Trusted Design

SHELLDC.DLL (BACKDOOR)

概要

This malware is designed to be installed as a service. It provides file transfer, file copy, move, delete and setting of file attributes, command execution, interactive command shell, registry browsing, listing of RDP connected users and full remote desktop GUI interactivity via a custom protocol.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Gamaredon Group

Score: 21.26
Matched TTPs:
  • T1218.011 - Rundll32
  • T1025 - Data from Removable Media
  • T1559.001 - Component Object Model
  • T1112 - Modify Registry
  • T1027.012 - LNK Icon Smuggling
  • T1039 - Data from Network Shared Drive
  • T1027.015 - Compression
MITREへのリンク →

FIN7

Score: 17.71
Matched TTPs:
  • T1218.011 - Rundll32
  • T1543.003 - Windows Service
  • T1219 - Remote Access Tools
  • T1674 - Input Injection
  • T1021.001 - Remote Desktop Protocol
  • T1564.001 - Hidden Files and Directories
  • T1569.002 - Service Execution
MITREへのリンク →

APT19

Score: 8.45
Matched TTPs:
  • T1218.011 - Rundll32
  • T1543.003 - Windows Service
  • T1112 - Modify Registry
  • T1218.010 - Regsvr32
MITREへのリンク →

Kimsuky

Score: 22.99
Matched TTPs:
  • T1218.011 - Rundll32
  • T1543.003 - Windows Service
  • T1112 - Modify Registry
  • T1027.012 - LNK Icon Smuggling
  • T1218.010 - Regsvr32
  • T1219.002 - Remote Desktop Software
  • T1021.001 - Remote Desktop Protocol
  • T1680 - Local Storage Discovery
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

UNC3886

Score: 6.07
Matched TTPs:
  • T1218.011 - Rundll32
  • T1070.007 - Clear Network Connection History and Configurations
MITREへのリンク →

Carbanak

Score: 6.46
Matched TTPs:
  • T1218.011 - Rundll32
  • T1543.003 - Windows Service
  • T1219 - Remote Access Tools
MITREへのリンク →

APT3

Score: 8.80
Matched TTPs:
  • T1218.011 - Rundll32
  • T1543.003 - Windows Service
  • T1546.008 - Accessibility Features
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Magic Hound

Score: 5.41
Matched TTPs:
  • T1218.011 - Rundll32
  • T1112 - Modify Registry
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

TA551

Score: 4.68
Matched TTPs:
  • T1218.011 - Rundll32
  • T1218.010 - Regsvr32
MITREへのリンク →

Blue Mockingbird

Score: 12.49
Matched TTPs:
  • T1218.011 - Rundll32
  • T1543.003 - Windows Service
  • T1112 - Modify Registry
  • T1218.010 - Regsvr32
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
MITREへのリンク →

Wizard Spider

Score: 25.40
Matched TTPs:
  • T1218.011 - Rundll32
  • T1543.003 - Windows Service
  • T1112 - Modify Registry
  • T1021.006 - Windows Remote Management
  • T1547.004 - Winlogon Helper DLL
  • T1021.001 - Remote Desktop Protocol
  • T1003.003 - NTDS
  • T1569.002 - Service Execution
  • T1490 - Inhibit System Recovery
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

APT32

Score: 19.54
Matched TTPs:
  • T1218.011 - Rundll32
  • T1543.003 - Windows Service
  • T1112 - Modify Registry
  • T1218.010 - Regsvr32
  • T1036.003 - Rename Legitimate Utilities
  • T1564.001 - Hidden Files and Directories
  • T1569.002 - Service Execution
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Lazarus Group

Score: 21.18
Matched TTPs:
  • T1218.011 - Rundll32
  • T1543.003 - Windows Service
  • T1036.003 - Rename Legitimate Utilities
  • T1027.007 - Dynamic API Resolution
  • T1021.001 - Remote Desktop Protocol
  • T1564.001 - Hidden Files and Directories
  • T1680 - Local Storage Discovery
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

TA505

Score: 7.05
Matched TTPs:
  • T1218.011 - Rundll32
  • T1218.007 - Msiexec
  • T1112 - Modify Registry
MITREへのリンク →

APT41

Score: 18.66
Matched TTPs:
  • T1218.011 - Rundll32
  • T1543.003 - Windows Service
  • T1112 - Modify Registry
  • T1546.008 - Accessibility Features
  • T1021.001 - Remote Desktop Protocol
  • T1003.003 - NTDS
  • T1569.002 - Service Execution
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Sandworm Team

Score: 10.15
Matched TTPs:
  • T1218.011 - Rundll32
  • T1219 - Remote Access Tools
  • T1003.003 - NTDS
  • T1490 - Inhibit System Recovery
MITREへのリンク →

APT28

Score: 22.27
Matched TTPs:
  • T1218.011 - Rundll32
  • T1025 - Data from Removable Media
  • T1039 - Data from Network Shared Drive
  • T1564.001 - Hidden Files and Directories
  • T1137.002 - Office Test
  • T1003.003 - NTDS
  • T1550.001 - Application Access Token
MITREへのリンク →

HAFNIUM

Score: 11.07
Matched TTPs:
  • T1218.011 - Rundll32
  • T1564.001 - Hidden Files and Directories
  • T1003.003 - NTDS
  • T1550.001 - Application Access Token
MITREへのリンク →

APT38

Score: 14.67
Matched TTPs:
  • T1218.011 - Rundll32
  • T1543.003 - Windows Service
  • T1218.007 - Msiexec
  • T1112 - Modify Registry
  • T1036.003 - Rename Legitimate Utilities
  • T1569.002 - Service Execution
MITREへのリンク →

Daggerfly

Score: 5.22
Matched TTPs:
  • T1218.011 - Rundll32
  • T1036.003 - Rename Legitimate Utilities
MITREへのリンク →

RedCurl

Score: 7.64
Matched TTPs:
  • T1218.011 - Rundll32
  • T1039 - Data from Network Shared Drive
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Aquatic Panda

Score: 7.35
Matched TTPs:
  • T1218.011 - Rundll32
  • T1543.003 - Windows Service
  • T1112 - Modify Registry
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Storm-0501

Score: 14.33
Matched TTPs:
  • T1218.011 - Rundll32
  • T1021.006 - Windows Remote Management
  • T1218.010 - Regsvr32
  • T1219.002 - Remote Desktop Software
  • T1490 - Inhibit System Recovery
MITREへのリンク →

MuddyWater

Score: 12.50
Matched TTPs:
  • T1218.011 - Rundll32
  • T1559.001 - Component Object Model
  • T1219 - Remote Access Tools
  • T1218.003 - CMSTP
MITREへのリンク →

OilRig

Score: 14.37
Matched TTPs:
  • T1025 - Data from Removable Media
  • T1543.003 - Windows Service
  • T1219 - Remote Access Tools
  • T1112 - Modify Registry
  • T1021.001 - Remote Desktop Protocol
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Turla

Score: 9.30
Matched TTPs:
  • T1025 - Data from Removable Media
  • T1112 - Modify Registry
  • T1547.004 - Winlogon Helper DLL
MITREへのリンク →

Tropic Trooper

Score: 11.28
Matched TTPs:
  • T1543.003 - Windows Service
  • T1547.004 - Winlogon Helper DLL
  • T1564.001 - Hidden Files and Directories
  • T1680 - Local Storage Discovery
MITREへのリンク →

Medusa Group

Score: 24.41
Matched TTPs:
  • T1543.003 - Windows Service
  • T1559.001 - Component Object Model
  • T1219 - Remote Access Tools
  • T1112 - Modify Registry
  • T1021.001 - Remote Desktop Protocol
  • T1003.003 - NTDS
  • T1569.002 - Service Execution
  • T1490 - Inhibit System Recovery
  • T1218.014 - MMC
MITREへのリンク →

DarkVishnya

Score: 4.53
Matched TTPs:
  • T1543.003 - Windows Service
  • T1219 - Remote Access Tools
MITREへのリンク →

Lotus Blossom

Score: 3.77
Matched TTPs:
  • T1543.003 - Windows Service
  • T1112 - Modify Registry
MITREへのリンク →

TeamTNT

Score: 7.36
Matched TTPs:
  • T1543.003 - Windows Service
  • T1219 - Remote Access Tools
  • T1680 - Local Storage Discovery
MITREへのリンク →

BlackByte

Score: 13.69
Matched TTPs:
  • T1543.003 - Windows Service
  • T1219 - Remote Access Tools
  • T1112 - Modify Registry
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
  • T1490 - Inhibit System Recovery
MITREへのリンク →

Threat Group-3390

Score: 10.36
Matched TTPs:
  • T1543.003 - Windows Service
  • T1112 - Modify Registry
  • T1021.006 - Windows Remote Management
  • T1027.015 - Compression
MITREへのリンク →

Ke3chang

Score: 6.67
Matched TTPs:
  • T1543.003 - Windows Service
  • T1003.003 - NTDS
  • T1569.002 - Service Execution
MITREへのリンク →

Agrius

Score: 3.58
Matched TTPs:
  • T1543.003 - Windows Service
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Earth Lusca

Score: 3.77
Matched TTPs:
  • T1543.003 - Windows Service
  • T1112 - Modify Registry
MITREへのリンク →

Cobalt Group

Score: 13.05
Matched TTPs:
  • T1543.003 - Windows Service
  • T1219 - Remote Access Tools
  • T1218.003 - CMSTP
  • T1218.010 - Regsvr32
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Molerats

Score: 6.44
Matched TTPs:
  • T1218.007 - Msiexec
  • T1027.015 - Compression
MITREへのリンク →

Rancor

Score: 3.29
Matched TTPs:
  • T1218.007 - Msiexec
MITREへのリンク →

ZIRCONIUM

Score: 3.29
Matched TTPs:
  • T1218.007 - Msiexec
MITREへのリンク →

Machete

Score: 3.29
Matched TTPs:
  • T1218.007 - Msiexec
MITREへのリンク →

Volt Typhoon

Score: 12.78
Matched TTPs:
  • T1070.007 - Clear Network Connection History and Configurations
  • T1112 - Modify Registry
  • T1021.001 - Remote Desktop Protocol
  • T1003.003 - NTDS
  • T1680 - Local Storage Discovery
MITREへのリンク →

INC Ransom

Score: 6.64
Matched TTPs:
  • T1219 - Remote Access Tools
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
MITREへのリンク →

Akira

Score: 4.24
Matched TTPs:
  • T1219 - Remote Access Tools
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Patchwork

Score: 9.60
Matched TTPs:
  • T1112 - Modify Registry
  • T1021.001 - Remote Desktop Protocol
  • T1680 - Local Storage Discovery
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Indrik Spider

Score: 3.48
Matched TTPs:
  • T1112 - Modify Registry
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Silence

Score: 5.88
Matched TTPs:
  • T1112 - Modify Registry
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
MITREへのリンク →

Dragonfly

Score: 5.82
Matched TTPs:
  • T1112 - Modify Registry
  • T1021.001 - Remote Desktop Protocol
  • T1003.003 - NTDS
MITREへのリンク →

LuminousMoth

Score: 4.50
Matched TTPs:
  • T1112 - Modify Registry
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

FIN8

Score: 6.22
Matched TTPs:
  • T1112 - Modify Registry
  • T1021.001 - Remote Desktop Protocol
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

FIN13

Score: 10.09
Matched TTPs:
  • T1021.006 - Windows Remote Management
  • T1021.001 - Remote Desktop Protocol
  • T1564.001 - Hidden Files and Directories
  • T1003.003 - NTDS
MITREへのリンク →

Chimera

Score: 15.69
Matched TTPs:
  • T1021.006 - Windows Remote Management
  • T1039 - Data from Network Shared Drive
  • T1021.001 - Remote Desktop Protocol
  • T1003.003 - NTDS
  • T1569.002 - Service Execution
  • T1680 - Local Storage Discovery
MITREへのリンク →

Deep Panda

Score: 6.03
Matched TTPs:
  • T1546.008 - Accessibility Features
  • T1218.010 - Regsvr32
MITREへのリンク →

Axiom

Score: 14.01
Matched TTPs:
  • T1546.008 - Accessibility Features
  • T1563.002 - RDP Hijacking
  • T1021.001 - Remote Desktop Protocol
  • T1001.002 - Steganography
MITREへのリンク →

Fox Kitten

Score: 10.31
Matched TTPs:
  • T1546.008 - Accessibility Features
  • T1039 - Data from Network Shared Drive
  • T1021.001 - Remote Desktop Protocol
  • T1003.003 - NTDS
MITREへのリンク →

APT29

Score: 3.29
Matched TTPs:
  • T1546.008 - Accessibility Features
MITREへのリンク →

Mustang Panda

Score: 18.66
Matched TTPs:
  • T1027.012 - LNK Icon Smuggling
  • T1219.002 - Remote Desktop Software
  • T1027.007 - Dynamic API Resolution
  • T1564.001 - Hidden Files and Directories
  • T1003.003 - NTDS
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

BRONZE BUTLER

Score: 6.32
Matched TTPs:
  • T1039 - Data from Network Shared Drive
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Sowbug

Score: 3.03
Matched TTPs:
  • T1039 - Data from Network Shared Drive
MITREへのリンク →

menuPass

Score: 10.31
Matched TTPs:
  • T1039 - Data from Network Shared Drive
  • T1036.003 - Rename Legitimate Utilities
  • T1021.001 - Remote Desktop Protocol
  • T1003.003 - NTDS
MITREへのリンク →

Leviathan

Score: 7.55
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1021.001 - Remote Desktop Protocol
  • T1027.015 - Compression
MITREへのリンク →

GALLIUM

Score: 3.29
Matched TTPs:
  • T1036.003 - Rename Legitimate Utilities
MITREへのリンク →

APT39

Score: 8.58
Matched TTPs:
  • T1546.010 - AppInit DLLs
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
MITREへのリンク →

Contagious Interview

Score: 5.67
Matched TTPs:
  • T1219.002 - Remote Desktop Software
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Thrip

Score: 5.67
Matched TTPs:
  • T1219.002 - Remote Desktop Software
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

RTM

Score: 6.21
Matched TTPs:
  • T1219.002 - Remote Desktop Software
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Scattered Spider

Score: 10.20
Matched TTPs:
  • T1219.002 - Remote Desktop Software
  • T1021.001 - Remote Desktop Protocol
  • T1003.003 - NTDS
  • T1490 - Inhibit System Recovery
MITREへのリンク →

FIN6

Score: 9.13
Matched TTPs:
  • T1021.001 - Remote Desktop Protocol
  • T1003.003 - NTDS
  • T1569.002 - Service Execution
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Rocke

Score: 5.95
Matched TTPs:
  • T1564.001 - Hidden Files and Directories
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Higaisa

Score: 5.98
Matched TTPs:
  • T1680 - Local Storage Discovery
  • T1027.015 - Compression
MITREへのリンク →

TA2541

Score: 3.15
Matched TTPs:
  • T1027.015 - Compression
MITREへのリンク →

Mofang

Score: 3.15
Matched TTPs:
  • T1027.015 - Compression
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Wizard Spider

Score: 0.79
Matched TTPs:
  • T1112 - Modify Registry
  • T1490 - Inhibit System Recovery
  • T1543.003 - Windows Service
  • T1218.011 - Rundll32
  • T1003.003 - NTDS
  • T1569.002 - Service Execution
  • T1021.006 - Windows Remote Management
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
  • T1547.004 - Winlogon Helper DLL
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Medusa Group

Score: 0.77
Matched TTPs:
  • T1112 - Modify Registry
  • T1490 - Inhibit System Recovery
  • T1219 - Remote Access Tools
  • T1543.003 - Windows Service
  • T1559.001 - Component Object Model
  • T1003.003 - NTDS
  • T1569.002 - Service Execution
  • T1218.014 - MMC
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Kimsuky

Score: 0.69
Matched TTPs:
  • T1027.012 - LNK Icon Smuggling
  • T1218.010 - Regsvr32
  • T1112 - Modify Registry
  • T1680 - Local Storage Discovery
  • T1543.003 - Windows Service
  • T1218.011 - Rundll32
  • T1102.001 - Dead Drop Resolver
  • T1219.002 - Remote Desktop Software
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

APT28

Score: 0.69
Matched TTPs:
  • T1564.001 - Hidden Files and Directories
  • T1550.001 - Application Access Token
  • T1137.002 - Office Test
  • T1025 - Data from Removable Media
  • T1218.011 - Rundll32
  • T1039 - Data from Network Shared Drive
  • T1003.003 - NTDS
MITREへのリンク →

Gamaredon Group

Score: 0.66
Matched TTPs:
  • T1027.012 - LNK Icon Smuggling
  • T1112 - Modify Registry
  • T1027.015 - Compression
  • T1025 - Data from Removable Media
  • T1218.011 - Rundll32
  • T1559.001 - Component Object Model
  • T1039 - Data from Network Shared Drive
MITREへのリンク →

Lazarus Group

Score: 0.66
Matched TTPs:
  • T1564.001 - Hidden Files and Directories
  • T1036.003 - Rename Legitimate Utilities
  • T1680 - Local Storage Discovery
  • T1543.003 - Windows Service
  • T1218.011 - Rundll32
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
  • T1021.001 - Remote Desktop Protocol
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

APT32

Score: 0.62
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1112 - Modify Registry
  • T1564.001 - Hidden Files and Directories
  • T1036.003 - Rename Legitimate Utilities
  • T1543.003 - Windows Service
  • T1218.011 - Rundll32
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
  • T1569.002 - Service Execution
MITREへのリンク →

FIN7

Score: 0.61
Matched TTPs:
  • T1564.001 - Hidden Files and Directories
  • T1674 - Input Injection
  • T1543.003 - Windows Service
  • T1219 - Remote Access Tools
  • T1218.011 - Rundll32
  • T1569.002 - Service Execution
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

APT41

Score: 0.59
Matched TTPs:
  • T1546.008 - Accessibility Features
  • T1112 - Modify Registry
  • T1543.003 - Windows Service
  • T1218.011 - Rundll32
  • T1003.003 - NTDS
  • T1102.001 - Dead Drop Resolver
  • T1569.002 - Service Execution
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Mustang Panda

Score: 0.56
Matched TTPs:
  • T1027.012 - LNK Icon Smuggling
  • T1564.001 - Hidden Files and Directories
  • T1003.003 - NTDS
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
  • T1219.002 - Remote Desktop Software
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る