Trusted Design

BEDEP LURKING IN ANGLER'S SHADOWS

概要

In October 2015, Talos released our detailed investigation of the Angler Exploit Kit which outlined the infrastructure and monetary impact of an exploit kit campaign delivering ransomware. During the investigation we found that two thirds of Angler's payloads were some variation of ransomware and noted one of the other major payloads was Bedep. Bedep is a malware downloader that is exclusive to Angler. This post will discuss the Bedep side of Angler and draw some pretty clear connections between Angler and Bedep.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

ANGLER EK PUSHES BEDEP AND NECURS (score: 0.77)
Ongoing Angler Exploit Kit and Bedep Fraud Campaign (score: 0.73)
CryptXXX: New Ransomware From the Actors Behind Reveton (score: 0.71)
ISC 2016-04-23: Angler Exploit Kit, Bedep, and CryptXXX (score: 0.70)
Angler EK: More Obfuscation, Fake Extensions, and Other Nonsense (score: 0.70)

このPulseに関連する脅威アクター (事実ベース)

Mustang Panda

Score: 6.99

Matched TTPs:

T1608.005 - Link Target
T1199 - Trusted Relationship
T1055.005 - Thread Local Storage

MITREへのリンク →

Lazarus Group

Score: 6.99

Matched TTPs:

T1608.005 - Link Target
T1199 - Trusted Relationship
T1055.005 - Thread Local Storage

MITREへのリンク →

Kimsuky

Score: 10.28

Matched TTPs:

T1608.005 - Link Target
T1199 - Trusted Relationship
T1003.003 - NTDS
T1008 - Fallback Channels

MITREへのリンク →

BRONZE BUTLER

Score: 4.13

Matched TTPs:

T1199 - Trusted Relationship
T1008 - Fallback Channels

MITREへのリンク →

APT41

Score: 4.13

Matched TTPs:

T1199 - Trusted Relationship
T1008 - Fallback Channels

MITREへのリンク →

Patchwork

Score: 4.13

Matched TTPs:

T1199 - Trusted Relationship
T1008 - Fallback Channels

MITREへのリンク →

FIN13

Score: 5.39

Matched TTPs:

T1199 - Trusted Relationship
T1053.006 - Systemd Timers

MITREへのリンク →

APT38

Score: 5.39

Matched TTPs:

T1199 - Trusted Relationship
T1059.005 - Visual Basic

MITREへのリンク →

Ember Bear

Score: 4.13

Matched TTPs:

T1003.003 - NTDS

MITREへのリンク →

Rocke

Score: 3.29

Matched TTPs:

T1008 - Fallback Channels

MITREへのリンク →

RTM

Score: 3.29

Matched TTPs:

T1008 - Fallback Channels

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.78

Matched TTPs:

T1003.003 - NTDS
T1199 - Trusted Relationship
T1608.005 - Link Target
T1008 - Fallback Channels

MITREへのリンク →

Lazarus Group

Score: 0.58

Matched TTPs:

T1199 - Trusted Relationship
T1608.005 - Link Target
T1055.005 - Thread Local Storage

MITREへのリンク →

Mustang Panda

Score: 0.56

Matched TTPs:

T1199 - Trusted Relationship
T1608.005 - Link Target
T1055.005 - Thread Local Storage

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る