Trusted Design

BOUNCER (FAMILY)

概要

BOUNCER will load an extracted DLL into memory, and then will call the DLL's dump export. The dump export is called with the parameters passed via the command line to the BOUNCER executable. It requires at least two arguments, the IP and port to send the password dump information. It can accept at most five arguments, including a proxy IP, port and an x.509 key for SSL authentication. The DLL backdoor has the capability to execute arbitrary commands, collect database and server information, brute force SQL login credentials, launch arbitrary programs, create processes and threads, delete files, and redirect network traffic.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

SHELLDC.DLL (BACKDOOR) (score: 0.52)
WEBC2-BOLID (FAMILY) (score: 0.50)
HACKSFASE (FAMILY) (score: 0.49)
WEBC2-CLOVER (FAMILY) (score: 0.49)
WEBC2-CSON (FAMILY) (score: 0.48)

このPulseに関連する脅威アクター (事実ベース)

Windshift

Score: 5.23

Matched TTPs:

T1583.006 - Web Services
T1556.005 - Reversible Encryption
T1547.008 - LSASS Driver

MITREへのリンク →

Volt Typhoon

Score: 6.50

Matched TTPs:

T1583.006 - Web Services
T1537 - Transfer Data to Cloud Account
T1569.002 - Service Execution

MITREへのリンク →

Tropic Trooper

Score: 8.30

Matched TTPs:

T1583.006 - Web Services
T1556.005 - Reversible Encryption
T1587 - Develop Capabilities
T1490 - Inhibit System Recovery

MITREへのリンク →

HAFNIUM

Score: 5.37

Matched TTPs:

T1583.006 - Web Services
T1556.005 - Reversible Encryption
T1490 - Inhibit System Recovery

MITREへのリンク →

Play

Score: 4.18

Matched TTPs:

T1583.006 - Web Services
T1490 - Inhibit System Recovery

MITREへのリンク →

Stealth Falcon

Score: 6.33

Matched TTPs:

T1583.006 - Web Services
T1556.009 - Conditional Access Policies
T1556.005 - Reversible Encryption

MITREへのリンク →

TeamTNT

Score: 4.76

Matched TTPs:

T1583.006 - Web Services
T1537 - Transfer Data to Cloud Account
T1556.005 - Reversible Encryption

MITREへのリンク →

APT28

Score: 9.77

Matched TTPs:

T1583.006 - Web Services
T1097 - Pass the Ticket
T1556.005 - Reversible Encryption
T1546.007 - Netsh Helper DLL

MITREへのリンク →

Lazarus Group

Score: 13.83

Matched TTPs:

T1583.006 - Web Services
T1556.005 - Reversible Encryption
T1587 - Develop Capabilities
T1547.008 - LSASS Driver
T1569.002 - Service Execution
T1556 - Modify Authentication Process

MITREへのリンク →

Storm-0501

Score: 9.38

Matched TTPs:

T1583.006 - Web Services
T1097 - Pass the Ticket
T1537 - Transfer Data to Cloud Account
T1204.001 - Malicious Link

MITREへのリンク →

Molerats

Score: 4.67

Matched TTPs:

T1583.006 - Web Services
T1546.017 - Udev Rules

MITREへのリンク →

Medusa Group

Score: 12.58

Matched TTPs:

T1583.006 - Web Services
T1537 - Transfer Data to Cloud Account
T1556.005 - Reversible Encryption
T1204.001 - Malicious Link
T1094 - Custom Command and Control Protocol

MITREへのリンク →

Mustang Panda

Score: 5.45

Matched TTPs:

T1583.006 - Web Services
T1556.005 - Reversible Encryption
T1556 - Modify Authentication Process

MITREへのリンク →

ToddyCat

Score: 4.04

Matched TTPs:

T1583.006 - Web Services
T1547.008 - LSASS Driver

MITREへのリンク →

FIN7

Score: 4.18

Matched TTPs:

T1583.006 - Web Services
T1490 - Inhibit System Recovery

MITREへのリンク →

Turla

Score: 17.37

Matched TTPs:

T1583.006 - Web Services
T1097 - Pass the Ticket
T1556.009 - Conditional Access Policies
T1556.005 - Reversible Encryption
T1587 - Develop Capabilities
T1569.002 - Service Execution
T1490 - Inhibit System Recovery

MITREへのリンク →

Rocke

Score: 4.76

Matched TTPs:

T1583.006 - Web Services
T1537 - Transfer Data to Cloud Account
T1556.005 - Reversible Encryption

MITREへのリンク →

Magic Hound

Score: 5.23

Matched TTPs:

T1583.006 - Web Services
T1556.005 - Reversible Encryption
T1547.008 - LSASS Driver

MITREへのリンク →

Kimsuky

Score: 10.58

Matched TTPs:

T1583.006 - Web Services
T1001 - Data Obfuscation
T1537 - Transfer Data to Cloud Account
T1556.005 - Reversible Encryption
T1490 - Inhibit System Recovery

MITREへのリンク →

Higaisa

Score: 8.79

Matched TTPs:

T1583.006 - Web Services
T1556.005 - Reversible Encryption
T1569.002 - Service Execution
T1546.017 - Udev Rules

MITREへのリンク →

HEXANE

Score: 4.04

Matched TTPs:

T1583.006 - Web Services
T1097 - Pass the Ticket

MITREへのリンク →

OilRig

Score: 14.12

Matched TTPs:

T1583.006 - Web Services
T1097 - Pass the Ticket
T1556.009 - Conditional Access Policies
T1556.005 - Reversible Encryption
T1547.008 - LSASS Driver
T1556 - Modify Authentication Process

MITREへのリンク →

APT3

Score: 3.57

Matched TTPs:

T1583.006 - Web Services
T1537 - Transfer Data to Cloud Account

MITREへのリンク →

Gamaredon Group

Score: 5.86

Matched TTPs:

T1583.006 - Web Services
T1556.005 - Reversible Encryption
T1546.017 - Udev Rules

MITREへのリンク →

APT38

Score: 11.82

Matched TTPs:

T1583.006 - Web Services
T1097 - Pass the Ticket
T1537 - Transfer Data to Cloud Account
T1556.005 - Reversible Encryption
T1059.005 - Visual Basic

MITREへのリンク →

APT41

Score: 5.76

Matched TTPs:

T1097 - Pass the Ticket
T1537 - Transfer Data to Cloud Account
T1556.005 - Reversible Encryption

MITREへのリンク →

APT39

Score: 8.69

Matched TTPs:

T1097 - Pass the Ticket
T1537 - Transfer Data to Cloud Account
T1556.005 - Reversible Encryption
T1569.002 - Service Execution

MITREへのリンク →

Gorgon Group

Score: 3.15

Matched TTPs:

T1001 - Data Obfuscation

MITREへのリンク →

Threat Group-3390

Score: 9.54

Matched TTPs:

T1001 - Data Obfuscation
T1537 - Transfer Data to Cloud Account
T1556.005 - Reversible Encryption
T1546.017 - Udev Rules

MITREへのリンク →

Patchwork

Score: 5.20

Matched TTPs:

T1001 - Data Obfuscation
T1537 - Transfer Data to Cloud Account

MITREへのリンク →

BlackByte

Score: 7.62

Matched TTPs:

T1001 - Data Obfuscation
T1556.005 - Reversible Encryption
T1204.001 - Malicious Link

MITREへのリンク →

TA2541

Score: 8.36

Matched TTPs:

T1001 - Data Obfuscation
T1537 - Transfer Data to Cloud Account
T1546.017 - Udev Rules

MITREへのリンク →

menuPass

Score: 3.15

Matched TTPs:

T1001 - Data Obfuscation

MITREへのリンク →

Wizard Spider

Score: 13.77

Matched TTPs:

T1556.009 - Conditional Access Policies
T1556.005 - Reversible Encryption
T1587 - Develop Capabilities
T1204.001 - Malicious Link
T1556 - Modify Authentication Process

MITREへのリンク →

APT29

Score: 11.78

Matched TTPs:

T1555.004 - Windows Credential Manager
T1537 - Transfer Data to Cloud Account
T1547.008 - LSASS Driver
T1490 - Inhibit System Recovery

MITREへのリンク →

Dark Caracal

Score: 5.76

Matched TTPs:

T1537 - Transfer Data to Cloud Account
T1556.005 - Reversible Encryption
T1547.008 - LSASS Driver

MITREへのリンク →

TA505

Score: 6.17

Matched TTPs:

T1537 - Transfer Data to Cloud Account
T1556.005 - Reversible Encryption
T1587 - Develop Capabilities

MITREへのリンク →

Moonstone Sleet

Score: 3.71

Matched TTPs:

T1556.005 - Reversible Encryption
T1547.008 - LSASS Driver

MITREへのリンク →

APT32

Score: 6.60

Matched TTPs:

T1556.005 - Reversible Encryption
T1556 - Modify Authentication Process
T1490 - Inhibit System Recovery

MITREへのリンク →

FIN13

Score: 8.65

Matched TTPs:

T1556.005 - Reversible Encryption
T1686.001 - Cloud Firewall
T1569.002 - Service Execution

MITREへのリンク →

FIN8

Score: 3.93

Matched TTPs:

T1556.005 - Reversible Encryption
T1556 - Modify Authentication Process

MITREへのリンク →

APT33

Score: 3.93

Matched TTPs:

T1556.005 - Reversible Encryption
T1556 - Modify Authentication Process

MITREへのリンク →

Sea Turtle

Score: 3.85

Matched TTPs:

T1556.005 - Reversible Encryption
T1490 - Inhibit System Recovery

MITREへのリンク →

Sandworm Team

Score: 4.47

Matched TTPs:

T1556.005 - Reversible Encryption
T1204.001 - Malicious Link

MITREへのリンク →

Indrik Spider

Score: 3.84

Matched TTPs:

T1498 - Network Denial of Service

MITREへのリンク →

Scattered Spider

Score: 7.13

Matched TTPs:

T1498 - Network Denial of Service
T1204.001 - Malicious Link

MITREへのリンク →

Salt Typhoon

Score: 6.59

Matched TTPs:

T1498 - Network Denial of Service
T1556 - Modify Authentication Process

MITREへのリンク →

Contagious Interview

Score: 9.81

Matched TTPs:

T1651 - Cloud Administration Command
T1547.008 - LSASS Driver
T1556 - Modify Authentication Process

MITREへのリンク →

Axiom

Score: 4.54

Matched TTPs:

T1160 - Launch Daemon

MITREへのリンク →

Leviathan

Score: 6.08

Matched TTPs:

T1587 - Develop Capabilities
T1546.017 - Udev Rules

MITREへのリンク →

PLATINUM

Score: 4.54

Matched TTPs:

T1686 - Disable or Modify System Firewall

MITREへのリンク →

FIN6

Score: 5.27

Matched TTPs:

T1547.008 - LSASS Driver
T1556 - Modify Authentication Process

MITREへのリンク →

Velvet Ant

Score: 5.59

Matched TTPs:

T1569.002 - Service Execution
T1490 - Inhibit System Recovery

MITREへのリンク →

Mofang

Score: 3.15

Matched TTPs:

T1546.017 - Udev Rules

MITREへのリンク →

Blue Mockingbird

Score: 4.54

Matched TTPs:

T1001.001 - Junk Data

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Turla

Score: 0.75

Matched TTPs:

T1583.006 - Web Services
T1097 - Pass the Ticket
T1490 - Inhibit System Recovery
T1556.009 - Conditional Access Policies
T1569.002 - Service Execution
T1556.005 - Reversible Encryption
T1587 - Develop Capabilities

MITREへのリンク →

Lazarus Group

Score: 0.60

Matched TTPs:

T1583.006 - Web Services
T1556 - Modify Authentication Process
T1547.008 - LSASS Driver
T1569.002 - Service Execution
T1556.005 - Reversible Encryption
T1587 - Develop Capabilities

MITREへのリンク →

Wizard Spider

Score: 0.59

Matched TTPs:

T1556 - Modify Authentication Process
T1204.001 - Malicious Link
T1556.009 - Conditional Access Policies
T1556.005 - Reversible Encryption
T1587 - Develop Capabilities

MITREへのリンク →

OilRig

Score: 0.58

Matched TTPs:

T1583.006 - Web Services
T1556 - Modify Authentication Process
T1547.008 - LSASS Driver
T1097 - Pass the Ticket
T1556.009 - Conditional Access Policies
T1556.005 - Reversible Encryption

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る