Trusted Design

Operation DustySky

概要

DustySky (called “NeD Worm” by its developer) is a multi-stage malware in use since May 2015. It is in use by the Molerats (aka Gaza cybergang), a politically motivated group whose main objective, we believe, is intelligence gathering. Operating since 2012, the group’s activity has been reported by Norman [1], Kaspersky[2] [3], FireEye[4], and PwC[5]. These attacks are targeted, but not spear-phished. I.e., malicious email messages are sent to selected targets rather than random mass distribution, but are not tailored specifically to each and every target. Dozens of targets may receive the exact same message. The email message and the lure document are written in Hebrew, Arabic or English – depending on the target audience.

Created: 2026-02-23

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Volt Typhoon

Score: 45.96
Matched TTPs:
  • T1592 - Gather Victim Host Information
  • T1016.001 - Internet Connection Discovery
  • T1069 - Permission Groups Discovery
  • T1007 - System Service Discovery
  • T1590.004 - Network Topology
  • T1190 - Exploit Public-Facing Application
  • T1589.002 - Email Addresses
  • T1074 - Data Staged
  • T1584.005 - Botnet
  • T1591 - Gather Victim Org Information
  • T1590 - Gather Victim Network Information
  • T1588.002 - Tool
  • T1090.003 - Multi-hop Proxy
  • T1596.005 - Scan Databases
  • T1090.001 - Internal Proxy
MITREへのリンク →

Contagious Interview

Score: 36.79
Matched TTPs:
  • T1588.007 - Artificial Intelligence
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1071.003 - Mail Protocols
  • T1681 - Search Threat Vendor Data
  • T1585.002 - Email Accounts
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1593.001 - Social Media
  • T1204.004 - Malicious Copy and Paste
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Scattered Spider

Score: 34.37
Matched TTPs:
  • T1564.008 - Email Hiding Rules
  • T1069 - Permission Groups Discovery
  • T1114 - Email Collection
  • T1598.003 - Spearphishing Link
  • T1598.004 - Spearphishing Voice
  • T1588.001 - Malware
  • T1074 - Data Staged
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1598 - Phishing for Information
  • T1213.005 - Messaging Applications
MITREへのリンク →

FIN4

Score: 9.20
Matched TTPs:
  • T1564.008 - Email Hiding Rules
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1090.003 - Multi-hop Proxy
MITREへのリンク →

Ember Bear

Score: 21.95
Matched TTPs:
  • T1491.002 - External Defacement
  • T1114 - Email Collection
  • T1195 - Supply Chain Compromise
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1588.001 - Malware
  • T1090.003 - Multi-hop Proxy
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Sandworm Team

Score: 47.31
Matched TTPs:
  • T1491.002 - External Defacement
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1040 - Network Sniffing
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1591.002 - Business Relationships
  • T1584.005 - Botnet
  • T1588.002 - Tool
  • T1592.002 - Software
  • T1195.002 - Compromise Software Supply Chain
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Andariel

Score: 12.52
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1566.001 - Spearphishing Attachment
  • T1588.001 - Malware
  • T1592.002 - Software
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Magic Hound

Score: 32.02
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1016.001 - Internet Connection Discovery
  • T1114 - Email Collection
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1592.002 - Software
  • T1102.002 - Bidirectional Communication
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

HAFNIUM

Score: 28.45
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1016.001 - Internet Connection Discovery
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1589.002 - Email Addresses
  • T1592.004 - Client Configurations
  • T1584.005 - Botnet
  • T1583.006 - Web Services
  • T1590 - Gather Victim Network Information
MITREへのリンク →

APT41

Score: 19.17
Matched TTPs:
  • T1568.002 - Domain Generation Algorithms
  • T1069 - Permission Groups Discovery
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1596.005 - Scan Databases
MITREへのリンク →

TA551

Score: 9.72
Matched TTPs:
  • T1568.002 - Domain Generation Algorithms
  • T1566.001 - Spearphishing Attachment
  • T1036 - Masquerading
  • T1589.002 - Email Addresses
MITREへのリンク →

HEXANE

Score: 12.78
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1608.001 - Upload Malware
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

APT29

Score: 18.26
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1090.003 - Multi-hop Proxy
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Gamaredon Group

Score: 27.94
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1080 - Taint Shared Content
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1102.003 - One-Way Communication
  • T1588.002 - Tool
  • T1090.003 - Multi-hop Proxy
  • T1102.002 - Bidirectional Communication
  • T1027.004 - Compile After Delivery
  • T1221 - Template Injection
MITREへのリンク →

TA2541

Score: 12.36
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
MITREへのリンク →

Lotus Blossom

Score: 9.27
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1588.002 - Tool
  • T1090.003 - Multi-hop Proxy
  • T1090.001 - Internal Proxy
MITREへのリンク →

FIN13

Score: 21.93
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1069 - Permission Groups Discovery
  • T1587.001 - Malware
  • T1590.004 - Network Topology
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1090.001 - Internal Proxy
MITREへのリンク →

Turla

Score: 26.36
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1007 - System Service Discovery
  • T1071.003 - Mail Protocols
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1584.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1090.001 - Internal Proxy
MITREへのリンク →

FIN8

Score: 5.92
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
MITREへのリンク →

Mustard Tempest

Score: 12.50
Matched TTPs:
  • T1583.008 - Malvertising
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1608.006 - SEO Poisoning
MITREへのリンク →

TA505

Score: 10.89
Matched TTPs:
  • T1069 - Permission Groups Discovery
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

APT3

Score: 6.23
Matched TTPs:
  • T1069 - Permission Groups Discovery
  • T1566.002 - Spearphishing Link
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Silent Librarian

Score: 11.74
Matched TTPs:
  • T1114 - Email Collection
  • T1598.003 - Spearphishing Link
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1588.002 - Tool
MITREへのリンク →

Kimsuky

Score: 50.15
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1007 - System Service Discovery
  • T1040 - Network Sniffing
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1071.003 - Mail Protocols
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1593.002 - Search Engines
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1588.002 - Tool
  • T1566 - Phishing
  • T1593.001 - Social Media
  • T1102.002 - Bidirectional Communication
  • T1598 - Phishing for Information
MITREへのリンク →

Moonstone Sleet

Score: 24.39
Matched TTPs:
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1591 - Gather Victim Org Information
  • T1195.002 - Compromise Software Supply Chain
  • T1598 - Phishing for Information
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Indrik Spider

Score: 10.75
Matched TTPs:
  • T1587.001 - Malware
  • T1007 - System Service Discovery
  • T1585.002 - Email Accounts
  • T1590 - Gather Victim Network Information
MITREへのリンク →

Lazarus Group

Score: 28.85
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1027.007 - Dynamic API Resolution
  • T1566.003 - Spearphishing via Service
  • T1090.001 - Internal Proxy
MITREへのリンク →

OilRig

Score: 19.81
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1007 - System Service Discovery
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

UNC3886

Score: 14.68
Matched TTPs:
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1190 - Exploit Public-Facing Application
  • T1681 - Search Threat Vendor Data
  • T1588.001 - Malware
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

LuminousMoth

Score: 8.82
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

Salt Typhoon

Score: 11.29
Matched TTPs:
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1590.004 - Network Topology
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
MITREへのリンク →

Play

Score: 6.94
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1588.002 - Tool
MITREへのリンク →

Aoqin Dragon

Score: 6.62
Matched TTPs:
  • T1587.001 - Malware
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

RedCurl

Score: 7.86
Matched TTPs:
  • T1587.001 - Malware
  • T1080 - Taint Shared Content
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
MITREへのリンク →

Moses Staff

Score: 4.41
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
MITREへのリンク →

Ke3chang

Score: 14.40
Matched TTPs:
  • T1587.001 - Malware
  • T1583.005 - Botnet
  • T1007 - System Service Discovery
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1614.001 - System Language Discovery
MITREへのリンク →

Mustang Panda

Score: 24.16
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1585.002 - Email Accounts
  • T1583.006 - Web Services
  • T1678 - Delay Execution
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

TeamTNT

Score: 8.78
Matched TTPs:
  • T1587.001 - Malware
  • T1007 - System Service Discovery
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
MITREへのリンク →

FIN7

Score: 23.47
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1583.006 - Web Services
  • T1497.002 - User Activity Based Checks
  • T1591 - Gather Victim Org Information
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

Darkhotel

Score: 9.94
Matched TTPs:
  • T1080 - Taint Shared Content
  • T1566.001 - Spearphishing Attachment
  • T1497.002 - User Activity Based Checks
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

BRONZE BUTLER

Score: 11.37
Matched TTPs:
  • T1080 - Taint Shared Content
  • T1566.001 - Spearphishing Attachment
  • T1007 - System Service Discovery
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Cinnamon Tempest

Score: 8.28
Matched TTPs:
  • T1080 - Taint Shared Content
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1588.002 - Tool
MITREへのリンク →

BlackTech

Score: 6.13
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

MuddyWater

Score: 14.17
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Confucius

Score: 8.98
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1221 - Template Injection
MITREへのリンク →

Sidewinder

Score: 9.89
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1598.002 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Elderwood

Score: 3.81
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Transparent Tribe

Score: 3.81
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT32

Score: 19.10
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1071.003 - Mail Protocols
  • T1589.002 - Email Addresses
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT1

Score: 10.44
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1007 - System Service Discovery
  • T1585.002 - Email Accounts
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

Leviathan

Score: 14.45
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1585.002 - Email Accounts
  • T1102.003 - One-Way Communication
  • T1090.003 - Multi-hop Proxy
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT33

Score: 11.83
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1040 - Network Sniffing
  • T1552.006 - Group Policy Preferences
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

ZIRCONIUM

Score: 16.69
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1036 - Masquerading
  • T1583.006 - Web Services
  • T1090.003 - Multi-hop Proxy
  • T1102.002 - Bidirectional Communication
  • T1598 - Phishing for Information
MITREへのリンク →

EXOTIC LILY

Score: 16.97
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1593.001 - Social Media
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Windshift

Score: 7.03
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1036 - Masquerading
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Cobalt Group

Score: 7.59
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Earth Lusca

Score: 16.35
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1007 - System Service Discovery
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1584.006 - Web Services
MITREへのリンク →

Storm-1811

Score: 16.08
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1566.004 - Spearphishing Voice
  • T1667 - Email Bombing
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Wizard Spider

Score: 13.21
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1585.002 - Email Accounts
  • T1074 - Data Staged
  • T1552.006 - Group Policy Preferences
  • T1588.002 - Tool
MITREへのリンク →

Patchwork

Score: 7.12
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

LazyScripter

Score: 10.95
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1588.001 - Malware
  • T1583.006 - Web Services
MITREへのリンク →

APT42

Score: 6.56
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1585.002 - Email Accounts
  • T1588.002 - Tool
MITREへのリンク →

APT39

Score: 9.97
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1090.001 - Internal Proxy
MITREへのリンク →

APT28

Score: 46.30
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1040 - Network Sniffing
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1071.003 - Mail Protocols
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1588.002 - Tool
  • T1090.003 - Multi-hop Proxy
  • T1546.015 - Component Object Model Hijacking
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1598 - Phishing for Information
  • T1498 - Network Denial of Service
  • T1221 - Template Injection
  • T1001.001 - Junk Data
MITREへのリンク →

Star Blizzard

Score: 12.06
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1585.002 - Email Accounts
  • T1598.002 - Spearphishing Attachment
  • T1588.002 - Tool
MITREへのリンク →

CURIUM

Score: 11.76
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1585.002 - Email Accounts
  • T1584.006 - Web Services
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Dragonfly

Score: 20.69
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1591.002 - Business Relationships
  • T1598.002 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1221 - Template Injection
MITREへのリンク →

Saint Bear

Score: 8.88
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1589.002 - Email Addresses
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Tropic Trooper

Score: 5.52
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1221 - Template Injection
MITREへのリンク →

FIN6

Score: 4.25
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

admin@338

Score: 4.89
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1007 - System Service Discovery
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

menuPass

Score: 5.38
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1588.002 - Tool
MITREへのリンク →

Threat Group-3390

Score: 13.72
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1608.002 - Upload Tool
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

BITTER

Score: 5.19
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Inception

Score: 9.11
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1090.003 - Multi-hop Proxy
  • T1203 - Exploitation for Client Execution
  • T1221 - Template Injection
MITREへのリンク →

Ajax Security Team

Score: 3.40
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Winter Vivern

Score: 8.15
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1584.006 - Web Services
MITREへのリンク →

Higaisa

Score: 5.30
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1090.001 - Internal Proxy
MITREへのリンク →

APT12

Score: 4.77
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Malteiro

Score: 7.02
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1657 - Financial Theft
  • T1614.001 - System Language Discovery
MITREへのリンク →

SideCopy

Score: 6.47
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1598.002 - Spearphishing Attachment
MITREへのリンク →

Nomadic Octopus

Score: 3.06
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1036 - Masquerading
MITREへのリンク →

APT37

Score: 4.77
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

IndigoZebra

Score: 3.74
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1583.006 - Web Services
  • T1588.002 - Tool
MITREへのリンク →

APT38

Score: 6.26
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1480.002 - Mutual Exclusion
  • T1588.002 - Tool
MITREへのリンク →

DarkHydrus

Score: 4.88
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1221 - Template Injection
MITREへのリンク →

PLATINUM

Score: 3.06
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1036 - Masquerading
MITREへのリンク →

APT5

Score: 5.31
Matched TTPs:
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
MITREへのリンク →

Aquatic Panda

Score: 5.83
Matched TTPs:
  • T1007 - System Service Discovery
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

Chimera

Score: 3.37
Matched TTPs:
  • T1007 - System Service Discovery
  • T1588.002 - Tool
MITREへのリンク →

Velvet Ant

Score: 5.96
Matched TTPs:
  • T1040 - Network Sniffing
  • T1090.001 - Internal Proxy
MITREへのリンク →

DarkVishnya

Score: 3.88
Matched TTPs:
  • T1040 - Network Sniffing
  • T1588.002 - Tool
MITREへのリンク →

BlackByte

Score: 7.06
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1614.001 - System Language Discovery
MITREへのリンク →

Rocke

Score: 5.09
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1027.004 - Compile After Delivery
MITREへのリンク →

BackdoorDiplomacy

Score: 4.78
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

GOLD SOUTHFIELD

Score: 7.68
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1566 - Phishing
  • T1195.002 - Compromise Software Supply Chain
MITREへのリンク →

Medusa Group

Score: 20.56
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1608.002 - Upload Tool
  • T1585.002 - Email Accounts
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1090.003 - Multi-hop Proxy
  • T1218.014 - MMC
MITREへのリンク →

Sea Turtle

Score: 10.72
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1566 - Phishing
  • T1203 - Exploitation for Client Execution
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Storm-0501

Score: 7.61
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1614.001 - System Language Discovery
MITREへのリンク →

Fox Kitten

Score: 5.31
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1213.005 - Messaging Applications
MITREへのリンク →

Agrius

Score: 3.66
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
MITREへのリンク →

ToddyCat

Score: 3.99
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

INC Ransom

Score: 11.75
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1074 - Data Staged
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1566 - Phishing
MITREへのリンク →

Axiom

Score: 9.87
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1584.005 - Botnet
  • T1566 - Phishing
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

MoustachedBouncer

Score: 4.54
Matched TTPs:
  • T1659 - Content Injection
MITREへのリンク →

SilverTerrier

Score: 5.81
Matched TTPs:
  • T1071.003 - Mail Protocols
  • T1657 - Financial Theft
MITREへのリンク →

LAPSUS$

Score: 17.65
Matched TTPs:
  • T1589.002 - Email Addresses
  • T1598.004 - Spearphishing Voice
  • T1591.002 - Business Relationships
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1213.005 - Messaging Applications
MITREへのリンク →

Metador

Score: 3.31
Matched TTPs:
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

AppleJeus

Score: 5.81
Matched TTPs:
  • T1657 - Financial Theft
  • T1566 - Phishing
MITREへのリンク →

POLONIUM

Score: 5.26
Matched TTPs:
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

Carbanak

Score: 3.25
Matched TTPs:
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.84
Matched TTPs:
  • T1071.003 - Mail Protocols
  • T1007 - System Service Discovery
  • T1608.001 - Upload Malware
  • T1589.002 - Email Addresses
  • T1593.002 - Search Engines
  • T1190 - Exploit Public-Facing Application
  • T1583.006 - Web Services
  • T1587.001 - Malware
  • T1598 - Phishing for Information
  • T1566.001 - Spearphishing Attachment
  • T1657 - Financial Theft
  • T1591 - Gather Victim Org Information
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1585.002 - Email Accounts
  • T1566 - Phishing
  • T1593.001 - Social Media
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1040 - Network Sniffing
MITREへのリンク →

Sandworm Team

Score: 0.83
Matched TTPs:
  • T1036 - Masquerading
  • T1195 - Supply Chain Compromise
  • T1608.001 - Upload Malware
  • T1589.002 - Email Addresses
  • T1190 - Exploit Public-Facing Application
  • T1587.001 - Malware
  • T1566.001 - Spearphishing Attachment
  • T1195.002 - Compromise Software Supply Chain
  • T1584.005 - Botnet
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1491.002 - External Defacement
  • T1585.002 - Email Accounts
  • T1566.002 - Spearphishing Link
  • T1592.002 - Software
  • T1598.003 - Spearphishing Link
  • T1040 - Network Sniffing
  • T1591.002 - Business Relationships
MITREへのリンク →

APT28

Score: 0.79
Matched TTPs:
  • T1036 - Masquerading
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1001.001 - Junk Data
  • T1588.002 - Tool
  • T1546.015 - Component Object Model Hijacking
  • T1598 - Phishing for Information
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1040 - Network Sniffing
  • T1071.003 - Mail Protocols
  • T1090.003 - Multi-hop Proxy
  • T1221 - Template Injection
  • T1498 - Network Denial of Service
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1190 - Exploit Public-Facing Application
MITREへのリンク →

Volt Typhoon

Score: 0.78
Matched TTPs:
  • T1074 - Data Staged
  • T1591 - Gather Victim Org Information
  • T1588.002 - Tool
  • T1069 - Permission Groups Discovery
  • T1590 - Gather Victim Network Information
  • T1090.003 - Multi-hop Proxy
  • T1090.001 - Internal Proxy
  • T1007 - System Service Discovery
  • T1596.005 - Scan Databases
  • T1016.001 - Internet Connection Discovery
  • T1584.005 - Botnet
  • T1589.002 - Email Addresses
  • T1592 - Gather Victim Host Information
  • T1590.004 - Network Topology
  • T1190 - Exploit Public-Facing Application
MITREへのリンク →

Scattered Spider

Score: 0.63
Matched TTPs:
  • T1074 - Data Staged
  • T1588.002 - Tool
  • T1598.004 - Spearphishing Voice
  • T1069 - Permission Groups Discovery
  • T1213.005 - Messaging Applications
  • T1598 - Phishing for Information
  • T1598.003 - Spearphishing Link
  • T1657 - Financial Theft
  • T1564.008 - Email Hiding Rules
  • T1114 - Email Collection
  • T1588.001 - Malware
MITREへのリンク →

Contagious Interview

Score: 0.62
Matched TTPs:
  • T1036 - Masquerading
  • T1583.006 - Web Services
  • T1593.001 - Social Media
  • T1204.004 - Malicious Copy and Paste
  • T1588.002 - Tool
  • T1587.001 - Malware
  • T1588.007 - Artificial Intelligence
  • T1657 - Financial Theft
  • T1071.003 - Mail Protocols
  • T1566.003 - Spearphishing via Service
  • T1608.001 - Upload Malware
  • T1585.002 - Email Accounts
  • T1681 - Search Threat Vendor Data
MITREへのリンク →

Magic Hound

Score: 0.59
Matched TTPs:
  • T1583.006 - Web Services
  • T1566.002 - Spearphishing Link
  • T1588.002 - Tool
  • T1592.002 - Software
  • T1598.003 - Spearphishing Link
  • T1566.003 - Spearphishing via Service
  • T1590.005 - IP Addresses
  • T1016.001 - Internet Connection Discovery
  • T1114 - Email Collection
  • T1102.002 - Bidirectional Communication
  • T1589.002 - Email Addresses
  • T1585.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る