Trusted Design

MANITSME (FAMILY)

概要

This family of malware will beacon out at random intervals to the remote attacker. The attacker can run programs, execute arbitrary commands, and easily upload and download files. This IOC looks for both the dropper file and the backdoor.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Winnti Group

Score: 3.29
Matched TTPs:
  • T1499.001 - OS Exhaustion Flood
MITREへのリンク →

APT41

Score: 14.90
Matched TTPs:
  • T1499.001 - OS Exhaustion Flood
  • T1584.003 - Virtual Private Server
  • T1048 - Exfiltration Over Alternative Protocol
  • T1218.010 - Regsvr32
  • T1556.005 - Reversible Encryption
  • T1622 - Debugger Evasion
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

Rocke

Score: 6.04
Matched TTPs:
  • T1499.001 - OS Exhaustion Flood
  • T1059.010 - AutoHotKey & AutoIT
  • T1556.005 - Reversible Encryption
MITREへのリンク →

TeamTNT

Score: 14.82
Matched TTPs:
  • T1499.001 - OS Exhaustion Flood
  • T1606.002 - SAML Tokens
  • T1003.007 - Proc Filesystem
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1558 - Steal or Forge Kerberos Tickets
  • T1556.005 - Reversible Encryption
MITREへのリンク →

APT28

Score: 19.59
Matched TTPs:
  • T1499.001 - OS Exhaustion Flood
  • T1552.005 - Cloud Instance Metadata API
  • T1584.003 - Virtual Private Server
  • T1059.010 - AutoHotKey & AutoIT
  • T1558 - Steal or Forge Kerberos Tickets
  • T1555.003 - Credentials from Web Browsers
  • T1542.004 - ROMMONkit
  • T1218.010 - Regsvr32
  • T1556.005 - Reversible Encryption
MITREへのリンク →

UNC3886

Score: 6.87
Matched TTPs:
  • T1499.001 - OS Exhaustion Flood
  • T1606.002 - SAML Tokens
  • T1218.010 - Regsvr32
MITREへのリンク →

OilRig

Score: 24.95
Matched TTPs:
  • T1552.005 - Cloud Instance Metadata API
  • T1606.002 - SAML Tokens
  • T1003.007 - Proc Filesystem
  • T1584.003 - Virtual Private Server
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1558 - Steal or Forge Kerberos Tickets
  • T1555.003 - Credentials from Web Browsers
  • T1048 - Exfiltration Over Alternative Protocol
  • T1218.010 - Regsvr32
  • T1556.005 - Reversible Encryption
  • T1622 - Debugger Evasion
MITREへのリンク →

Gamaredon Group

Score: 19.42
Matched TTPs:
  • T1552.005 - Cloud Instance Metadata API
  • T1591.003 - Identify Business Tempo
  • T1584.003 - Virtual Private Server
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1542.004 - ROMMONkit
  • T1556.005 - Reversible Encryption
  • T1546.017 - Udev Rules
MITREへのリンク →

Turla

Score: 12.44
Matched TTPs:
  • T1552.005 - Cloud Instance Metadata API
  • T1606.002 - SAML Tokens
  • T1003.007 - Proc Filesystem
  • T1584.003 - Virtual Private Server
  • T1059.010 - AutoHotKey & AutoIT
  • T1556.005 - Reversible Encryption
MITREへのリンク →

Kimsuky

Score: 14.21
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1003.007 - Proc Filesystem
  • T1584.003 - Virtual Private Server
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1555.003 - Credentials from Web Browsers
  • T1556.005 - Reversible Encryption
  • T1622 - Debugger Evasion
MITREへのリンク →

FIN13

Score: 11.90
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1584.003 - Virtual Private Server
  • T1059.010 - AutoHotKey & AutoIT
  • T1558 - Steal or Forge Kerberos Tickets
  • T1555.003 - Credentials from Web Browsers
  • T1556.005 - Reversible Encryption
  • T1622 - Debugger Evasion
MITREへのリンク →

Moonstone Sleet

Score: 9.22
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1556.005 - Reversible Encryption
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

Indrik Spider

Score: 6.27
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1003.007 - Proc Filesystem
  • T1622 - Debugger Evasion
MITREへのリンク →

Lazarus Group

Score: 16.86
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1584.003 - Virtual Private Server
  • T1059.010 - AutoHotKey & AutoIT
  • T1174 - Password Filter DLL
  • T1218.010 - Regsvr32
  • T1556.005 - Reversible Encryption
  • T1055.005 - Thread Local Storage
  • T1622 - Debugger Evasion
MITREへのリンク →

Contagious Interview

Score: 10.79
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1091 - Replication Through Removable Media
  • T1558 - Steal or Forge Kerberos Tickets
  • T1059.006 - Python
MITREへのリンク →

LuminousMoth

Score: 6.70
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1584.003 - Virtual Private Server
  • T1091 - Replication Through Removable Media
  • T1556.005 - Reversible Encryption
MITREへのリンク →

Sandworm Team

Score: 21.88
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1584.003 - Virtual Private Server
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1558 - Steal or Forge Kerberos Tickets
  • T1555.003 - Credentials from Web Browsers
  • T1049 - System Network Connections Discovery
  • T1218.010 - Regsvr32
  • T1075 - Pass the Hash
  • T1556.005 - Reversible Encryption
MITREへのリンク →

APT29

Score: 11.34
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1584.003 - Virtual Private Server
  • T1555.003 - Credentials from Web Browsers
  • T1218.010 - Regsvr32
  • T1555.004 - Windows Credential Manager
MITREへのリンク →

Aoqin Dragon

Score: 5.78
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1558 - Steal or Forge Kerberos Tickets
  • T1218.010 - Regsvr32
MITREへのリンク →

RedCurl

Score: 11.20
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1591.003 - Identify Business Tempo
  • T1584.003 - Virtual Private Server
  • T1542.004 - ROMMONkit
  • T1556.005 - Reversible Encryption
MITREへのリンク →

Moses Staff

Score: 3.86
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1555.003 - Credentials from Web Browsers
MITREへのリンク →

Ke3chang

Score: 11.22
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1003.007 - Proc Filesystem
  • T1584.003 - Virtual Private Server
  • T1059.010 - AutoHotKey & AutoIT
  • T1556.005 - Reversible Encryption
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

Mustang Panda

Score: 14.22
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1555.003 - Credentials from Web Browsers
  • T1218.010 - Regsvr32
  • T1556.005 - Reversible Encryption
  • T1055.005 - Thread Local Storage
MITREへのリンク →

FIN7

Score: 11.13
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1584.003 - Virtual Private Server
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1622 - Debugger Evasion
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

Darkhotel

Score: 6.50
Matched TTPs:
  • T1591.003 - Identify Business Tempo
  • T1059.010 - AutoHotKey & AutoIT
  • T1218.010 - Regsvr32
MITREへのリンク →

BRONZE BUTLER

Score: 16.88
Matched TTPs:
  • T1591.003 - Identify Business Tempo
  • T1003.007 - Proc Filesystem
  • T1584.003 - Virtual Private Server
  • T1059.010 - AutoHotKey & AutoIT
  • T1558 - Steal or Forge Kerberos Tickets
  • T1542.004 - ROMMONkit
  • T1218.010 - Regsvr32
  • T1556.005 - Reversible Encryption
MITREへのリンク →

Cinnamon Tempest

Score: 5.01
Matched TTPs:
  • T1591.003 - Identify Business Tempo
  • T1059.010 - AutoHotKey & AutoIT
MITREへのリンク →

Aquatic Panda

Score: 5.62
Matched TTPs:
  • T1003.007 - Proc Filesystem
  • T1584.003 - Virtual Private Server
  • T1622 - Debugger Evasion
MITREへのリンク →

Chimera

Score: 10.79
Matched TTPs:
  • T1003.007 - Proc Filesystem
  • T1542.004 - ROMMONkit
  • T1556.005 - Reversible Encryption
  • T1622 - Debugger Evasion
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

Earth Lusca

Score: 6.06
Matched TTPs:
  • T1003.007 - Proc Filesystem
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
MITREへのリンク →

Volt Typhoon

Score: 12.57
Matched TTPs:
  • T1003.007 - Proc Filesystem
  • T1584.003 - Virtual Private Server
  • T1059.010 - AutoHotKey & AutoIT
  • T1555.003 - Credentials from Web Browsers
  • T1049 - System Network Connections Discovery
  • T1622 - Debugger Evasion
MITREへのリンク →

admin@338

Score: 4.02
Matched TTPs:
  • T1003.007 - Proc Filesystem
  • T1218.010 - Regsvr32
MITREへのリンク →

APT1

Score: 5.62
Matched TTPs:
  • T1003.007 - Proc Filesystem
  • T1584.003 - Virtual Private Server
  • T1622 - Debugger Evasion
MITREへのリンク →

APT39

Score: 10.01
Matched TTPs:
  • T1584.003 - Virtual Private Server
  • T1059.010 - AutoHotKey & AutoIT
  • T1555.003 - Credentials from Web Browsers
  • T1556.005 - Reversible Encryption
  • T1622 - Debugger Evasion
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

HAFNIUM

Score: 8.02
Matched TTPs:
  • T1584.003 - Virtual Private Server
  • T1555.003 - Credentials from Web Browsers
  • T1049 - System Network Connections Discovery
  • T1556.005 - Reversible Encryption
MITREへのリンク →

Axiom

Score: 12.75
Matched TTPs:
  • T1584.003 - Virtual Private Server
  • T1049 - System Network Connections Discovery
  • T1218.010 - Regsvr32
  • T1622 - Debugger Evasion
  • T1160 - Launch Daemon
MITREへのリンク →

Fox Kitten

Score: 7.89
Matched TTPs:
  • T1584.003 - Virtual Private Server
  • T1555.003 - Credentials from Web Browsers
  • T1542.004 - ROMMONkit
  • T1622 - Debugger Evasion
MITREへのリンク →

GALLIUM

Score: 6.50
Matched TTPs:
  • T1584.003 - Virtual Private Server
  • T1555.003 - Credentials from Web Browsers
  • T1174 - Password Filter DLL
MITREへのリンク →

Agrius

Score: 8.61
Matched TTPs:
  • T1584.003 - Virtual Private Server
  • T1059.010 - AutoHotKey & AutoIT
  • T1558 - Steal or Forge Kerberos Tickets
  • T1555.003 - Credentials from Web Browsers
  • T1622 - Debugger Evasion
MITREへのリンク →

FIN6

Score: 5.49
Matched TTPs:
  • T1584.003 - Virtual Private Server
  • T1622 - Debugger Evasion
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

APT37

Score: 4.13
Matched TTPs:
  • T1584.003 - Virtual Private Server
  • T1218.010 - Regsvr32
  • T1556.005 - Reversible Encryption
MITREへのリンク →

Dragonfly

Score: 6.35
Matched TTPs:
  • T1584.003 - Virtual Private Server
  • T1555.003 - Credentials from Web Browsers
  • T1218.010 - Regsvr32
  • T1622 - Debugger Evasion
MITREへのリンク →

CURIUM

Score: 3.21
Matched TTPs:
  • T1584.003 - Virtual Private Server
  • T1555.003 - Credentials from Web Browsers
MITREへのリンク →

Inception

Score: 4.13
Matched TTPs:
  • T1584.003 - Virtual Private Server
  • T1218.010 - Regsvr32
  • T1556.005 - Reversible Encryption
MITREへのリンク →

Patchwork

Score: 4.59
Matched TTPs:
  • T1584.003 - Virtual Private Server
  • T1218.010 - Regsvr32
  • T1622 - Debugger Evasion
MITREへのリンク →

APT3

Score: 4.59
Matched TTPs:
  • T1584.003 - Virtual Private Server
  • T1218.010 - Regsvr32
  • T1622 - Debugger Evasion
MITREへのリンク →

Threat Group-3390

Score: 16.72
Matched TTPs:
  • T1584.003 - Virtual Private Server
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1218.003 - CMSTP
  • T1555.003 - Credentials from Web Browsers
  • T1218.010 - Regsvr32
  • T1556.005 - Reversible Encryption
  • T1546.017 - Udev Rules
MITREへのリンク →

Ember Bear

Score: 6.89
Matched TTPs:
  • T1584.003 - Virtual Private Server
  • T1558 - Steal or Forge Kerberos Tickets
  • T1555.003 - Credentials from Web Browsers
  • T1218.010 - Regsvr32
MITREへのリンク →

APT38

Score: 19.63
Matched TTPs:
  • T1584.003 - Virtual Private Server
  • T1059.010 - AutoHotKey & AutoIT
  • T1555.003 - Credentials from Web Browsers
  • T1048 - Exfiltration Over Alternative Protocol
  • T1174 - Password Filter DLL
  • T1556.005 - Reversible Encryption
  • T1059.005 - Visual Basic
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

menuPass

Score: 13.17
Matched TTPs:
  • T1584.003 - Virtual Private Server
  • T1059.010 - AutoHotKey & AutoIT
  • T1558 - Steal or Forge Kerberos Tickets
  • T1542.004 - ROMMONkit
  • T1174 - Password Filter DLL
  • T1622 - Debugger Evasion
MITREへのリンク →

Wizard Spider

Score: 6.68
Matched TTPs:
  • T1584.003 - Virtual Private Server
  • T1556.005 - Reversible Encryption
  • T1622 - Debugger Evasion
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

Magic Hound

Score: 6.05
Matched TTPs:
  • T1584.003 - Virtual Private Server
  • T1555.003 - Credentials from Web Browsers
  • T1556.005 - Reversible Encryption
  • T1622 - Debugger Evasion
MITREへのリンク →

Dark Caracal

Score: 6.07
Matched TTPs:
  • T1584.003 - Virtual Private Server
  • T1048 - Exfiltration Over Alternative Protocol
  • T1556.005 - Reversible Encryption
MITREへのリンク →

Molerats

Score: 4.72
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1546.017 - Udev Rules
MITREへのリンク →

Storm-1811

Score: 3.75
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1558 - Steal or Forge Kerberos Tickets
MITREへのリンク →

ZIRCONIUM

Score: 3.75
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1558 - Steal or Forge Kerberos Tickets
MITREへのリンク →

MuddyWater

Score: 8.38
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1518.002 - Backup Software Discovery
  • T1218.010 - Regsvr32
  • T1556.005 - Reversible Encryption
MITREへのリンク →

TA505

Score: 4.73
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1556.005 - Reversible Encryption
MITREへのリンク →

Winter Vivern

Score: 4.94
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1558 - Steal or Forge Kerberos Tickets
  • T1556.005 - Reversible Encryption
MITREへのリンク →

BlackByte

Score: 10.54
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1555.003 - Credentials from Web Browsers
  • T1556.005 - Reversible Encryption
  • T1622 - Debugger Evasion
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

Leviathan

Score: 9.63
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1555.003 - Credentials from Web Browsers
  • T1218.010 - Regsvr32
  • T1622 - Debugger Evasion
  • T1546.017 - Udev Rules
MITREへのリンク →

Tropic Trooper

Score: 6.01
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1555.003 - Credentials from Web Browsers
  • T1218.010 - Regsvr32
  • T1556.005 - Reversible Encryption
MITREへのリンク →

Higaisa

Score: 7.40
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1218.010 - Regsvr32
  • T1556.005 - Reversible Encryption
  • T1546.017 - Udev Rules
MITREへのリンク →

TA2541

Score: 5.12
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1546.017 - Udev Rules
MITREへのリンク →

LazyScripter

Score: 4.16
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1558 - Steal or Forge Kerberos Tickets
MITREへのリンク →

BITTER

Score: 4.65
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1218.010 - Regsvr32
  • T1556.005 - Reversible Encryption
MITREへのリンク →

APT32

Score: 14.29
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1558 - Steal or Forge Kerberos Tickets
  • T1555.003 - Credentials from Web Browsers
  • T1174 - Password Filter DLL
  • T1218.010 - Regsvr32
  • T1556.005 - Reversible Encryption
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

HEXANE

Score: 3.62
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1622 - Debugger Evasion
MITREへのリンク →

Saint Bear

Score: 3.47
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1218.010 - Regsvr32
MITREへのリンク →

EXOTIC LILY

Score: 3.47
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1218.010 - Regsvr32
MITREへのリンク →

APT42

Score: 3.16
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1556.005 - Reversible Encryption
MITREへのリンク →

Windshift

Score: 3.37
Matched TTPs:
  • T1558 - Steal or Forge Kerberos Tickets
  • T1556.005 - Reversible Encryption
MITREへのリンク →

TA551

Score: 3.37
Matched TTPs:
  • T1558 - Steal or Forge Kerberos Tickets
  • T1556.005 - Reversible Encryption
MITREへのリンク →

Cobalt Group

Score: 8.46
Matched TTPs:
  • T1518.002 - Backup Software Discovery
  • T1218.010 - Regsvr32
  • T1556.005 - Reversible Encryption
  • T1622 - Debugger Evasion
MITREへのリンク →

Medusa Group

Score: 15.67
Matched TTPs:
  • T1218.003 - CMSTP
  • T1555.003 - Credentials from Web Browsers
  • T1556.005 - Reversible Encryption
  • T1622 - Debugger Evasion
  • T1027.007 - Dynamic API Resolution
  • T1094 - Custom Command and Control Protocol
MITREへのリンク →

Tonto Team

Score: 3.26
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1218.010 - Regsvr32
MITREへのリンク →

APT5

Score: 3.41
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1622 - Debugger Evasion
MITREへのリンク →

Sea Turtle

Score: 4.45
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1218.010 - Regsvr32
  • T1556.005 - Reversible Encryption
MITREへのリンク →

Silence

Score: 7.48
Matched TTPs:
  • T1048 - Exfiltration Over Alternative Protocol
  • T1622 - Debugger Evasion
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

Sowbug

Score: 3.03
Matched TTPs:
  • T1542.004 - ROMMONkit
MITREへのリンク →

Daggerfly

Score: 4.47
Matched TTPs:
  • T1174 - Password Filter DLL
  • T1556.005 - Reversible Encryption
MITREへのリンク →

INC Ransom

Score: 4.05
Matched TTPs:
  • T1622 - Debugger Evasion
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

Blue Mockingbird

Score: 4.05
Matched TTPs:
  • T1622 - Debugger Evasion
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

Mofang

Score: 3.15
Matched TTPs:
  • T1546.017 - Udev Rules
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

OilRig

Score: 0.80
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1048 - Exfiltration Over Alternative Protocol
  • T1218.010 - Regsvr32
  • T1556.005 - Reversible Encryption
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1552.005 - Cloud Instance Metadata API
  • T1622 - Debugger Evasion
  • T1003.007 - Proc Filesystem
  • T1584.003 - Virtual Private Server
  • T1558 - Steal or Forge Kerberos Tickets
  • T1606.002 - SAML Tokens
MITREへのリンク →

Sandworm Team

Score: 0.73
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1218.010 - Regsvr32
  • T1556.005 - Reversible Encryption
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1049 - System Network Connections Discovery
  • T1584.003 - Virtual Private Server
  • T1558 - Steal or Forge Kerberos Tickets
  • T1075 - Pass the Hash
  • T1606.002 - SAML Tokens
MITREへのリンク →

APT28

Score: 0.67
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1218.010 - Regsvr32
  • T1556.005 - Reversible Encryption
  • T1059.010 - AutoHotKey & AutoIT
  • T1542.004 - ROMMONkit
  • T1552.005 - Cloud Instance Metadata API
  • T1584.003 - Virtual Private Server
  • T1558 - Steal or Forge Kerberos Tickets
  • T1499.001 - OS Exhaustion Flood
MITREへのリンク →

Gamaredon Group

Score: 0.66
Matched TTPs:
  • T1556.005 - Reversible Encryption
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1542.004 - ROMMONkit
  • T1546.017 - Udev Rules
  • T1552.005 - Cloud Instance Metadata API
  • T1584.003 - Virtual Private Server
  • T1591.003 - Identify Business Tempo
MITREへのリンク →

APT38

Score: 0.64
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1174 - Password Filter DLL
  • T1048 - Exfiltration Over Alternative Protocol
  • T1556.005 - Reversible Encryption
  • T1059.010 - AutoHotKey & AutoIT
  • T1059.005 - Visual Basic
  • T1584.003 - Virtual Private Server
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

Threat Group-3390

Score: 0.59
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1218.010 - Regsvr32
  • T1556.005 - Reversible Encryption
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1218.003 - CMSTP
  • T1546.017 - Udev Rules
  • T1584.003 - Virtual Private Server
MITREへのリンク →

BRONZE BUTLER

Score: 0.58
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1556.005 - Reversible Encryption
  • T1059.010 - AutoHotKey & AutoIT
  • T1542.004 - ROMMONkit
  • T1003.007 - Proc Filesystem
  • T1584.003 - Virtual Private Server
  • T1558 - Steal or Forge Kerberos Tickets
  • T1591.003 - Identify Business Tempo
MITREへのリンク →

Medusa Group

Score: 0.57
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1556.005 - Reversible Encryption
  • T1094 - Custom Command and Control Protocol
  • T1218.003 - CMSTP
  • T1622 - Debugger Evasion
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

Lazarus Group

Score: 0.57
Matched TTPs:
  • T1174 - Password Filter DLL
  • T1218.010 - Regsvr32
  • T1556.005 - Reversible Encryption
  • T1059.010 - AutoHotKey & AutoIT
  • T1622 - Debugger Evasion
  • T1584.003 - Virtual Private Server
  • T1606.002 - SAML Tokens
  • T1055.005 - Thread Local Storage
MITREへのリンク →

TeamTNT

Score: 0.55
Matched TTPs:
  • T1556.005 - Reversible Encryption
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1003.007 - Proc Filesystem
  • T1558 - Steal or Forge Kerberos Tickets
  • T1499.001 - OS Exhaustion Flood
  • T1606.002 - SAML Tokens
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る