Trusted Design

HEUR:Trojan-Downloader.Script.Generic

概要

Programs classified as Trojan-Downloader download and install new versions of malicious programs, including Trojans and AdWare, on victim computers. Once downloaded from the Internet, the programs are launched or included on a list of programs which will run automatically when the operating system boots up. Information about the names and locations of the programs which are downloaded are in the Trojan code, or are downloaded by the Trojan from an Internet resource (usually a web page). This type of malicious program is frequently used in the initial infection of visitors to websites which contain exploits.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Kimsuky

Score: 54.83
Matched TTPs:
  • T1036.007 - Double File Extension
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1176.001 - Browser Extensions
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1036.004 - Masquerade Task or Service
  • T1218.005 - Mshta
  • T1027.012 - LNK Icon Smuggling
  • T1546.001 - Change Default File Association
  • T1588.002 - Tool
  • T1027 - Obfuscated Files or Information
  • T1218.010 - Regsvr32
  • T1518.001 - Security Software Discovery
  • T1059.006 - Python
  • T1070.004 - File Deletion
  • T1027.002 - Software Packing
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1680 - Local Storage Discovery
  • T1588.005 - Exploits
MITREへのリンク →

Mustang Panda

Score: 43.40
Matched TTPs:
  • T1036.007 - Double File Extension
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1091 - Replication Through Removable Media
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1176.002 - IDE Extensions
  • T1218.005 - Mshta
  • T1027.012 - LNK Icon Smuggling
  • T1588.002 - Tool
  • T1027 - Obfuscated Files or Information
  • T1203 - Exploitation for Client Execution
  • T1070.004 - File Deletion
  • T1518 - Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1027.007 - Dynamic API Resolution
  • T1204.001 - Malicious Link
MITREへのリンク →

Mustard Tempest

Score: 11.86
Matched TTPs:
  • T1583.008 - Malvertising
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

APT42

Score: 10.71
Matched TTPs:
  • T1547 - Boot or Logon Autostart Execution
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1518.001 - Security Software Discovery
MITREへのリンク →

FIN13

Score: 11.31
Matched TTPs:
  • T1587.001 - Malware
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Moonstone Sleet

Score: 16.58
Matched TTPs:
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1217 - Browser Information Discovery
  • T1027 - Obfuscated Files or Information
  • T1195.002 - Compromise Software Supply Chain
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Indrik Spider

Score: 3.66
Matched TTPs:
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Lazarus Group

Score: 42.77
Matched TTPs:
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1218 - System Binary Proxy Execution
  • T1547.009 - Shortcut Modification
  • T1036.004 - Masquerade Task or Service
  • T1218.005 - Mshta
  • T1588.002 - Tool
  • T1036.003 - Rename Legitimate Utilities
  • T1203 - Exploitation for Client Execution
  • T1070.004 - File Deletion
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1027.007 - Dynamic API Resolution
  • T1680 - Local Storage Discovery
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Contagious Interview

Score: 22.05
Matched TTPs:
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1059.006 - Python
  • T1543.001 - Launch Agent
  • T1070.004 - File Deletion
  • T1204.004 - Malicious Copy and Paste
  • T1204.001 - Malicious Link
MITREへのリンク →

OilRig

Score: 30.55
Matched TTPs:
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1218.001 - Compiled HTML File
  • T1203 - Exploitation for Client Execution
  • T1137.004 - Outlook Home Page
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

UNC3886

Score: 11.86
Matched TTPs:
  • T1587.001 - Malware
  • T1588.001 - Malware
  • T1036.004 - Masquerade Task or Service
  • T1203 - Exploitation for Client Execution
  • T1059.006 - Python
  • T1070.004 - File Deletion
MITREへのリンク →

LuminousMoth

Score: 15.73
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1574.001 - DLL
  • T1091 - Replication Through Removable Media
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Sandworm Team

Score: 29.70
Matched TTPs:
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1027 - Obfuscated Files or Information
  • T1592.002 - Software
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

APT29

Score: 26.18
Matched TTPs:
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1553.005 - Mark-of-the-Web Bypass
  • T1218.005 - Mshta
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1059.006 - Python
  • T1027.006 - HTML Smuggling
  • T1070.004 - File Deletion
  • T1027.002 - Software Packing
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Play

Score: 7.00
Matched TTPs:
  • T1587.001 - Malware
  • T1588.002 - Tool
  • T1518.001 - Security Software Discovery
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Aoqin Dragon

Score: 12.50
Matched TTPs:
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1091 - Replication Through Removable Media
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1027.002 - Software Packing
MITREへのリンク →

RedCurl

Score: 12.57
Matched TTPs:
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1027 - Obfuscated Files or Information
  • T1059.006 - Python
  • T1070.004 - File Deletion
  • T1204.001 - Malicious Link
MITREへのリンク →

Moses Staff

Score: 3.72
Matched TTPs:
  • T1587.001 - Malware
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Turla

Score: 16.56
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1518.001 - Security Software Discovery
  • T1059.006 - Python
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Ke3chang

Score: 9.51
Matched TTPs:
  • T1587.001 - Malware
  • T1543.003 - Windows Service
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.002 - Tool
  • T1027 - Obfuscated Files or Information
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

TeamTNT

Score: 18.70
Matched TTPs:
  • T1587.001 - Malware
  • T1543.003 - Windows Service
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1518.001 - Security Software Discovery
  • T1070.004 - File Deletion
  • T1027.002 - Software Packing
  • T1105 - Ingress Tool Transfer
  • T1680 - Local Storage Discovery
MITREへのリンク →

FIN7

Score: 32.74
Matched TTPs:
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1091 - Replication Through Removable Media
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1674 - Input Injection
  • T1036.004 - Masquerade Task or Service
  • T1218.005 - Mshta
  • T1497.002 - User Activity Based Checks
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Malteiro

Score: 5.13
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1140 - Deobfuscate/Decode Files or Information
  • T1518.001 - Security Software Discovery
MITREへのリンク →

APT12

Score: 3.16
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Machete

Score: 11.86
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1218.007 - Msiexec
  • T1059.006 - Python
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Elderwood

Score: 10.56
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1027.002 - Software Packing
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Transparent Tribe

Score: 7.73
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Dragonfly

Score: 16.82
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1059.006 - Python
  • T1036.010 - Masquerade Account Name
  • T1070.004 - File Deletion
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

WIRTE

Score: 7.60
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

RTM

Score: 5.16
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1189 - Drive-by Compromise
MITREへのリンク →

APT-C-36

Score: 7.67
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1027 - Obfuscated Files or Information
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

CURIUM

Score: 3.43
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1189 - Drive-by Compromise
MITREへのリンク →

Gallmaker

Score: 3.95
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

Tropic Trooper

Score: 21.06
Matched TTPs:
  • T1204.002 - Malicious File
  • T1543.003 - Windows Service
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1091 - Replication Through Removable Media
  • T1140 - Deobfuscate/Decode Files or Information
  • T1203 - Exploitation for Client Execution
  • T1518.001 - Security Software Discovery
  • T1070.004 - File Deletion
  • T1518 - Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1680 - Local Storage Discovery
MITREへのリンク →

Dark Caracal

Score: 8.05
Matched TTPs:
  • T1204.002 - Malicious File
  • T1218.001 - Compiled HTML File
  • T1189 - Drive-by Compromise
  • T1027.002 - Software Packing
MITREへのリンク →

PLATINUM

Score: 10.93
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1036 - Masquerading
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1056.004 - Credential API Hooking
MITREへのリンク →

menuPass

Score: 13.44
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1036.003 - Rename Legitimate Utilities
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

TA551

Score: 9.71
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1036 - Masquerading
  • T1218.005 - Mshta
  • T1218.010 - Regsvr32
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

HEXANE

Score: 7.13
Matched TTPs:
  • T1204.002 - Malicious File
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1518 - Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

FIN8

Score: 9.38
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1518.001 - Security Software Discovery
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Threat Group-3390

Score: 24.25
Matched TTPs:
  • T1204.002 - Malicious File
  • T1543.003 - Windows Service
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1608.002 - Upload Tool
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1070.004 - File Deletion
  • T1189 - Drive-by Compromise
  • T1027.002 - Software Packing
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

BITTER

Score: 8.85
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT37

Score: 13.95
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1027 - Obfuscated Files or Information
  • T1203 - Exploitation for Client Execution
  • T1059.006 - Python
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

LazyScripter

Score: 14.21
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1588.001 - Malware
  • T1218.005 - Mshta
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

PROMETHIUM

Score: 6.58
Matched TTPs:
  • T1204.002 - Malicious File
  • T1543.003 - Windows Service
  • T1036.004 - Masquerade Task or Service
  • T1189 - Drive-by Compromise
MITREへのリンク →

TA505

Score: 21.28
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1218.007 - Msiexec
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1553.005 - Mark-of-the-Web Bypass
  • T1588.002 - Tool
  • T1027.002 - Software Packing
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

APT39

Score: 26.14
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1059.010 - AutoHotKey & AutoIT
  • T1140 - Deobfuscate/Decode Files or Information
  • T1547.009 - Shortcut Modification
  • T1588.002 - Tool
  • T1059.006 - Python
  • T1546.010 - AppInit DLLs
  • T1070.004 - File Deletion
  • T1027.002 - Software Packing
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Star Blizzard

Score: 4.48
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
MITREへのリンク →

Higaisa

Score: 11.39
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036.004 - Masquerade Task or Service
  • T1203 - Exploitation for Client Execution
  • T1680 - Local Storage Discovery
MITREへのリンク →

Rancor

Score: 5.72
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1218.007 - Msiexec
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Wizard Spider

Score: 13.41
Matched TTPs:
  • T1204.002 - Malicious File
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1518.001 - Security Software Discovery
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Magic Hound

Score: 17.93
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1592.002 - Software
  • T1036.010 - Masquerade Account Name
  • T1070.004 - File Deletion
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN4

Score: 4.47
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1204.001 - Malicious Link
MITREへのリンク →

Cobalt Group

Score: 18.48
Matched TTPs:
  • T1204.002 - Malicious File
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1518.001 - Security Software Discovery
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Storm-1811

Score: 12.97
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1036.010 - Masquerade Account Name
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Inception

Score: 11.84
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1218.005 - Mshta
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

EXOTIC LILY

Score: 7.94
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Saint Bear

Score: 8.54
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1203 - Exploitation for Client Execution
  • T1027.002 - Software Packing
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN6

Score: 5.99
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1070.004 - File Deletion
MITREへのリンク →

Patchwork

Score: 19.26
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1518.001 - Security Software Discovery
  • T1070.004 - File Deletion
  • T1189 - Drive-by Compromise
  • T1027.002 - Software Packing
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1680 - Local Storage Discovery
MITREへのリンク →

Whitefly

Score: 4.15
Matched TTPs:
  • T1204.002 - Malicious File
  • T1574.001 - DLL
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

TA459

Score: 3.16
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Nomadic Octopus

Score: 4.63
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1036 - Masquerading
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT28

Score: 20.61
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1091 - Replication Through Removable Media
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1546.015 - Component Object Model Hijacking
  • T1203 - Exploitation for Client Execution
  • T1070.004 - File Deletion
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Gorgon Group

Score: 8.48
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1140 - Deobfuscate/Decode Files or Information
  • T1547.009 - Shortcut Modification
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT19

Score: 12.26
Matched TTPs:
  • T1204.002 - Malicious File
  • T1543.003 - Windows Service
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
  • T1189 - Drive-by Compromise
MITREへのリンク →

TA2541

Score: 16.82
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1218.005 - Mshta
  • T1588.002 - Tool
  • T1518.001 - Security Software Discovery
  • T1027.002 - Software Packing
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Earth Lusca

Score: 22.85
Matched TTPs:
  • T1204.002 - Malicious File
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1218.005 - Mshta
  • T1588.002 - Tool
  • T1027 - Obfuscated Files or Information
  • T1059.006 - Python
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

SideCopy

Score: 17.27
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1608.001 - Upload Malware
  • T1218.005 - Mshta
  • T1614 - System Location Discovery
  • T1518.001 - Security Software Discovery
  • T1518 - Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Mofang

Score: 4.47
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1204.001 - Malicious Link
MITREへのリンク →

Leviathan

Score: 16.44
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1140 - Deobfuscate/Decode Files or Information
  • T1547.009 - Shortcut Modification
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Tonto Team

Score: 8.01
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1203 - Exploitation for Client Execution
  • T1059.006 - Python
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Andariel

Score: 12.00
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1588.001 - Malware
  • T1592.002 - Software
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

BRONZE BUTLER

Score: 18.50
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1059.006 - Python
  • T1070.004 - File Deletion
  • T1189 - Drive-by Compromise
  • T1518 - Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT38

Score: 42.89
Matched TTPs:
  • T1204.002 - Malicious File
  • T1543.003 - Windows Service
  • T1566.001 - Spearphishing Attachment
  • T1218.007 - Msiexec
  • T1140 - Deobfuscate/Decode Files or Information
  • T1217 - Browser Information Discovery
  • T1553.005 - Mark-of-the-Web Bypass
  • T1218.005 - Mshta
  • T1588.002 - Tool
  • T1218.001 - Compiled HTML File
  • T1036.003 - Rename Legitimate Utilities
  • T1518.001 - Security Software Discovery
  • T1070.004 - File Deletion
  • T1189 - Drive-by Compromise
  • T1027.002 - Software Packing
  • T1036.006 - Space after Filename
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

MuddyWater

Score: 23.84
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1218.005 - Mshta
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1027.004 - Compile After Delivery
  • T1518.001 - Security Software Discovery
  • T1059.006 - Python
  • T1518 - Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Naikon

Score: 7.39
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1036.004 - Masquerade Task or Service
  • T1518.001 - Security Software Discovery
MITREへのリンク →

Molerats

Score: 10.10
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1218.007 - Msiexec
  • T1140 - Deobfuscate/Decode Files or Information
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

admin@338

Score: 3.16
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Gamaredon Group

Score: 26.60
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1091 - Replication Through Removable Media
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1218.005 - Mshta
  • T1027.012 - LNK Icon Smuggling
  • T1588.002 - Tool
  • T1027 - Obfuscated Files or Information
  • T1027.004 - Compile After Delivery
  • T1518.001 - Security Software Discovery
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Darkhotel

Score: 16.33
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1091 - Replication Through Removable Media
  • T1140 - Deobfuscate/Decode Files or Information
  • T1497.002 - User Activity Based Checks
  • T1203 - Exploitation for Client Execution
  • T1518.001 - Security Software Discovery
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT32

Score: 29.03
Matched TTPs:
  • T1204.002 - Malicious File
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1036.004 - Masquerade Task or Service
  • T1218.005 - Mshta
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
  • T1036.003 - Rename Legitimate Utilities
  • T1203 - Exploitation for Client Execution
  • T1070.004 - File Deletion
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

The White Company

Score: 8.49
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1518.001 - Security Software Discovery
  • T1070.004 - File Deletion
  • T1027.002 - Software Packing
MITREへのリンク →

IndigoZebra

Score: 3.29
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT33

Score: 7.59
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Silence

Score: 8.11
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1218.001 - Compiled HTML File
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Sidewinder

Score: 15.46
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1218.005 - Mshta
  • T1203 - Exploitation for Client Execution
  • T1518.001 - Security Software Discovery
  • T1518 - Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Confucius

Score: 11.91
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1218.005 - Mshta
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1680 - Local Storage Discovery
MITREへのリンク →

BlackTech

Score: 8.55
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Windshift

Score: 16.13
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1036 - Masquerading
  • T1027 - Obfuscated Files or Information
  • T1518.001 - Security Software Discovery
  • T1189 - Drive-by Compromise
  • T1518 - Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Medusa Group

Score: 21.19
Matched TTPs:
  • T1543.003 - Windows Service
  • T1608.002 - Upload Tool
  • T1588.002 - Tool
  • T1518.001 - Security Software Discovery
  • T1070.004 - File Deletion
  • T1027.002 - Software Packing
  • T1105 - Ingress Tool Transfer
  • T1529 - System Shutdown/Reboot
  • T1218.014 - MMC
MITREへのリンク →

Aquatic Panda

Score: 13.13
Matched TTPs:
  • T1543.003 - Windows Service
  • T1574.001 - DLL
  • T1588.001 - Malware
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1518.001 - Security Software Discovery
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT41

Score: 21.85
Matched TTPs:
  • T1543.003 - Windows Service
  • T1566.001 - Spearphishing Attachment
  • T1574.001 - DLL
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1218.001 - Compiled HTML File
  • T1027 - Obfuscated Files or Information
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1070.004 - File Deletion
  • T1027.002 - Software Packing
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Blue Mockingbird

Score: 5.53
Matched TTPs:
  • T1543.003 - Windows Service
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
MITREへのリンク →

BlackByte

Score: 9.53
Matched TTPs:
  • T1543.003 - Windows Service
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1518.001 - Security Software Discovery
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Carbanak

Score: 4.88
Matched TTPs:
  • T1543.003 - Windows Service
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
MITREへのリンク →

APT3

Score: 18.09
Matched TTPs:
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1574.001 - DLL
  • T1027 - Obfuscated Files or Information
  • T1203 - Exploitation for Client Execution
  • T1036.010 - Masquerade Account Name
  • T1070.004 - File Deletion
  • T1027.002 - Software Packing
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Agrius

Score: 5.69
Matched TTPs:
  • T1543.003 - Windows Service
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
MITREへのリンク →

Cinnamon Tempest

Score: 9.20
Matched TTPs:
  • T1543.003 - Windows Service
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.002 - Tool
  • T1059.006 - Python
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Evilnum

Score: 6.70
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1574.001 - DLL
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

APT1

Score: 5.63
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

ZIRCONIUM

Score: 17.11
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1218.007 - Msiexec
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1036.004 - Masquerade Task or Service
  • T1059.006 - Python
  • T1027.002 - Software Packing
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Winter Vivern

Score: 10.63
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1036.004 - Masquerade Task or Service
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Chimera

Score: 10.86
Matched TTPs:
  • T1574.001 - DLL
  • T1217 - Browser Information Discovery
  • T1588.002 - Tool
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
  • T1680 - Local Storage Discovery
MITREへのリンク →

GALLIUM

Score: 10.99
Matched TTPs:
  • T1574.001 - DLL
  • T1588.002 - Tool
  • T1027 - Obfuscated Files or Information
  • T1036.003 - Rename Legitimate Utilities
  • T1027.002 - Software Packing
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Daggerfly

Score: 11.85
Matched TTPs:
  • T1574.001 - DLL
  • T1195.002 - Compromise Software Supply Chain
  • T1036.003 - Rename Legitimate Utilities
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

BackdoorDiplomacy

Score: 10.20
Matched TTPs:
  • T1574.001 - DLL
  • T1588.001 - Malware
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1027 - Obfuscated Files or Information
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Volt Typhoon

Score: 23.76
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1218 - System Binary Proxy Execution
  • T1217 - Browser Information Discovery
  • T1588.002 - Tool
  • T1614 - System Location Discovery
  • T1070.004 - File Deletion
  • T1027.002 - Software Packing
  • T1518 - Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1680 - Local Storage Discovery
MITREへのリンク →

Rocke

Score: 15.93
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1027 - Obfuscated Files or Information
  • T1027.004 - Compile After Delivery
  • T1518.001 - Security Software Discovery
  • T1059.006 - Python
  • T1070.004 - File Deletion
  • T1027.002 - Software Packing
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Ember Bear

Score: 15.50
Matched TTPs:
  • T1195 - Supply Chain Compromise
  • T1036 - Masquerading
  • T1588.001 - Malware
  • T1203 - Exploitation for Client Execution
  • T1070.004 - File Deletion
  • T1588.005 - Exploits
MITREへのリンク →

Fox Kitten

Score: 6.16
Matched TTPs:
  • T1217 - Browser Information Discovery
  • T1036.004 - Masquerade Task or Service
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Scattered Spider

Score: 11.50
Matched TTPs:
  • T1217 - Browser Information Discovery
  • T1588.001 - Malware
  • T1204 - User Execution
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

LAPSUS$

Score: 7.44
Matched TTPs:
  • T1588.001 - Malware
  • T1204 - User Execution
  • T1588.002 - Tool
MITREへのリンク →

Metador

Score: 5.47
Matched TTPs:
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Equation

Score: 8.67
Matched TTPs:
  • T1542.002 - Component Firmware
  • T1564.005 - Hidden File System
MITREへのリンク →

Storm-0501

Score: 8.79
Matched TTPs:
  • T1036.004 - Masquerade Task or Service
  • T1218.010 - Regsvr32
  • T1518.001 - Security Software Discovery
  • T1027.002 - Software Packing
MITREへのリンク →

Sea Turtle

Score: 5.96
Matched TTPs:
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1027.004 - Compile After Delivery
MITREへのリンク →

INC Ransom

Score: 3.01
Matched TTPs:
  • T1588.002 - Tool
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Axiom

Score: 12.33
Matched TTPs:
  • T1553 - Subvert Trust Controls
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1001.002 - Steganography
MITREへのリンク →

ToddyCat

Score: 4.73
Matched TTPs:
  • T1518.001 - Security Software Discovery
  • T1680 - Local Storage Discovery
MITREへのリンク →

Windigo

Score: 4.51
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1518 - Software Discovery
MITREへのリンク →

Strider

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.76
Matched TTPs:
  • T1204.002 - Malicious File
  • T1218.005 - Mshta
  • T1204.001 - Malicious Link
  • T1027.002 - Software Packing
  • T1036.004 - Masquerade Task or Service
  • T1566.001 - Spearphishing Attachment
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1070.004 - File Deletion
  • T1588.002 - Tool
  • T1608.001 - Upload Malware
  • T1059.006 - Python
  • T1566.002 - Spearphishing Link
  • T1176.001 - Browser Extensions
  • T1027.012 - LNK Icon Smuggling
  • T1546.001 - Change Default File Association
  • T1027 - Obfuscated Files or Information
  • T1543.003 - Windows Service
  • T1680 - Local Storage Discovery
  • T1140 - Deobfuscate/Decode Files or Information
  • T1218.010 - Regsvr32
  • T1588.005 - Exploits
  • T1587.001 - Malware
  • T1036.007 - Double File Extension
MITREへのリンク →

APT38

Score: 0.64
Matched TTPs:
  • T1204.002 - Malicious File
  • T1218.005 - Mshta
  • T1204.001 - Malicious Link
  • T1218.007 - Msiexec
  • T1027.002 - Software Packing
  • T1566.001 - Spearphishing Attachment
  • T1189 - Drive-by Compromise
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1553.005 - Mark-of-the-Web Bypass
  • T1070.004 - File Deletion
  • T1218.001 - Compiled HTML File
  • T1588.002 - Tool
  • T1543.003 - Windows Service
  • T1217 - Browser Information Discovery
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036.006 - Space after Filename
  • T1036.003 - Rename Legitimate Utilities
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Mustang Panda

Score: 0.62
Matched TTPs:
  • T1204.002 - Malicious File
  • T1218.005 - Mshta
  • T1204.001 - Malicious Link
  • T1566.001 - Spearphishing Attachment
  • T1105 - Ingress Tool Transfer
  • T1070.004 - File Deletion
  • T1588.002 - Tool
  • T1608.001 - Upload Malware
  • T1566.002 - Spearphishing Link
  • T1027.012 - LNK Icon Smuggling
  • T1518 - Software Discovery
  • T1027 - Obfuscated Files or Information
  • T1140 - Deobfuscate/Decode Files or Information
  • T1574.001 - DLL
  • T1203 - Exploitation for Client Execution
  • T1027.007 - Dynamic API Resolution
  • T1176.002 - IDE Extensions
  • T1091 - Replication Through Removable Media
  • T1587.001 - Malware
  • T1036.007 - Double File Extension
MITREへのリンク →

Lazarus Group

Score: 0.60
Matched TTPs:
  • T1204.002 - Malicious File
  • T1218.005 - Mshta
  • T1036.004 - Masquerade Task or Service
  • T1566.001 - Spearphishing Attachment
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1070.004 - File Deletion
  • T1588.002 - Tool
  • T1566.002 - Spearphishing Link
  • T1218 - System Binary Proxy Execution
  • T1547.009 - Shortcut Modification
  • T1543.003 - Windows Service
  • T1680 - Local Storage Discovery
  • T1140 - Deobfuscate/Decode Files or Information
  • T1574.001 - DLL
  • T1203 - Exploitation for Client Execution
  • T1027.007 - Dynamic API Resolution
  • T1036.003 - Rename Legitimate Utilities
  • T1587.001 - Malware
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る