Pulse Detail-

TABMSGSQL (FAMILY)

概要

This malware family is a full-featured backdoor capable of file uploading and downloading, arbitrary execution of programs, and providing a remote interactive command shell. All communications with the C2 server are sent over HTTP to a static URL, appending various URL parameters to the request. Some variants use a slightly different URL. The C2 server appears to act as just a database, allowing the clients to craft and execute SQL statements of their choosing. The malware also implements a special mode that provides full administrative access to the C2 server. This includes displaying the status of clients who have checked in with the C2 server, queuing commands to any client, and uploading or downloading files to the C2 server.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

WEBC2-RAVE (FAMILY) (score: 0.67)
WEBC2-UGX (FAMILY) (score: 0.67)
WEBC2-BOLID (FAMILY) (score: 0.67)
COOKIEBAG (FAMILY) (score: 0.67)
WEBC2-CLOVER (FAMILY) (score: 0.66)

このPulseに関連する脅威アクター (事実ベース)

Magic Hound

Score: 11.51

Matched TTPs:

T1099 - Timestomp
T1555.003 - Credentials from Web Browsers
T1547.002 - Authentication Package
T1059.012 - Hypervisor CLI
T1556.005 - Reversible Encryption
T1622 - Debugger Evasion

MITREへのリンク →

HEXANE

Score: 8.76

Matched TTPs:

T1099 - Timestomp
T1091 - Replication Through Removable Media
T1547.002 - Authentication Package
T1622 - Debugger Evasion

MITREへのリンク →

APT29

Score: 17.83

Matched TTPs:

T1099 - Timestomp
T1555.003 - Credentials from Web Browsers
T1547.011 - Plist Modification
T1218.010 - Regsvr32
T1218.009 - Regsvcs/Regasm
T1555.004 - Windows Credential Manager

MITREへのリンク →

Gamaredon Group

Score: 22.71

Matched TTPs:

T1099 - Timestomp
T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media
T1612 - Build Image on Host
T1554 - Compromise Host Software Binary
T1542.004 - ROMMONkit
T1547.002 - Authentication Package
T1556.005 - Reversible Encryption
T1546.017 - Udev Rules

MITREへのリンク →

TA2541

Score: 7.87

Matched TTPs:

T1099 - Timestomp
T1091 - Replication Through Removable Media
T1546.017 - Udev Rules

MITREへのリンク →

FIN13

Score: 11.26

Matched TTPs:

T1099 - Timestomp
T1059.010 - AutoHotKey & AutoIT
T1555.003 - Credentials from Web Browsers
T1556.005 - Reversible Encryption
T1622 - Debugger Evasion
T1548.006 - TCC Manipulation

MITREへのリンク →

HAFNIUM

Score: 8.04

Matched TTPs:

T1099 - Timestomp
T1555.003 - Credentials from Web Browsers
T1556.005 - Reversible Encryption
T1548.006 - TCC Manipulation

MITREへのリンク →

Turla

Score: 12.19

Matched TTPs:

T1099 - Timestomp
T1059.010 - AutoHotKey & AutoIT
T1612 - Build Image on Host
T1547.002 - Authentication Package
T1059.012 - Hypervisor CLI
T1556.005 - Reversible Encryption

MITREへのリンク →

Volt Typhoon

Score: 10.07

Matched TTPs:

T1099 - Timestomp
T1059.010 - AutoHotKey & AutoIT
T1555.003 - Credentials from Web Browsers
T1622 - Debugger Evasion
T1548.006 - TCC Manipulation

MITREへのリンク →

FIN8

Score: 15.39

Matched TTPs:

T1099 - Timestomp
T1027.017 - SVG Smuggling
T1612 - Build Image on Host
T1556.005 - Reversible Encryption
T1622 - Debugger Evasion
T1556 - Modify Authentication Process

MITREへのリンク →

BRONZE BUTLER

Score: 12.33

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1542.004 - ROMMONkit
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1556.005 - Reversible Encryption
T1008 - Fallback Channels

MITREへのリンク →

APT39

Score: 13.71

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1555.003 - Credentials from Web Browsers
T1547.011 - Plist Modification
T1547.002 - Authentication Package
T1556.005 - Reversible Encryption
T1622 - Debugger Evasion
T1027.007 - Dynamic API Resolution

MITREへのリンク →

WIRTE

Score: 5.50

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1027.014 - Polymorphic Code
T1556.005 - Reversible Encryption

MITREへのリンク →

Kimsuky

Score: 16.57

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media
T1555.003 - Credentials from Web Browsers
T1027.014 - Polymorphic Code
T1547.002 - Authentication Package
T1556.005 - Reversible Encryption
T1622 - Debugger Evasion
T1008 - Fallback Channels

MITREへのリンク →

Moonstone Sleet

Score: 7.13

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media
T1556.005 - Reversible Encryption
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Mustang Panda

Score: 19.73

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media
T1555.003 - Credentials from Web Browsers
T1612 - Build Image on Host
T1218.010 - Regsvr32
T1556.005 - Reversible Encryption
T1055.005 - Thread Local Storage
T1548.006 - TCC Manipulation
T1556 - Modify Authentication Process

MITREへのリンク →

Agrius

Score: 4.98

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1555.003 - Credentials from Web Browsers
T1622 - Debugger Evasion

MITREへのリンク →

Ke3chang

Score: 7.49

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1556.005 - Reversible Encryption
T1548.006 - TCC Manipulation
T1027.007 - Dynamic API Resolution

MITREへのリンク →

APT38

Score: 12.12

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1555.003 - Credentials from Web Browsers
T1048 - Exfiltration Over Alternative Protocol
T1059.012 - Hypervisor CLI
T1556.005 - Reversible Encryption
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Molerats

Score: 4.72

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1546.017 - Udev Rules

MITREへのリンク →

Darkhotel

Score: 4.83

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

Earth Lusca

Score: 5.31

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media
T1059.012 - Hypervisor CLI

MITREへのリンク →

ZIRCONIUM

Score: 3.97

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1547.002 - Authentication Package

MITREへのリンク →

MuddyWater

Score: 13.53

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1518.002 - Backup Software Discovery
T1547.011 - Plist Modification
T1547.002 - Authentication Package
T1218.010 - Regsvr32
T1556.005 - Reversible Encryption

MITREへのリンク →

OilRig

Score: 23.80

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media
T1555.003 - Credentials from Web Browsers
T1048 - Exfiltration Over Alternative Protocol
T1218.010 - Regsvr32
T1592.002 - Software
T1556.005 - Reversible Encryption
T1622 - Debugger Evasion
T1055.015 - ListPlanting
T1556 - Modify Authentication Process

MITREへのリンク →

TA505

Score: 4.73

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media
T1556.005 - Reversible Encryption

MITREへのリンク →

Threat Group-3390

Score: 12.90

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media
T1555.003 - Credentials from Web Browsers
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1556.005 - Reversible Encryption
T1546.017 - Udev Rules

MITREへのリンク →

APT28

Score: 22.84

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1555.003 - Credentials from Web Browsers
T1547.011 - Plist Modification
T1542.004 - ROMMONkit
T1547.002 - Authentication Package
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1556.005 - Reversible Encryption
T1548.006 - TCC Manipulation
T1546.007 - Netsh Helper DLL

MITREへのリンク →

FIN7

Score: 13.42

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media
T1547.002 - Authentication Package
T1622 - Debugger Evasion
T1027.007 - Dynamic API Resolution
T1055.015 - ListPlanting

MITREへのリンク →

TeamTNT

Score: 7.25

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media
T1612 - Build Image on Host
T1556.005 - Reversible Encryption

MITREへのリンク →

Winter Vivern

Score: 4.52

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1059.012 - Hypervisor CLI
T1556.005 - Reversible Encryption

MITREへのリンク →

menuPass

Score: 11.34

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1547.011 - Plist Modification
T1542.004 - ROMMONkit
T1622 - Debugger Evasion
T1548.006 - TCC Manipulation

MITREへのリンク →

Lazarus Group

Score: 23.12

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1547.011 - Plist Modification
T1547.002 - Authentication Package
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1556.005 - Reversible Encryption
T1055.005 - Thread Local Storage
T1622 - Debugger Evasion
T1055.015 - ListPlanting
T1556 - Modify Authentication Process

MITREへのリンク →

BlackByte

Score: 10.54

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media
T1555.003 - Credentials from Web Browsers
T1556.005 - Reversible Encryption
T1622 - Debugger Evasion
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Leviathan

Score: 18.27

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1555.003 - Credentials from Web Browsers
T1554 - Compromise Host Software Binary
T1027.014 - Polymorphic Code
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1622 - Debugger Evasion
T1546.017 - Udev Rules

MITREへのリンク →

Rocke

Score: 8.56

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1612 - Build Image on Host
T1556.005 - Reversible Encryption
T1008 - Fallback Channels

MITREへのリンク →

Tropic Trooper

Score: 6.01

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1555.003 - Credentials from Web Browsers
T1218.010 - Regsvr32
T1556.005 - Reversible Encryption

MITREへのリンク →

Sandworm Team

Score: 12.73

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1091 - Replication Through Removable Media
T1555.003 - Credentials from Web Browsers
T1547.002 - Authentication Package
T1218.010 - Regsvr32
T1556.005 - Reversible Encryption
T1548.006 - TCC Manipulation

MITREへのリンク →

APT19

Score: 7.27

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1027.014 - Polymorphic Code
T1059.012 - Hypervisor CLI
T1556.005 - Reversible Encryption

MITREへのリンク →

Higaisa

Score: 7.40

Matched TTPs:

T1059.010 - AutoHotKey & AutoIT
T1218.010 - Regsvr32
T1556.005 - Reversible Encryption
T1546.017 - Udev Rules

MITREへのリンク →

LuminousMoth

Score: 3.16

Matched TTPs:

T1091 - Replication Through Removable Media
T1556.005 - Reversible Encryption

MITREへのリンク →

Mustard Tempest

Score: 3.74

Matched TTPs:

T1091 - Replication Through Removable Media
T1059.012 - Hypervisor CLI

MITREへのリンク →

LazyScripter

Score: 4.50

Matched TTPs:

T1091 - Replication Through Removable Media
T1612 - Build Image on Host

MITREへのリンク →

BITTER

Score: 4.65

Matched TTPs:

T1091 - Replication Through Removable Media
T1218.010 - Regsvr32
T1556.005 - Reversible Encryption

MITREへのリンク →

APT32

Score: 18.60

Matched TTPs:

T1091 - Replication Through Removable Media
T1555.003 - Credentials from Web Browsers
T1612 - Build Image on Host
T1027.014 - Polymorphic Code
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1556.005 - Reversible Encryption
T1027.007 - Dynamic API Resolution
T1556 - Modify Authentication Process

MITREへのリンク →

Saint Bear

Score: 3.47

Matched TTPs:

T1091 - Replication Through Removable Media
T1218.010 - Regsvr32

MITREへのリンク →

Contagious Interview

Score: 4.72

Matched TTPs:

T1091 - Replication Through Removable Media
T1556 - Modify Authentication Process

MITREへのリンク →

EXOTIC LILY

Score: 5.99

Matched TTPs:

T1091 - Replication Through Removable Media
T1612 - Build Image on Host
T1218.010 - Regsvr32

MITREへのリンク →

APT42

Score: 5.68

Matched TTPs:

T1091 - Replication Through Removable Media
T1612 - Build Image on Host
T1556.005 - Reversible Encryption

MITREへのリンク →

Cobalt Group

Score: 15.75

Matched TTPs:

T1518.002 - Backup Software Discovery
T1598.004 - Spearphishing Voice
T1027.014 - Polymorphic Code
T1218.010 - Regsvr32
T1556.005 - Reversible Encryption
T1622 - Debugger Evasion

MITREへのリンク →

CURIUM

Score: 3.53

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1059.012 - Hypervisor CLI

MITREへのリンク →

Dragonfly

Score: 9.01

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1622 - Debugger Evasion
T1548.006 - TCC Manipulation

MITREへのリンク →

Deep Panda

Score: 4.51

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1027.014 - Polymorphic Code

MITREへのリンク →

GALLIUM

Score: 4.51

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1547.011 - Plist Modification

MITREへのリンク →

Ember Bear

Score: 3.26

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1218.010 - Regsvr32

MITREへのリンク →

Fox Kitten

Score: 11.31

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1612 - Build Image on Host
T1542.004 - ROMMONkit
T1622 - Debugger Evasion
T1548.006 - TCC Manipulation

MITREへのリンク →

Tonto Team

Score: 6.01

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1547.011 - Plist Modification
T1218.010 - Regsvr32

MITREへのリンク →

APT5

Score: 3.41

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1622 - Debugger Evasion

MITREへのリンク →

Medusa Group

Score: 13.88

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1556.005 - Reversible Encryption
T1622 - Debugger Evasion
T1548.006 - TCC Manipulation
T1027.007 - Dynamic API Resolution
T1094 - Custom Command and Control Protocol

MITREへのリンク →

Sea Turtle

Score: 4.45

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1218.010 - Regsvr32
T1556.005 - Reversible Encryption

MITREへのリンク →

APT3

Score: 5.89

Matched TTPs:

T1547.011 - Plist Modification
T1218.010 - Regsvr32
T1622 - Debugger Evasion

MITREへのリンク →

Silence

Score: 10.23

Matched TTPs:

T1547.011 - Plist Modification
T1048 - Exfiltration Over Alternative Protocol
T1622 - Debugger Evasion
T1027.007 - Dynamic API Resolution

MITREへのリンク →

RedCurl

Score: 6.74

Matched TTPs:

T1612 - Build Image on Host
T1542.004 - ROMMONkit
T1556.005 - Reversible Encryption

MITREへのリンク →

Inception

Score: 7.95

Matched TTPs:

T1612 - Build Image on Host
T1027.014 - Polymorphic Code
T1218.010 - Regsvr32
T1556.005 - Reversible Encryption

MITREへのリンク →

FIN6

Score: 11.66

Matched TTPs:

T1612 - Build Image on Host
T1622 - Debugger Evasion
T1548.006 - TCC Manipulation
T1027.007 - Dynamic API Resolution
T1556 - Modify Authentication Process

MITREへのリンク →

Dark Caracal

Score: 6.39

Matched TTPs:

T1048 - Exfiltration Over Alternative Protocol
T1059.012 - Hypervisor CLI
T1556.005 - Reversible Encryption

MITREへのリンク →

APT41

Score: 19.23

Matched TTPs:

T1048 - Exfiltration Over Alternative Protocol
T1218.010 - Regsvr32
T1556.005 - Reversible Encryption
T1622 - Debugger Evasion
T1548.006 - TCC Manipulation
T1027.007 - Dynamic API Resolution
T1055.015 - ListPlanting
T1008 - Fallback Channels

MITREへのリンク →

Sowbug

Score: 3.03

Matched TTPs:

T1542.004 - ROMMONkit

MITREへのリンク →

Chimera

Score: 10.61

Matched TTPs:

T1542.004 - ROMMONkit
T1556.005 - Reversible Encryption
T1622 - Debugger Evasion
T1548.006 - TCC Manipulation
T1027.007 - Dynamic API Resolution

MITREへのリンク →

TA551

Score: 3.93

Matched TTPs:

T1027.014 - Polymorphic Code
T1556.005 - Reversible Encryption

MITREへのリンク →

Blue Mockingbird

Score: 6.79

Matched TTPs:

T1027.014 - Polymorphic Code
T1622 - Debugger Evasion
T1027.007 - Dynamic API Resolution

MITREへのリンク →

APT37

Score: 6.84

Matched TTPs:

T1547.002 - Authentication Package
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1556.005 - Reversible Encryption

MITREへのリンク →

APT12

Score: 3.89

Matched TTPs:

T1547.002 - Authentication Package
T1218.010 - Regsvr32

MITREへのリンク →

Andariel

Score: 3.26

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

Patchwork

Score: 8.19

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1622 - Debugger Evasion
T1008 - Fallback Channels

MITREへのリンク →

Axiom

Score: 9.44

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1622 - Debugger Evasion
T1160 - Launch Daemon

MITREへのリンク →

UNC3886

Score: 4.93

Matched TTPs:

T1218.010 - Regsvr32
T1055.015 - ListPlanting

MITREへのリンク →

Transparent Tribe

Score: 3.26

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

Elderwood

Score: 3.26

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

APT33

Score: 5.43

Matched TTPs:

T1218.010 - Regsvr32
T1556.005 - Reversible Encryption
T1556 - Modify Authentication Process

MITREへのリンク →

RTM

Score: 5.05

Matched TTPs:

T1059.012 - Hypervisor CLI
T1008 - Fallback Channels

MITREへのリンク →

Wizard Spider

Score: 10.32

Matched TTPs:

T1556.005 - Reversible Encryption
T1622 - Debugger Evasion
T1548.006 - TCC Manipulation
T1027.007 - Dynamic API Resolution
T1556 - Modify Authentication Process

MITREへのリンク →

INC Ransom

Score: 4.05

Matched TTPs:

T1622 - Debugger Evasion
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Scattered Spider

Score: 3.99

Matched TTPs:

T1622 - Debugger Evasion
T1548.006 - TCC Manipulation

MITREへのリンク →

Mofang

Score: 3.15

Matched TTPs:

T1546.017 - Udev Rules

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

OilRig

Score: 0.77

Matched TTPs:

T1218.010 - Regsvr32
T1059.010 - AutoHotKey & AutoIT
T1622 - Debugger Evasion
T1555.003 - Credentials from Web Browsers
T1048 - Exfiltration Over Alternative Protocol
T1091 - Replication Through Removable Media
T1556 - Modify Authentication Process
T1592.002 - Software
T1055.015 - ListPlanting
T1556.005 - Reversible Encryption

MITREへのリンク →

Lazarus Group

Score: 0.76

Matched TTPs:

T1059.012 - Hypervisor CLI
T1055.005 - Thread Local Storage
T1218.010 - Regsvr32
T1059.010 - AutoHotKey & AutoIT
T1622 - Debugger Evasion
T1556 - Modify Authentication Process
T1547.002 - Authentication Package
T1055.015 - ListPlanting
T1547.011 - Plist Modification
T1556.005 - Reversible Encryption

MITREへのリンク →

APT28

Score: 0.75

Matched TTPs:

T1059.012 - Hypervisor CLI
T1548.006 - TCC Manipulation
T1218.010 - Regsvr32
T1059.010 - AutoHotKey & AutoIT
T1555.003 - Credentials from Web Browsers
T1542.004 - ROMMONkit
T1547.002 - Authentication Package
T1547.011 - Plist Modification
T1556.005 - Reversible Encryption
T1546.007 - Netsh Helper DLL

MITREへのリンク →

Gamaredon Group

Score: 0.74

Matched TTPs:

T1554 - Compromise Host Software Binary
T1059.010 - AutoHotKey & AutoIT
T1546.017 - Udev Rules
T1091 - Replication Through Removable Media
T1542.004 - ROMMONkit
T1547.002 - Authentication Package
T1099 - Timestomp
T1612 - Build Image on Host
T1556.005 - Reversible Encryption

MITREへのリンク →

APT41

Score: 0.66

Matched TTPs:

T1548.006 - TCC Manipulation
T1622 - Debugger Evasion
T1218.010 - Regsvr32
T1048 - Exfiltration Over Alternative Protocol
T1027.007 - Dynamic API Resolution
T1008 - Fallback Channels
T1055.015 - ListPlanting
T1556.005 - Reversible Encryption

MITREへのリンク →

APT32

Score: 0.64

Matched TTPs:

T1059.012 - Hypervisor CLI
T1218.010 - Regsvr32
T1555.003 - Credentials from Web Browsers
T1091 - Replication Through Removable Media
T1027.007 - Dynamic API Resolution
T1556 - Modify Authentication Process
T1027.014 - Polymorphic Code
T1612 - Build Image on Host
T1556.005 - Reversible Encryption

MITREへのリンク →

Mustang Panda

Score: 0.63

Matched TTPs:

T1055.005 - Thread Local Storage
T1548.006 - TCC Manipulation
T1218.010 - Regsvr32
T1059.010 - AutoHotKey & AutoIT
T1555.003 - Credentials from Web Browsers
T1091 - Replication Through Removable Media
T1556 - Modify Authentication Process
T1612 - Build Image on Host
T1556.005 - Reversible Encryption

MITREへのリンク →

Leviathan

Score: 0.62

Matched TTPs:

T1059.012 - Hypervisor CLI
T1218.010 - Regsvr32
T1554 - Compromise Host Software Binary
T1059.010 - AutoHotKey & AutoIT
T1555.003 - Credentials from Web Browsers
T1622 - Debugger Evasion
T1546.017 - Udev Rules
T1027.014 - Polymorphic Code

MITREへのリンク →

APT29

Score: 0.60

Matched TTPs:

T1218.010 - Regsvr32
T1555.003 - Credentials from Web Browsers
T1218.009 - Regsvcs/Regasm
T1555.004 - Windows Credential Manager
T1099 - Timestomp
T1547.011 - Plist Modification

MITREへのリンク →

Kimsuky

Score: 0.56

Matched TTPs:

T1622 - Debugger Evasion
T1059.010 - AutoHotKey & AutoIT
T1555.003 - Credentials from Web Browsers
T1091 - Replication Through Removable Media
T1547.002 - Authentication Package
T1008 - Fallback Channels
T1027.014 - Polymorphic Code
T1556.005 - Reversible Encryption

MITREへのリンク →

FIN8

Score: 0.56

Matched TTPs:

T1622 - Debugger Evasion
T1556 - Modify Authentication Process
T1099 - Timestomp
T1612 - Build Image on Host
T1027.017 - SVG Smuggling
T1556.005 - Reversible Encryption

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る

TABMSGSQL (FAMILY)

概要

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

Pulse – 脅威アクター グラフ

Pulse – 脅威アクターグラフ