Trusted Design

BOUNCER (FAMILY)

概要

BOUNCER will load an extracted DLL into memory, and then will call the DLL's dump export. The dump export is called with the parameters passed via the command line to the BOUNCER executable. It requires at least two arguments, the IP and port to send the password dump information. It can accept at most five arguments, including a proxy IP, port and an x.509 key for SSL authentication. The DLL backdoor has the capability to execute arbitrary commands, collect database and server information, brute force SQL login credentials, launch arbitrary programs, create processes and threads, delete files, and redirect network traffic.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

SHELLDC.DLL (BACKDOOR) (score: 0.52)
WEBC2-BOLID (FAMILY) (score: 0.50)
HACKSFASE (FAMILY) (score: 0.49)
WEBC2-CLOVER (FAMILY) (score: 0.49)
WEBC2-CSON (FAMILY) (score: 0.48)

このPulseに関連する脅威アクター (事実ベース)

Windshift

Score: 5.23

Matched TTPs:

T1057 - Process Discovery
T1071.001 - Web Protocols
T1566.003 - Spearphishing via Service

MITREへのリンク →

Volt Typhoon

Score: 6.50

Matched TTPs:

T1057 - Process Discovery
T1027.002 - Software Packing
T1090.001 - Internal Proxy

MITREへのリンク →

Tropic Trooper

Score: 8.30

Matched TTPs:

T1057 - Process Discovery
T1071.001 - Web Protocols
T1055.001 - Dynamic-link Library Injection
T1078.003 - Local Accounts

MITREへのリンク →

HAFNIUM

Score: 5.37

Matched TTPs:

T1057 - Process Discovery
T1071.001 - Web Protocols
T1078.003 - Local Accounts

MITREへのリンク →

Play

Score: 4.18

Matched TTPs:

T1057 - Process Discovery
T1078.003 - Local Accounts

MITREへのリンク →

Stealth Falcon

Score: 6.33

Matched TTPs:

T1057 - Process Discovery
T1555.004 - Windows Credential Manager
T1071.001 - Web Protocols

MITREへのリンク →

TeamTNT

Score: 4.76

Matched TTPs:

T1057 - Process Discovery
T1027.002 - Software Packing
T1071.001 - Web Protocols

MITREへのリンク →

APT28

Score: 9.77

Matched TTPs:

T1057 - Process Discovery
T1110 - Brute Force
T1071.001 - Web Protocols
T1669 - Wi-Fi Networks

MITREへのリンク →

Lazarus Group

Score: 13.83

Matched TTPs:

T1057 - Process Discovery
T1071.001 - Web Protocols
T1055.001 - Dynamic-link Library Injection
T1566.003 - Spearphishing via Service
T1090.001 - Internal Proxy
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Storm-0501

Score: 9.38

Matched TTPs:

T1057 - Process Discovery
T1110 - Brute Force
T1027.002 - Software Packing
T1490 - Inhibit System Recovery

MITREへのリンク →

Molerats

Score: 4.67

Matched TTPs:

T1057 - Process Discovery
T1027.015 - Compression

MITREへのリンク →

Medusa Group

Score: 12.58

Matched TTPs:

T1057 - Process Discovery
T1027.002 - Software Packing
T1071.001 - Web Protocols
T1490 - Inhibit System Recovery
T1218.014 - MMC

MITREへのリンク →

Mustang Panda

Score: 5.45

Matched TTPs:

T1057 - Process Discovery
T1071.001 - Web Protocols
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

ToddyCat

Score: 4.04

Matched TTPs:

T1057 - Process Discovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

FIN7

Score: 4.18

Matched TTPs:

T1057 - Process Discovery
T1078.003 - Local Accounts

MITREへのリンク →

Turla

Score: 17.37

Matched TTPs:

T1057 - Process Discovery
T1110 - Brute Force
T1555.004 - Windows Credential Manager
T1071.001 - Web Protocols
T1055.001 - Dynamic-link Library Injection
T1090.001 - Internal Proxy
T1078.003 - Local Accounts

MITREへのリンク →

Rocke

Score: 4.76

Matched TTPs:

T1057 - Process Discovery
T1027.002 - Software Packing
T1071.001 - Web Protocols

MITREへのリンク →

Magic Hound

Score: 5.23

Matched TTPs:

T1057 - Process Discovery
T1071.001 - Web Protocols
T1566.003 - Spearphishing via Service

MITREへのリンク →

Kimsuky

Score: 10.58

Matched TTPs:

T1057 - Process Discovery
T1055.012 - Process Hollowing
T1027.002 - Software Packing
T1071.001 - Web Protocols
T1078.003 - Local Accounts

MITREへのリンク →

Higaisa

Score: 8.79

Matched TTPs:

T1057 - Process Discovery
T1071.001 - Web Protocols
T1090.001 - Internal Proxy
T1027.015 - Compression

MITREへのリンク →

HEXANE

Score: 4.04

Matched TTPs:

T1057 - Process Discovery
T1110 - Brute Force

MITREへのリンク →

OilRig

Score: 14.12

Matched TTPs:

T1057 - Process Discovery
T1110 - Brute Force
T1555.004 - Windows Credential Manager
T1071.001 - Web Protocols
T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

APT3

Score: 3.57

Matched TTPs:

T1057 - Process Discovery
T1027.002 - Software Packing

MITREへのリンク →

Gamaredon Group

Score: 5.86

Matched TTPs:

T1057 - Process Discovery
T1071.001 - Web Protocols
T1027.015 - Compression

MITREへのリンク →

APT38

Score: 11.82

Matched TTPs:

T1057 - Process Discovery
T1110 - Brute Force
T1027.002 - Software Packing
T1071.001 - Web Protocols
T1036.006 - Space after Filename

MITREへのリンク →

APT41

Score: 5.76

Matched TTPs:

T1110 - Brute Force
T1027.002 - Software Packing
T1071.001 - Web Protocols

MITREへのリンク →

APT39

Score: 8.69

Matched TTPs:

T1110 - Brute Force
T1027.002 - Software Packing
T1071.001 - Web Protocols
T1090.001 - Internal Proxy

MITREへのリンク →

Gorgon Group

Score: 3.15

Matched TTPs:

T1055.012 - Process Hollowing

MITREへのリンク →

Threat Group-3390

Score: 9.54

Matched TTPs:

T1055.012 - Process Hollowing
T1027.002 - Software Packing
T1071.001 - Web Protocols
T1027.015 - Compression

MITREへのリンク →

Patchwork

Score: 5.20

Matched TTPs:

T1055.012 - Process Hollowing
T1027.002 - Software Packing

MITREへのリンク →

BlackByte

Score: 7.62

Matched TTPs:

T1055.012 - Process Hollowing
T1071.001 - Web Protocols
T1490 - Inhibit System Recovery

MITREへのリンク →

TA2541

Score: 8.36

Matched TTPs:

T1055.012 - Process Hollowing
T1027.002 - Software Packing
T1027.015 - Compression

MITREへのリンク →

menuPass

Score: 3.15

Matched TTPs:

T1055.012 - Process Hollowing

MITREへのリンク →

Wizard Spider

Score: 13.77

Matched TTPs:

T1555.004 - Windows Credential Manager
T1071.001 - Web Protocols
T1055.001 - Dynamic-link Library Injection
T1490 - Inhibit System Recovery
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

APT29

Score: 11.78

Matched TTPs:

T1651 - Cloud Administration Command
T1027.002 - Software Packing
T1566.003 - Spearphishing via Service
T1078.003 - Local Accounts

MITREへのリンク →

Dark Caracal

Score: 5.76

Matched TTPs:

T1027.002 - Software Packing
T1071.001 - Web Protocols
T1566.003 - Spearphishing via Service

MITREへのリンク →

TA505

Score: 6.17

Matched TTPs:

T1027.002 - Software Packing
T1071.001 - Web Protocols
T1055.001 - Dynamic-link Library Injection

MITREへのリンク →

Moonstone Sleet

Score: 3.71

Matched TTPs:

T1071.001 - Web Protocols
T1566.003 - Spearphishing via Service

MITREへのリンク →

APT32

Score: 6.60

Matched TTPs:

T1071.001 - Web Protocols
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
T1078.003 - Local Accounts

MITREへのリンク →

FIN13

Score: 8.65

Matched TTPs:

T1071.001 - Web Protocols
T1556 - Modify Authentication Process
T1090.001 - Internal Proxy

MITREへのリンク →

FIN8

Score: 3.93

Matched TTPs:

T1071.001 - Web Protocols
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

APT33

Score: 3.93

Matched TTPs:

T1071.001 - Web Protocols
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Sea Turtle

Score: 3.85

Matched TTPs:

T1071.001 - Web Protocols
T1078.003 - Local Accounts

MITREへのリンク →

Sandworm Team

Score: 4.47

Matched TTPs:

T1071.001 - Web Protocols
T1490 - Inhibit System Recovery

MITREへのリンク →

Indrik Spider

Score: 3.84

Matched TTPs:

T1136 - Create Account

MITREへのリンク →

Scattered Spider

Score: 7.13

Matched TTPs:

T1136 - Create Account
T1490 - Inhibit System Recovery

MITREへのリンク →

Salt Typhoon

Score: 6.59

Matched TTPs:

T1136 - Create Account
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Contagious Interview

Score: 9.81

Matched TTPs:

T1547.013 - XDG Autostart Entries
T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Axiom

Score: 4.54

Matched TTPs:

T1001.002 - Steganography

MITREへのリンク →

Leviathan

Score: 6.08

Matched TTPs:

T1055.001 - Dynamic-link Library Injection
T1027.015 - Compression

MITREへのリンク →

PLATINUM

Score: 4.54

Matched TTPs:

T1056.004 - Credential API Hooking

MITREへのリンク →

FIN6

Score: 5.27

Matched TTPs:

T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Velvet Ant

Score: 5.59

Matched TTPs:

T1090.001 - Internal Proxy
T1078.003 - Local Accounts

MITREへのリンク →

Mofang

Score: 3.15

Matched TTPs:

T1027.015 - Compression

MITREへのリンク →

Blue Mockingbird

Score: 4.54

Matched TTPs:

T1574.012 - COR_PROFILER

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Turla

Score: 0.75

Matched TTPs:

T1090.001 - Internal Proxy
T1555.004 - Windows Credential Manager
T1057 - Process Discovery
T1078.003 - Local Accounts
T1110 - Brute Force
T1071.001 - Web Protocols
T1055.001 - Dynamic-link Library Injection

MITREへのリンク →

Lazarus Group

Score: 0.60

Matched TTPs:

T1090.001 - Internal Proxy
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
T1057 - Process Discovery
T1566.003 - Spearphishing via Service
T1071.001 - Web Protocols
T1055.001 - Dynamic-link Library Injection

MITREへのリンク →

Wizard Spider

Score: 0.59

Matched TTPs:

T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
T1555.004 - Windows Credential Manager
T1490 - Inhibit System Recovery
T1071.001 - Web Protocols
T1055.001 - Dynamic-link Library Injection

MITREへのリンク →

OilRig

Score: 0.58

Matched TTPs:

T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
T1555.004 - Windows Credential Manager
T1057 - Process Discovery
T1566.003 - Spearphishing via Service
T1071.001 - Web Protocols
T1110 - Brute Force

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る