク →

Moonstone Sleet

Score: 14.88
Matched TTPs:
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1591 - Gather Victim Org Information
  • T1598 - Phishing for Information
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Indrik Spider

Score: 5.94
Matched TTPs:
  • T1587.001 - Malware
  • T1590 - Gather Victim Network Information
MITREへのリンク →

Lazarus Group

Score: 20.73
Matched TTPs:
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1203 - Exploitation for Client Execution
  • T1027.007 - Dynamic API Resolution
  • T1566.003 - Spearphishing via Service
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Contagious Interview

Score: 28.42
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1681 - Search Threat Vendor Data
  • T1657 - Financial Theft
  • T1480 - Execution Guardrails
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1593.001 - Social Media
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

OilRig

Score: 17.74
Matched TTPs:
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1203 - Exploitation for Client Execution
  • T1573.002 - Asymmetric Cryptography
  • T1588.003 - Code Signing Certificates
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

UNC3886

Score: 7.72
Matched TTPs:
  • T1587.001 - Malware
  • T1681 - Search Threat Vendor Data
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

LuminousMoth

Score: 4.07
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
MITREへのリンク →

Salt Typhoon

Score: 5.94
Matched TTPs:
  • T1587.001 - Malware
  • T1590.004 - Network Topology
MITREへのリンク →

APT29

Score: 20.93
Matched TTPs:
  • T1587.001 - Malware
  • T1595.002 - Vulnerability Scanning
  • T1550.003 - Pass the Ticket
  • T1583.006 - Web Services
  • T1199 - Trusted Relationship
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Play

Score: 4.62
Matched TTPs:
  • T1587.001 - Malware
  • T1657 - Financial Theft
MITREへのリンク →

Aoqin Dragon

Score: 5.78
Matched TTPs:
  • T1587.001 - Malware
  • T1036 - Masquerading
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

RedCurl

Score: 7.59
Matched TTPs:
  • T1587.001 - Malware
  • T1199 - Trusted Relationship
  • T1573.002 - Asymmetric Cryptography
MITREへのリンク →

Turla

Score: 5.68
Matched TTPs:
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1583.006 - Web Services
MITREへのリンク →

Ke3chang

Score: 7.51
Matched TTPs:
  • T1587.001 - Malware
  • T1583.005 - Botnet
  • T1140 - Deobfuscate/Decode Files or Information
MITREへのリンク →

Mustang Panda

Score: 22.46
Matched TTPs:
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
  • T1588.003 - Code Signing Certificates
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

TeamTNT

Score: 14.55
Matched TTPs:
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1595.002 - Vulnerability Scanning
  • T1595.001 - Scanning IP Blocks
MITREへのリンク →

FIN7

Score: 18.40
Matched TTPs:
  • T1587.001 - Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1125 - Video Capture
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1591.004 - Identify Roles
MITREへのリンク →

APT5

Score: 3.84
Matched TTPs:
  • T1583.005 - Botnet
MITREへのリンク →

BRONZE BUTLER

Score: 11.84
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1550.003 - Pass the Ticket
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

Agrius

Score: 3.75
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
MITREへのリンク →

APT38

Score: 5.19
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Molerats

Score: 4.72
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1027.015 - Compression
MITREへのリンク →

Darkhotel

Score: 3.06
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Earth Lusca

Score: 8.14
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1595.002 - Vulnerability Scanning
  • T1583.006 - Web Services
MITREへのリンク →

Storm-1811

Score: 6.28
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

ZIRCONIUM

Score: 9.21
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1583.006 - Web Services
  • T1598 - Phishing for Information
MITREへのリンク →

MuddyWater

Score: 7.82
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

Gamaredon Group

Score: 12.55
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1480 - Execution Guardrails
  • T1583.006 - Web Services
  • T1027.015 - Compression
MITREへのリンク →

TA505

Score: 3.54
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
MITREへのリンク →

Threat Group-3390

Score: 14.08
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1199 - Trusted Relationship
  • T1203 - Exploitation for Client Execution
  • T1588.003 - Code Signing Certificates
  • T1027.015 - Compression
MITREへのリンク →

APT28

Score: 27.59
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1595.002 - Vulnerability Scanning
  • T1596 - Search Open Technical Databases
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1199 - Trusted Relationship
  • T1203 - Exploitation for Client Execution
  • T1598 - Phishing for Information
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

Winter Vivern

Score: 6.35
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1595.002 - Vulnerability Scanning
MITREへのリンク →

menuPass

Score: 6.50
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1199 - Trusted Relationship
MITREへのリンク →

BlackByte

Score: 7.39
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1480 - Execution Guardrails
MITREへのリンク →

Leviathan

Score: 8.80
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1595.002 - Vulnerability Scanning
  • T1203 - Exploitation for Client Execution
  • T1027.015 - Compression
MITREへのリンク →

Cinnamon Tempest

Score: 4.09
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1657 - Financial Theft
MITREへのリンク →

Tropic Trooper

Score: 12.18
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
  • T1573.002 - Asymmetric Cryptography
  • T1518 - Software Discovery
MITREへのリンク →

Malteiro

Score: 4.09
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1657 - Financial Theft
MITREへのリンク →

Higaisa

Score: 6.21
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1203 - Exploitation for Client Execution
  • T1027.015 - Compression
MITREへのリンク →

TA2541

Score: 9.88
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1573.002 - Asymmetric Cryptography
  • T1027.015 - Compression
MITREへのリンク →

Mustard Tempest

Score: 6.51
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1608.006 - SEO Poisoning
MITREへのリンク →

LazyScripter

Score: 6.17
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1583.006 - Web Services
MITREへのリンク →

Star Blizzard

Score: 5.26
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1593 - Search Open Websites/Domains
MITREへのリンク →

SideCopy

Score: 4.72
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1518 - Software Discovery
MITREへのリンク →

BITTER

Score: 7.09
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT32

Score: 11.51
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1550.003 - Pass the Ticket
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

HEXANE

Score: 8.34
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1591.004 - Identify Roles
  • T1518 - Software Discovery
MITREへのリンク →

Saint Bear

Score: 5.48
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT42

Score: 4.72
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1573.002 - Asymmetric Cryptography
MITREへのリンク →

Windshift

Score: 7.46
Matched TTPs:
  • T1036 - Masquerading
  • T1518 - Software Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

PLATINUM

Score: 6.72
Matched TTPs:
  • T1036 - Masquerading
  • T1056.004 - Credential API Hooking
MITREへのリンク →

Volatile Cedar

Score: 6.72
Matched TTPs:
  • T1595.002 - Vulnerability Scanning
  • T1595.003 - Wordlist Scanning
MITREへのリンク →

Dragonfly

Score: 7.93
Matched TTPs:
  • T1595.002 - Vulnerability Scanning
  • T1591.002 - Business Relationships
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Silence

Score: 3.84
Matched TTPs:
  • T1125 - Video Capture
MITREへのリンク →

Axiom

Score: 5.12
Matched TTPs:
  • T1584.005 - Botnet
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Scattered Spider

Score: 5.96
Matched TTPs:
  • T1657 - Financial Theft
  • T1598 - Phishing for Information
MITREへのリンク →

Medusa Group

Score: 15.44
Matched TTPs:
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1573.002 - Asymmetric Cryptography
  • T1529 - System Shutdown/Reboot
  • T1218.014 - MMC
MITREへのリンク →

Confucius

Score: 3.51
Matched TTPs:
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

POLONIUM

Score: 4.76
Matched TTPs:
  • T1583.006 - Web Services
  • T1199 - Trusted Relationship
MITREへのリンク →

Sea Turtle

Score: 4.24
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Sidewinder

Score: 4.24
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

BlackTech

Score: 4.65
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1588.003 - Code Signing Certificates
MITREへのリンク →

Cobalt Group

Score: 4.24
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1573.002 - Asymmetric Cryptography
MITREへのリンク →

APT37

Score: 5.12
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Inception

Score: 4.24
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

Velvet Ant

Score: 6.88
Matched TTPs:
  • T1573.002 - Asymmetric Cryptography
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

FIN6

Score: 5.27
Matched TTPs:
  • T1573.002 - Asymmetric Cryptography
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

FIN8

Score: 5.90
Matched TTPs:
  • T1573.002 - Asymmetric Cryptography
  • T1588.003 - Code Signing Certificates
MITREへのリンク →

Equation

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

Strider

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

Wizard Spider

Score: 3.15
Matched TTPs:
  • T1588.003 - Code Signing Certificates
MITREへのリンク →

Mofang

Score: 3.15
Matched TTPs:
  • T1027.015 - Compression
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Volt Typhoon

Score: 0.82
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1590 - Gather Victim Network Information
  • T1592 - Gather Victim Host Information
  • T1596.005 - Scan Databases
  • T1591 - Gather Victim Org Information
  • T1593 - Search Open Websites/Domains
  • T1590.006 - Network Security Appliances
  • T1590.004 - Network Topology
  • T1584.005 - Botnet
  • T1518 - Software Discovery
  • T1594 - Search Victim-Owned Websites
  • T1591.004 - Identify Roles
MITREへのリンク →

Kimsuky

Score: 0.75
Matched TTPs:
  • T1657 - Financial Theft
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1594 - Search Victim-Owned Websites
  • T1593.002 - Search Engines
  • T1593.001 - Social Media
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1593 - Search Open Websites/Domains
  • T1588.003 - Code Signing Certificates
  • T1596 - Search Open Technical Databases
  • T1598 - Phishing for Information
  • T1587.001 - Malware
MITREへのリンク →

Sandworm Team

Score: 0.74
Matched TTPs:
  • T1591.002 - Business Relationships
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1594 - Search Victim-Owned Websites
  • T1036 - Masquerading
  • T1595.002 - Vulnerability Scanning
  • T1491.002 - External Defacement
  • T1199 - Trusted Relationship
  • T1593 - Search Open Websites/Domains
  • T1592.002 - Software
  • T1584.005 - Botnet
  • T1203 - Exploitation for Client Execution
  • T1587.001 - Malware
MITREへのリンク →

APT28

Score: 0.58
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1595.002 - Vulnerability Scanning
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1199 - Trusted Relationship
  • T1203 - Exploitation for Client Execution
  • T1596 - Search Open Technical Databases
  • T1211 - Exploitation for Defense Evasion
  • T1598 - Phishing for Information
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る