Trusted Design

FBI Cyberwatch A-000067-DM

概要

The FBI has obtained and validated information regarding a group of malicious cyber actors who have compromised and stolen sensitive information from various government and commercial networks. This group utilized the domains listed herein in furtherance of computer network exploitation (CNE) activities in the United States and abroad since at least 2011. Research and analysis indicate that these domains were associated with the command and control (C2) of customized malicious software. Furthermore, these domains have also been used to host malicious files – often through embedded links in spear phish emails. Any activity related to these domains detected on a network should be considered an indication of a compromise requiring mitigation and contact with law enforcement.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Kimsuky

Score: 80.66
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1594 - Search Victim-Owned Websites
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1040 - Network Sniffing
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1596 - Search Open Technical Databases
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1593.002 - Search Engines
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1534 - Internal Spearphishing
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1566 - Phishing
  • T1218.010 - Regsvr32
  • T1593.001 - Social Media
  • T1102.002 - Bidirectional Communication
  • T1518.001 - Security Software Discovery
  • T1598 - Phishing for Information
  • T1204.001 - Malicious Link
  • T1680 - Local Storage Discovery
  • T1588.005 - Exploits
  • T1584.001 - Domains
MITREへのリンク →

Sea Turtle

Score: 14.31
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1583.001 - Domains
  • T1588.002 - Tool
  • T1566 - Phishing
  • T1203 - Exploitation for Client Execution
  • T1584.002 - DNS Server
MITREへのリンク →

Ember Bear

Score: 25.48
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1491.002 - External Defacement
  • T1114 - Email Collection
  • T1036 - Masquerading
  • T1210 - Exploitation of Remote Services
  • T1203 - Exploitation for Client Execution
  • T1595.001 - Scanning IP Blocks
  • T1588.005 - Exploits
MITREへのリンク →

Indrik Spider

Score: 16.38
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1587.001 - Malware
  • T1585.002 - Email Accounts
  • T1590 - Gather Victim Network Information
  • T1078.002 - Domain Accounts
  • T1584.004 - Server
MITREへのリンク →

Agrius

Score: 7.51
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1036 - Masquerading
  • T1078.002 - Domain Accounts
MITREへのリンク →

Contagious Interview

Score: 45.63
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1588.007 - Artificial Intelligence
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1036 - Masquerading
  • T1589 - Gather Victim Identity Information
  • T1681 - Search Threat Vendor Data
  • T1585.002 - Email Accounts
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1593.001 - Social Media
  • T1204.004 - Malicious Copy and Paste
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Sandworm Team

Score: 65.33
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1491.002 - External Defacement
  • T1594 - Search Victim-Owned Websites
  • T1587.001 - Malware
  • T1586.001 - Social Media Accounts
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1040 - Network Sniffing
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1036 - Masquerading
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1591.002 - Business Relationships
  • T1584.005 - Botnet
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1592.002 - Software
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1078.002 - Domain Accounts
  • T1584.004 - Server
  • T1590.001 - Domain Properties
  • T1204.001 - Malicious Link
MITREへのリンク →

Star Blizzard

Score: 25.49
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1589 - Gather Victim Identity Information
  • T1585.002 - Email Accounts
  • T1598.002 - Spearphishing Attachment
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
MITREへのリンク →

Volt Typhoon

Score: 55.87
Matched TTPs:
  • T1592 - Gather Victim Host Information
  • T1584.008 - Network Devices
  • T1594 - Search Victim-Owned Websites
  • T1590.004 - Network Topology
  • T1589 - Gather Victim Identity Information
  • T1589.002 - Email Addresses
  • T1590.006 - Network Security Appliances
  • T1584.005 - Botnet
  • T1591 - Gather Victim Org Information
  • T1590 - Gather Victim Network Information
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1078.002 - Domain Accounts
  • T1591.004 - Identify Roles
  • T1584.004 - Server
  • T1596.005 - Scan Databases
  • T1680 - Local Storage Discovery
MITREへのリンク →

LAPSUS$

Score: 36.81
Matched TTPs:
  • T1597.002 - Purchase Technical Data
  • T1586.002 - Email Accounts
  • T1589 - Gather Victim Identity Information
  • T1589.002 - Email Addresses
  • T1598.004 - Spearphishing Voice
  • T1591.002 - Business Relationships
  • T1204 - User Execution
  • T1588.002 - Tool
  • T1589.001 - Credentials
  • T1584.002 - DNS Server
  • T1591.004 - Identify Roles
MITREへのリンク →

Scattered Spider

Score: 29.74
Matched TTPs:
  • T1564.008 - Email Hiding Rules
  • T1114 - Email Collection
  • T1598.003 - Spearphishing Link
  • T1583.001 - Domains
  • T1589 - Gather Victim Identity Information
  • T1598.004 - Spearphishing Voice
  • T1657 - Financial Theft
  • T1204 - User Execution
  • T1588.002 - Tool
  • T1598 - Phishing for Information
MITREへのリンク →

FIN4

Score: 7.81
Matched TTPs:
  • T1564.008 - Email Hiding Rules
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1204.001 - Malicious Link
MITREへのリンク →

Andariel

Score: 11.82
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1566.001 - Spearphishing Attachment
  • T1592.002 - Software
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Magic Hound

Score: 55.22
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1114 - Email Collection
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1586.002 - Email Accounts
  • T1583.001 - Domains
  • T1589 - Gather Victim Identity Information
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1592.002 - Software
  • T1589.001 - Credentials
  • T1102.002 - Bidirectional Communication
  • T1078.002 - Domain Accounts
  • T1036.010 - Masquerade Account Name
  • T1189 - Drive-by Compromise
  • T1591.001 - Determine Physical Locations
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
  • T1584.001 - Domains
MITREへのリンク →

HAFNIUM

Score: 24.23
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1583.005 - Botnet
  • T1589.002 - Email Addresses
  • T1592.004 - Client Configurations
  • T1584.005 - Botnet
  • T1583.006 - Web Services
  • T1590 - Gather Victim Network Information
MITREへのリンク →

APT41

Score: 18.01
Matched TTPs:
  • T1568.002 - Domain Generation Algorithms
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1595.003 - Wordlist Scanning
  • T1596.005 - Scan Databases
  • T1569.002 - Service Execution
MITREへのリンク →

TA551

Score: 12.46
Matched TTPs:
  • T1568.002 - Domain Generation Algorithms
  • T1566.001 - Spearphishing Attachment
  • T1036 - Masquerading
  • T1589.002 - Email Addresses
  • T1218.010 - Regsvr32
MITREへのリンク →

APT28

Score: 54.98
Matched TTPs:
  • T1584.008 - Network Devices
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1040 - Network Sniffing
  • T1586.002 - Email Accounts
  • T1583.001 - Domains
  • T1036 - Masquerading
  • T1596 - Search Open Technical Databases
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1039 - Data from Network Shared Drive
  • T1589.001 - Credentials
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1598 - Phishing for Information
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
  • T1669 - Wi-Fi Networks
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

ZIRCONIUM

Score: 20.44
Matched TTPs:
  • T1584.008 - Network Devices
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1583.001 - Domains
  • T1036 - Masquerading
  • T1583.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1598 - Phishing for Information
  • T1204.001 - Malicious Link
MITREへのリンク →

Leviathan

Score: 36.96
Matched TTPs:
  • T1584.008 - Network Devices
  • T1586.001 - Social Media Accounts
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1583.001 - Domains
  • T1585.002 - Email Accounts
  • T1534 - Internal Spearphishing
  • T1218.010 - Regsvr32
  • T1589.001 - Credentials
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1204.001 - Malicious Link
  • T1027.015 - Compression
MITREへのリンク →

Mustard Tempest

Score: 18.91
Matched TTPs:
  • T1583.008 - Malvertising
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1189 - Drive-by Compromise
  • T1608.006 - SEO Poisoning
  • T1204.001 - Malicious Link
  • T1584.001 - Domains
MITREへのリンク →

Silent Librarian

Score: 16.54
Matched TTPs:
  • T1114 - Email Collection
  • T1594 - Search Victim-Owned Websites
  • T1598.003 - Spearphishing Link
  • T1583.001 - Domains
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1588.002 - Tool
MITREへのリンク →

EXOTIC LILY

Score: 27.67
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1597 - Search Closed Sources
  • T1593.001 - Social Media
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

TA578

Score: 6.66
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN13

Score: 14.43
Matched TTPs:
  • T1587.001 - Malware
  • T1590.004 - Network Topology
  • T1036 - Masquerading
  • T1589 - Gather Victim Identity Information
  • T1657 - Financial Theft
  • T1588.002 - Tool
MITREへのリンク →

Moonstone Sleet

Score: 25.37
Matched TTPs:
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1591 - Gather Victim Org Information
  • T1598 - Phishing for Information
  • T1569.002 - Service Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Lazarus Group

Score: 42.34
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1583.001 - Domains
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1070 - Indicator Removal
  • T1583.006 - Web Services
  • T1491.001 - Internal Defacement
  • T1591 - Gather Victim Org Information
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1027.007 - Dynamic API Resolution
  • T1680 - Local Storage Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

OilRig

Score: 24.42
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1027.005 - Indicator Removal from Tools
  • T1203 - Exploitation for Client Execution
  • T1078.002 - Domain Accounts
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

UNC3886

Score: 13.91
Matched TTPs:
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1681 - Search Threat Vendor Data
  • T1027.005 - Indicator Removal from Tools
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

LuminousMoth

Score: 7.72
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1204.001 - Malicious Link
MITREへのリンク →

Salt Typhoon

Score: 9.82
Matched TTPs:
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1590.004 - Network Topology
  • T1588.002 - Tool
MITREへのリンク →

APT29

Score: 24.40
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1090.004 - Domain Fronting
  • T1562.008 - Disable or Modify Cloud Logs
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Play

Score: 9.65
Matched TTPs:
  • T1587.001 - Malware
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1078.002 - Domain Accounts
  • T1518.001 - Security Software Discovery
MITREへのリンク →

Aoqin Dragon

Score: 6.62
Matched TTPs:
  • T1587.001 - Malware
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

RedCurl

Score: 8.81
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1039 - Data from Network Shared Drive
  • T1204.001 - Malicious Link
MITREへのリンク →

Turla

Score: 23.43
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1584.006 - Web Services
  • T1027.005 - Indicator Removal from Tools
  • T1102.002 - Bidirectional Communication
  • T1518.001 - Security Software Discovery
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1204.001 - Malicious Link
MITREへのリンク →

Ke3chang

Score: 9.19
Matched TTPs:
  • T1587.001 - Malware
  • T1583.005 - Botnet
  • T1588.002 - Tool
  • T1569.002 - Service Execution
MITREへのリンク →

Mustang Panda

Score: 36.61
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1585.002 - Email Accounts
  • T1070 - Indicator Removal
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1678 - Delay Execution
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1027.007 - Dynamic API Resolution
  • T1204.001 - Malicious Link
MITREへのリンク →

TeamTNT

Score: 16.64
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1036 - Masquerading
  • T1518.001 - Security Software Discovery
  • T1595.001 - Scanning IP Blocks
  • T1680 - Local Storage Discovery
MITREへのリンク →

FIN7

Score: 31.12
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1674 - Input Injection
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1591.004 - Identify Roles
  • T1204.001 - Malicious Link
  • T1569.002 - Service Execution
MITREへのリンク →

BlackTech

Score: 6.02
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

MuddyWater

Score: 15.08
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1583.006 - Web Services
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1518.001 - Security Software Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

Confucius

Score: 10.02
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
  • T1680 - Local Storage Discovery
MITREへのリンク →

Mofang

Score: 6.83
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1204.001 - Malicious Link
  • T1027.015 - Compression
MITREへのリンク →

Sidewinder

Score: 13.15
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1598.002 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1518.001 - Security Software Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

Elderwood

Score: 6.94
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Machete

Score: 5.45
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Transparent Tribe

Score: 11.74
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1583.001 - Domains
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
  • T1584.001 - Domains
MITREへのリンク →

FIN8

Score: 6.43
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1518.001 - Security Software Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

APT32

Score: 28.53
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1036 - Masquerading
  • T1589 - Gather Victim Identity Information
  • T1589.002 - Email Addresses
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
  • T1569.002 - Service Execution
MITREへのリンク →

APT3

Score: 13.36
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1027.005 - Indicator Removal from Tools
  • T1203 - Exploitation for Client Execution
  • T1078.002 - Domain Accounts
  • T1036.010 - Masquerade Account Name
  • T1204.001 - Malicious Link
MITREへのリンク →

APT1

Score: 10.26
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1583.001 - Domains
  • T1585.002 - Email Accounts
  • T1588.002 - Tool
  • T1584.001 - Domains
MITREへのリンク →

APT33

Score: 13.19
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1040 - Network Sniffing
  • T1552.006 - Group Policy Preferences
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Molerats

Score: 6.83
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1204.001 - Malicious Link
  • T1027.015 - Compression
MITREへのリンク →

Windshift

Score: 16.19
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1036 - Masquerading
  • T1036.001 - Invalid Code Signature
  • T1518.001 - Security Software Discovery
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Cobalt Group

Score: 10.67
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
  • T1518.001 - Security Software Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

TA2541

Score: 15.08
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1518.001 - Security Software Discovery
  • T1204.001 - Malicious Link
  • T1027.015 - Compression
MITREへのリンク →

Earth Lusca

Score: 20.13
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1204.001 - Malicious Link
MITREへのリンク →

Storm-1811

Score: 16.68
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1583.001 - Domains
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1566.004 - Spearphishing Voice
  • T1036.010 - Masquerade Account Name
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Wizard Spider

Score: 20.28
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1585.002 - Email Accounts
  • T1552.006 - Group Policy Preferences
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1078.002 - Domain Accounts
  • T1518.001 - Security Software Discovery
  • T1204.001 - Malicious Link
  • T1569.002 - Service Execution
MITREへのリンク →

TA577

Score: 5.47
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1586.002 - Email Accounts
  • T1204.001 - Malicious Link
MITREへのリンク →

Patchwork

Score: 18.13
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1027.005 - Indicator Removal from Tools
  • T1203 - Exploitation for Client Execution
  • T1518.001 - Security Software Discovery
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
  • T1680 - Local Storage Discovery
MITREへのリンク →

TA505

Score: 10.31
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1588.002 - Tool
  • T1078.002 - Domain Accounts
  • T1204.001 - Malicious Link
MITREへのリンク →

LazyScripter

Score: 11.37
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1036 - Masquerading
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

APT42

Score: 13.59
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1585.002 - Email Accounts
  • T1070 - Indicator Removal
  • T1588.002 - Tool
  • T1518.001 - Security Software Discovery
MITREへのリンク →

APT39

Score: 9.33
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1204.001 - Malicious Link
  • T1569.002 - Service Execution
MITREへのリンク →

CURIUM

Score: 15.05
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1583.001 - Domains
  • T1585.002 - Email Accounts
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Dragonfly

Score: 25.63
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1583.001 - Domains
  • T1591.002 - Business Relationships
  • T1598.002 - Spearphishing Attachment
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1036.010 - Masquerade Account Name
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
MITREへのリンク →

Saint Bear

Score: 10.24
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1589.002 - Email Addresses
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Tropic Trooper

Score: 7.10
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1518.001 - Security Software Discovery
  • T1680 - Local Storage Discovery
MITREへのリンク →

FIN6

Score: 6.64
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1569.002 - Service Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

BRONZE BUTLER

Score: 10.20
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1039 - Data from Network Shared Drive
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

WIRTE

Score: 4.47
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
MITREへのリンク →

menuPass

Score: 11.21
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1583.001 - Domains
  • T1036 - Masquerading
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1039 - Data from Network Shared Drive
MITREへのリンク →

Threat Group-3390

Score: 18.50
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1608.002 - Upload Tool
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1027.015 - Compression
MITREへのリンク →

Gamaredon Group

Score: 31.07
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1491.001 - Internal Defacement
  • T1534 - Internal Spearphishing
  • T1588.002 - Tool
  • T1001 - Data Obfuscation
  • T1039 - Data from Network Shared Drive
  • T1102.002 - Bidirectional Communication
  • T1518.001 - Security Software Discovery
  • T1204.001 - Malicious Link
  • T1027.015 - Compression
MITREへのリンク →

Darkhotel

Score: 6.03
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1518.001 - Security Software Discovery
  • T1189 - Drive-by Compromise
MITREへのリンク →

BITTER

Score: 6.71
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Inception

Score: 5.96
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Ajax Security Team

Score: 3.40
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Winter Vivern

Score: 11.33
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1583.001 - Domains
  • T1036 - Masquerading
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Higaisa

Score: 8.35
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1680 - Local Storage Discovery
  • T1027.015 - Compression
MITREへのリンク →

Naikon

Score: 5.06
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1078.002 - Domain Accounts
  • T1518.001 - Security Software Discovery
MITREへのリンク →

APT12

Score: 4.77
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT19

Score: 6.24
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
  • T1189 - Drive-by Compromise
MITREへのリンク →

Ferocious Kitten

Score: 3.24
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1583.001 - Domains
  • T1588.002 - Tool
MITREへのリンク →

Malteiro

Score: 5.30
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1657 - Financial Theft
  • T1518.001 - Security Software Discovery
MITREへのリンク →

SideCopy

Score: 11.65
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1598.002 - Spearphishing Attachment
  • T1518.001 - Security Software Discovery
  • T1584.001 - Domains
MITREへのリンク →

Nomadic Octopus

Score: 3.06
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1036 - Masquerading
MITREへのリンク →

Tonto Team

Score: 5.11
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1210 - Exploitation of Remote Services
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT37

Score: 10.66
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1036.001 - Invalid Code Signature
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Silence

Score: 4.12
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1569.002 - Service Execution
MITREへのリンク →

IndigoZebra

Score: 7.92
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1588.002 - Tool
MITREへのリンク →

APT38

Score: 10.66
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1583.001 - Domains
  • T1588.002 - Tool
  • T1518.001 - Security Software Discovery
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
  • T1569.002 - Service Execution
MITREへのリンク →

The White Company

Score: 4.27
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1518.001 - Security Software Discovery
MITREへのリンク →

PLATINUM

Score: 4.83
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1036 - Masquerading
  • T1189 - Drive-by Compromise
MITREへのリンク →

APT5

Score: 9.75
Matched TTPs:
  • T1583.005 - Botnet
  • T1070 - Indicator Removal
  • T1078.002 - Domain Accounts
MITREへのリンク →

Velvet Ant

Score: 9.56
Matched TTPs:
  • T1040 - Network Sniffing
  • T1569.002 - Service Execution
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

DarkVishnya

Score: 3.88
Matched TTPs:
  • T1040 - Network Sniffing
  • T1588.002 - Tool
MITREへのリンク →

HEXANE

Score: 24.39
Matched TTPs:
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1589 - Gather Victim Identity Information
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1534 - Internal Spearphishing
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1591.004 - Identify Roles
MITREへのリンク →

BlackByte

Score: 12.40
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1491.001 - Internal Defacement
  • T1078.002 - Domain Accounts
  • T1518.001 - Security Software Discovery
  • T1569.002 - Service Execution
MITREへのリンク →

MoustachedBouncer

Score: 4.54
Matched TTPs:
  • T1659 - Content Injection
MITREへのリンク →

Medusa Group

Score: 20.64
Matched TTPs:
  • T1608.002 - Upload Tool
  • T1585.002 - Email Accounts
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1518.001 - Security Software Discovery
  • T1569.002 - Service Execution
  • T1218.014 - MMC
MITREへのリンク →

Axiom

Score: 14.70
Matched TTPs:
  • T1584.005 - Botnet
  • T1566 - Phishing
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1001.002 - Steganography
MITREへのリンク →

INC Ransom

Score: 9.06
Matched TTPs:
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1566 - Phishing
  • T1569.002 - Service Execution
MITREへのリンク →

Cinnamon Tempest

Score: 5.66
Matched TTPs:
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1078.002 - Domain Accounts
MITREへのリンク →

Storm-0501

Score: 7.17
Matched TTPs:
  • T1657 - Financial Theft
  • T1218.010 - Regsvr32
  • T1518.001 - Security Software Discovery
MITREへのリンク →

AppleJeus

Score: 5.81
Matched TTPs:
  • T1657 - Financial Theft
  • T1566 - Phishing
MITREへのリンク →

POLONIUM

Score: 5.26
Matched TTPs:
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

Fox Kitten

Score: 5.78
Matched TTPs:
  • T1210 - Exploitation of Remote Services
  • T1039 - Data from Network Shared Drive
MITREへのリンク →

GALLIUM

Score: 4.00
Matched TTPs:
  • T1588.002 - Tool
  • T1027.005 - Indicator Removal from Tools
MITREへのリンク →

Aquatic Panda

Score: 5.03
Matched TTPs:
  • T1588.002 - Tool
  • T1078.002 - Domain Accounts
  • T1518.001 - Security Software Discovery
MITREへのリンク →

Chimera

Score: 14.84
Matched TTPs:
  • T1588.002 - Tool
  • T1039 - Data from Network Shared Drive
  • T1589.001 - Credentials
  • T1078.002 - Domain Accounts
  • T1569.002 - Service Execution
  • T1680 - Local Storage Discovery
MITREへのリンク →

Blue Mockingbird

Score: 5.99
Matched TTPs:
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
  • T1569.002 - Service Execution
MITREへのリンク →

Carbanak

Score: 3.25
Matched TTPs:
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

GOLD SOUTHFIELD

Score: 3.29
Matched TTPs:
  • T1566 - Phishing
MITREへのリンク →

Sowbug

Score: 3.03
Matched TTPs:
  • T1039 - Data from Network Shared Drive
MITREへのリンク →

Deep Panda

Score: 5.90
Matched TTPs:
  • T1027.005 - Indicator Removal from Tools
  • T1218.010 - Regsvr32
MITREへのリンク →

Volatile Cedar

Score: 4.13
Matched TTPs:
  • T1595.003 - Wordlist Scanning
MITREへのリンク →

ToddyCat

Score: 9.54
Matched TTPs:
  • T1078.002 - Domain Accounts
  • T1518.001 - Security Software Discovery
  • T1680 - Local Storage Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Dark Caracal

Score: 4.29
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Daggerfly

Score: 5.96
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1204.001 - Malicious Link
MITREへのリンク →

Equation

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

Strider

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.82
Matched TTPs:
  • T1583.006 - Web Services
  • T1218.010 - Regsvr32
  • T1585.002 - Email Accounts
  • T1588.005 - Exploits
  • T1657 - Financial Theft
  • T1593 - Search Open Websites/Domains
  • T1102.002 - Bidirectional Communication
  • T1680 - Local Storage Discovery
  • T1593.001 - Social Media
  • T1534 - Internal Spearphishing
  • T1588.002 - Tool
  • T1598.003 - Spearphishing Link
  • T1583 - Acquire Infrastructure
  • T1566 - Phishing
  • T1040 - Network Sniffing
  • T1598 - Phishing for Information
  • T1583.001 - Domains
  • T1593.002 - Search Engines
  • T1586.002 - Email Accounts
  • T1591 - Gather Victim Org Information
  • T1587.001 - Malware
  • T1518.001 - Security Software Discovery
  • T1204.001 - Malicious Link
  • T1584.001 - Domains
  • T1566.002 - Spearphishing Link
  • T1596 - Search Open Technical Databases
  • T1608.001 - Upload Malware
  • T1589.002 - Email Addresses
  • T1594 - Search Victim-Owned Websites
  • T1566.001 - Spearphishing Attachment
MITREへのリンク →

Sandworm Team

Score: 0.71
Matched TTPs:
  • T1591.002 - Business Relationships
  • T1078.002 - Domain Accounts
  • T1585.002 - Email Accounts
  • T1586.001 - Social Media Accounts
  • T1593 - Search Open Websites/Domains
  • T1102.002 - Bidirectional Communication
  • T1584.004 - Server
  • T1588.002 - Tool
  • T1598.003 - Spearphishing Link
  • T1584.005 - Botnet
  • T1583 - Acquire Infrastructure
  • T1040 - Network Sniffing
  • T1491.002 - External Defacement
  • T1583.001 - Domains
  • T1590.001 - Domain Properties
  • T1036 - Masquerading
  • T1587.001 - Malware
  • T1204.001 - Malicious Link
  • T1566.002 - Spearphishing Link
  • T1592.002 - Software
  • T1608.001 - Upload Malware
  • T1203 - Exploitation for Client Execution
  • T1589.002 - Email Addresses
  • T1594 - Search Victim-Owned Websites
  • T1566.001 - Spearphishing Attachment
MITREへのリンク →

APT28

Score: 0.62
Matched TTPs:
  • T1583.006 - Web Services
  • T1211 - Exploitation for Defense Evasion
  • T1102.002 - Bidirectional Communication
  • T1588.002 - Tool
  • T1598.003 - Spearphishing Link
  • T1598 - Phishing for Information
  • T1040 - Network Sniffing
  • T1189 - Drive-by Compromise
  • T1583.001 - Domains
  • T1586.002 - Email Accounts
  • T1036 - Masquerading
  • T1591 - Gather Victim Org Information
  • T1589.001 - Credentials
  • T1210 - Exploitation of Remote Services
  • T1584.008 - Network Devices
  • T1669 - Wi-Fi Networks
  • T1039 - Data from Network Shared Drive
  • T1204.001 - Malicious Link
  • T1596 - Search Open Technical Databases
  • T1203 - Exploitation for Client Execution
  • T1566.001 - Spearphishing Attachment
MITREへのリンク →

Magic Hound

Score: 0.60
Matched TTPs:
  • T1583.006 - Web Services
  • T1078.002 - Domain Accounts
  • T1585.002 - Email Accounts
  • T1102.002 - Bidirectional Communication
  • T1566.003 - Spearphishing via Service
  • T1588.002 - Tool
  • T1598.003 - Spearphishing Link
  • T1189 - Drive-by Compromise
  • T1583.001 - Domains
  • T1586.002 - Email Accounts
  • T1036.010 - Masquerade Account Name
  • T1589.001 - Credentials
  • T1591.001 - Determine Physical Locations
  • T1114 - Email Collection
  • T1590.005 - IP Addresses
  • T1589 - Gather Victim Identity Information
  • T1204.001 - Malicious Link
  • T1584.001 - Domains
  • T1566.002 - Spearphishing Link
  • T1592.002 - Software
  • T1589.002 - Email Addresses
MITREへのリンク →

Volt Typhoon

Score: 0.58
Matched TTPs:
  • T1596.005 - Scan Databases
  • T1591.004 - Identify Roles
  • T1593 - Search Open Websites/Domains
  • T1591 - Gather Victim Org Information
  • T1680 - Local Storage Discovery
  • T1584.004 - Server
  • T1590.004 - Network Topology
  • T1588.002 - Tool
  • T1592 - Gather Victim Host Information
  • T1590.006 - Network Security Appliances
  • T1590 - Gather Victim Network Information
  • T1589.002 - Email Addresses
  • T1584.005 - Botnet
  • T1584.008 - Network Devices
  • T1078.002 - Domain Accounts
  • T1594 - Search Victim-Owned Websites
  • T1589 - Gather Victim Identity Information
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る