Trusted Design

WordPress Compromise Campaign

概要

Security company Sucuri recently noted a spike in WordPress infections, with a large number of sites getting injected with the same malicious scripts. Hacked websites are often used to host spam or perform malicious redirections to exploit kits and this case is no different. What makes it interesting is the volume and singularities that tie it to the same campaign. WordPress sites are injected with huge blurbs of rogue code that performs a silent redirection to domains appearing to be hosting ads. This is a distraction (and fraud) as the ad is stuffed with more code that sends visitors to the Nuclear Exploit Kit.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Kimsuky

Score: 50.34
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1606.002 - SAML Tokens
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1684 - Social Engineering
  • T1683.001 - Written Content
  • T1552.003 - Shell History
  • T1608.005 - Link Target
  • T1055.014 - VDSO Hijacking
  • T1102.003 - One-Way Communication
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1547.002 - Authentication Package
  • T1197 - BITS Jobs
  • T1665 - Hide Infrastructure
  • T1003.003 - NTDS
  • T1053.002 - At
MITREへのリンク →

Sea Turtle

Score: 9.33
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1098.007 - Additional Local or Domain Groups
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1218.010 - Regsvr32
MITREへのリンク →

Ember Bear

Score: 21.28
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1564.008 - Email Hiding Rules
  • T1005 - Data from Local System
  • T1558 - Steal or Forge Kerberos Tickets
  • T1136.002 - Domain Account
  • T1218.010 - Regsvr32
  • T1003.003 - NTDS
MITREへのリンク →

Indrik Spider

Score: 7.96
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1606.002 - SAML Tokens
  • T1546.016 - Installer Packages
MITREへのリンク →

Agrius

Score: 5.22
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1558 - Steal or Forge Kerberos Tickets
MITREへのリンク →

Contagious Interview

Score: 25.69
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1606.002 - SAML Tokens
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1558 - Steal or Forge Kerberos Tickets
  • T1552.003 - Shell History
  • T1608.005 - Link Target
  • T1102.003 - One-Way Communication
  • T1221 - Template Injection
  • T1547.008 - LSASS Driver
MITREへのリンク →

Sandworm Team

Score: 44.30
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1564.008 - Email Hiding Rules
  • T1606.002 - SAML Tokens
  • T1484.002 - Trust Modification
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1005 - Data from Local System
  • T1098.007 - Additional Local or Domain Groups
  • T1558 - Steal or Forge Kerberos Tickets
  • T1049 - System Network Connections Discovery
  • T1102.003 - One-Way Communication
  • T1187 - Forced Authentication
  • T1547.002 - Authentication Package
  • T1218.010 - Regsvr32
  • T1546.016 - Installer Packages
MITREへのリンク →

Star Blizzard

Score: 12.27
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1566.002 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1102.003 - One-Way Communication
MITREへのリンク →

APT41

Score: 12.22
Matched TTPs:
  • T1539 - Steal Web Session Cookie
  • T1684 - Social Engineering
  • T1218.010 - Regsvr32
  • T1002 - Data Compressed
MITREへのリンク →

TA551

Score: 6.32
Matched TTPs:
  • T1539 - Steal Web Session Cookie
  • T1558 - Steal or Forge Kerberos Tickets
MITREへのリンク →

Volt Typhoon

Score: 20.33
Matched TTPs:
  • T1685.001 - Disable or Modify Windows Event Log
  • T1176 - Software Extensions
  • T1049 - System Network Connections Discovery
  • T1102.003 - One-Way Communication
  • T1546.016 - Installer Packages
  • T1665 - Hide Infrastructure
MITREへのリンク →

APT28

Score: 28.46
Matched TTPs:
  • T1685.001 - Disable or Modify Windows Event Log
  • T1566.002 - Spearphishing Link
  • T1098.007 - Additional Local or Domain Groups
  • T1558 - Steal or Forge Kerberos Tickets
  • T1608.005 - Link Target
  • T1592.003 - Firmware
  • T1547.002 - Authentication Package
  • T1218.010 - Regsvr32
  • T1197 - BITS Jobs
  • T1059.012 - Hypervisor CLI
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

ZIRCONIUM

Score: 19.08
Matched TTPs:
  • T1685.001 - Disable or Modify Windows Event Log
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1098.007 - Additional Local or Domain Groups
  • T1558 - Steal or Forge Kerberos Tickets
  • T1608.005 - Link Target
  • T1547.002 - Authentication Package
  • T1197 - BITS Jobs
MITREへのリンク →

Leviathan

Score: 28.00
Matched TTPs:
  • T1685.001 - Disable or Modify Windows Event Log
  • T1484.002 - Trust Modification
  • T1543.003 - Windows Service
  • T1098.007 - Additional Local or Domain Groups
  • T1554 - Compromise Host Software Binary
  • T1055.014 - VDSO Hijacking
  • T1592.003 - Firmware
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1546.016 - Installer Packages
MITREへのリンク →

Mustard Tempest

Score: 20.58
Matched TTPs:
  • T1682 - Query Public AI Services
  • T1543.003 - Windows Service
  • T1115 - Clipboard Data
  • T1091 - Replication Through Removable Media
  • T1059.012 - Hypervisor CLI
  • T1543.002 - Systemd Service
  • T1053.002 - At
MITREへのリンク →

FIN13

Score: 6.81
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1558 - Steal or Forge Kerberos Tickets
  • T1552.003 - Shell History
MITREへのリンク →

Moonstone Sleet

Score: 14.01
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1566.002 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1197 - BITS Jobs
  • T1547.008 - LSASS Driver
MITREへのリンク →

Lazarus Group

Score: 24.76
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1543.003 - Windows Service
  • T1098.007 - Additional Local or Domain Groups
  • T1608.005 - Link Target
  • T1606.001 - Web Cookies
  • T1547.002 - Authentication Package
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1546.016 - Installer Packages
  • T1665 - Hide Infrastructure
  • T1547.008 - LSASS Driver
MITREへのリンク →

OilRig

Score: 17.08
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1543.003 - Windows Service
  • T1091 - Replication Through Removable Media
  • T1005 - Data from Local System
  • T1098.007 - Additional Local or Domain Groups
  • T1558 - Steal or Forge Kerberos Tickets
  • T1218.010 - Regsvr32
  • T1547.008 - LSASS Driver
MITREへのリンク →

UNC3886

Score: 6.05
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1136.002 - Domain Account
  • T1218.010 - Regsvr32
MITREへのリンク →

LuminousMoth

Score: 11.01
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1543.003 - Windows Service
  • T1115 - Clipboard Data
  • T1091 - Replication Through Removable Media
  • T1136.002 - Domain Account
MITREへのリンク →

APT29

Score: 14.11
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1543.003 - Windows Service
  • T1608.005 - Link Target
  • T1218.010 - Regsvr32
  • T1218.009 - Regsvcs/Regasm
  • T1547.008 - LSASS Driver
MITREへのリンク →

Play

Score: 4.62
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1552.003 - Shell History
MITREへのリンク →

Aoqin Dragon

Score: 5.78
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1558 - Steal or Forge Kerberos Tickets
  • T1218.010 - Regsvr32
MITREへのリンク →

RedCurl

Score: 3.54
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1543.003 - Windows Service
MITREへのリンク →

Turla

Score: 25.22
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1543.003 - Windows Service
  • T1176 - Software Extensions
  • T1684 - Social Engineering
  • T1136.002 - Domain Account
  • T1608.005 - Link Target
  • T1218.001 - Compiled HTML File
  • T1547.002 - Authentication Package
  • T1059.012 - Hypervisor CLI
  • T1546.016 - Installer Packages
MITREへのリンク →

Mustang Panda

Score: 20.82
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1569.001 - Launchctl
  • T1608.005 - Link Target
  • T1102.003 - One-Way Communication
  • T1218.010 - Regsvr32
MITREへのリンク →

TeamTNT

Score: 10.61
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1558 - Steal or Forge Kerberos Tickets
  • T1665 - Hide Infrastructure
MITREへのリンク →

FIN7

Score: 19.02
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1543.003 - Windows Service
  • T1115 - Clipboard Data
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1011.001 - Exfiltration Over Bluetooth
  • T1608.005 - Link Target
  • T1547.002 - Authentication Package
MITREへのリンク →

MuddyWater

Score: 7.35
Matched TTPs:
  • T1543.003 - Windows Service
  • T1608.005 - Link Target
  • T1547.002 - Authentication Package
  • T1218.010 - Regsvr32
MITREへのリンク →

Confucius

Score: 7.79
Matched TTPs:
  • T1543.003 - Windows Service
  • T1608.005 - Link Target
  • T1218.010 - Regsvr32
  • T1665 - Hide Infrastructure
MITREへのリンク →

Sidewinder

Score: 5.40
Matched TTPs:
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1218.010 - Regsvr32
MITREへのリンク →

Elderwood

Score: 4.71
Matched TTPs:
  • T1543.003 - Windows Service
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Machete

Score: 3.21
Matched TTPs:
  • T1543.003 - Windows Service
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Transparent Tribe

Score: 12.54
Matched TTPs:
  • T1543.003 - Windows Service
  • T1115 - Clipboard Data
  • T1098.007 - Additional Local or Domain Groups
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1053.002 - At
MITREへのリンク →

APT32

Score: 20.35
Matched TTPs:
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1115 - Clipboard Data
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1558 - Steal or Forge Kerberos Tickets
  • T1684 - Social Engineering
  • T1608.005 - Link Target
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

APT1

Score: 8.71
Matched TTPs:
  • T1543.003 - Windows Service
  • T1098.007 - Additional Local or Domain Groups
  • T1136.002 - Domain Account
  • T1053.002 - At
MITREへのリンク →

EXOTIC LILY

Score: 8.95
Matched TTPs:
  • T1543.003 - Windows Service
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1218.010 - Regsvr32
  • T1547.008 - LSASS Driver
MITREへのリンク →

Magic Hound

Score: 24.69
Matched TTPs:
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1098.007 - Additional Local or Domain Groups
  • T1608.005 - Link Target
  • T1187 - Forced Authentication
  • T1592.003 - Firmware
  • T1547.002 - Authentication Package
  • T1059.012 - Hypervisor CLI
  • T1547.008 - LSASS Driver
  • T1053.002 - At
MITREへのリンク →

Windshift

Score: 7.92
Matched TTPs:
  • T1543.003 - Windows Service
  • T1558 - Steal or Forge Kerberos Tickets
  • T1059.012 - Hypervisor CLI
  • T1547.008 - LSASS Driver
MITREへのリンク →

Cobalt Group

Score: 5.40
Matched TTPs:
  • T1543.003 - Windows Service
  • T1684 - Social Engineering
  • T1218.010 - Regsvr32
MITREへのリンク →

TA2541

Score: 11.87
Matched TTPs:
  • T1543.003 - Windows Service
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1684 - Social Engineering
  • T1136.002 - Domain Account
  • T1608.005 - Link Target
MITREへのリンク →

Earth Lusca

Score: 17.63
Matched TTPs:
  • T1543.003 - Windows Service
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1136.002 - Domain Account
  • T1608.005 - Link Target
  • T1218.001 - Compiled HTML File
  • T1059.012 - Hypervisor CLI
  • T1546.016 - Installer Packages
MITREへのリンク →

Storm-1811

Score: 7.67
Matched TTPs:
  • T1543.003 - Windows Service
  • T1098.007 - Additional Local or Domain Groups
  • T1558 - Steal or Forge Kerberos Tickets
  • T1547.008 - LSASS Driver
MITREへのリンク →

Wizard Spider

Score: 3.91
Matched TTPs:
  • T1543.003 - Windows Service
  • T1684 - Social Engineering
MITREへのリンク →

Patchwork

Score: 10.00
Matched TTPs:
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1665 - Hide Infrastructure
MITREへのリンク →

TA505

Score: 7.40
Matched TTPs:
  • T1543.003 - Windows Service
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1136.002 - Domain Account
MITREへのリンク →

LazyScripter

Score: 11.59
Matched TTPs:
  • T1543.003 - Windows Service
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1558 - Steal or Forge Kerberos Tickets
  • T1136.002 - Domain Account
  • T1608.005 - Link Target
MITREへのリンク →

APT42

Score: 4.94
Matched TTPs:
  • T1543.003 - Windows Service
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
MITREへのリンク →

APT39

Score: 3.84
Matched TTPs:
  • T1543.003 - Windows Service
  • T1547.002 - Authentication Package
MITREへのリンク →

Scattered Spider

Score: 16.53
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1098.007 - Additional Local or Domain Groups
  • T1136.002 - Domain Account
  • T1552.003 - Shell History
  • T1619 - Cloud Storage Object Discovery
  • T1197 - BITS Jobs
MITREへのリンク →

Silent Librarian

Score: 3.98
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1098.007 - Additional Local or Domain Groups
MITREへのリンク →

CURIUM

Score: 14.92
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1115 - Clipboard Data
  • T1098.007 - Additional Local or Domain Groups
  • T1218.001 - Compiled HTML File
  • T1059.012 - Hypervisor CLI
  • T1547.008 - LSASS Driver
MITREへのリンク →

Dragonfly

Score: 13.10
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1115 - Clipboard Data
  • T1098.007 - Additional Local or Domain Groups
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1546.016 - Installer Packages
MITREへのリンク →

Threat Group-3390

Score: 13.92
Matched TTPs:
  • T1115 - Clipboard Data
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1218.003 - CMSTP
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Gamaredon Group

Score: 26.50
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1684 - Social Engineering
  • T1608.005 - Link Target
  • T1606.001 - Web Cookies
  • T1554 - Compromise Host Software Binary
  • T1055.014 - VDSO Hijacking
  • T1061 - Graphical User Interface
  • T1547.002 - Authentication Package
MITREへのリンク →

SideCopy

Score: 5.26
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1053.002 - At
MITREへのリンク →

BlackByte

Score: 8.28
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1684 - Social Engineering
  • T1606.001 - Web Cookies
MITREへのリンク →

BITTER

Score: 4.98
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1218.010 - Regsvr32
MITREへのリンク →

HEXANE

Score: 9.51
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1055.014 - VDSO Hijacking
  • T1547.002 - Authentication Package
MITREへのリンク →

Saint Bear

Score: 5.48
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1608.005 - Link Target
  • T1218.010 - Regsvr32
MITREへのリンク →

IndigoZebra

Score: 3.53
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1608.005 - Link Target
MITREへのリンク →

APT38

Score: 5.74
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1684 - Social Engineering
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Winter Vivern

Score: 13.63
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1558 - Steal or Forge Kerberos Tickets
  • T1548 - Abuse Elevation Control Mechanism
  • T1218.001 - Compiled HTML File
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

menuPass

Score: 3.70
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1558 - Steal or Forge Kerberos Tickets
MITREへのリンク →

BRONZE BUTLER

Score: 5.45
Matched TTPs:
  • T1558 - Steal or Forge Kerberos Tickets
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

PLATINUM

Score: 6.41
Matched TTPs:
  • T1558 - Steal or Forge Kerberos Tickets
  • T1684 - Social Engineering
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

MoustachedBouncer

Score: 4.54
Matched TTPs:
  • T1055.003 - Thread Execution Hijacking
MITREへのリンク →

APT37

Score: 8.12
Matched TTPs:
  • T1684 - Social Engineering
  • T1547.002 - Authentication Package
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Velvet Ant

Score: 6.59
Matched TTPs:
  • T1684 - Social Engineering
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Medusa Group

Score: 17.74
Matched TTPs:
  • T1218.003 - CMSTP
  • T1552.003 - Shell History
  • T1608.005 - Link Target
  • T1598 - Phishing for Information
  • T1094 - Custom Command and Control Protocol
MITREへのリンク →

LAPSUS$

Score: 10.03
Matched TTPs:
  • T1136.002 - Domain Account
  • T1619 - Cloud Storage Object Discovery
  • T1592.003 - Firmware
MITREへのリンク →

Andariel

Score: 9.56
Matched TTPs:
  • T1136.002 - Domain Account
  • T1187 - Forced Authentication
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

HAFNIUM

Score: 5.63
Matched TTPs:
  • T1049 - System Network Connections Discovery
  • T1608.005 - Link Target
MITREへのリンク →

Axiom

Score: 14.70
Matched TTPs:
  • T1049 - System Network Connections Discovery
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1160 - Launch Daemon
MITREへのリンク →

INC Ransom

Score: 5.81
Matched TTPs:
  • T1552.003 - Shell History
  • T1562.013 - Disable or Modify Network Device Firewall
MITREへのリンク →

AppleJeus

Score: 5.81
Matched TTPs:
  • T1552.003 - Shell History
  • T1562.013 - Disable or Modify Network Device Firewall
MITREへのリンク →

POLONIUM

Score: 4.41
Matched TTPs:
  • T1608.005 - Link Target
  • T1547.002 - Authentication Package
MITREへのリンク →

GOLD SOUTHFIELD

Score: 3.29
Matched TTPs:
  • T1562.013 - Disable or Modify Network Device Firewall
MITREへのリンク →

Chimera

Score: 6.27
Matched TTPs:
  • T1592.003 - Firmware
  • T1665 - Hide Infrastructure
MITREへのリンク →

APT12

Score: 3.89
Matched TTPs:
  • T1547.002 - Authentication Package
  • T1218.010 - Regsvr32
MITREへのリンク →

Higaisa

Score: 4.33
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1665 - Hide Infrastructure
MITREへのリンク →

Tropic Trooper

Score: 4.33
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1665 - Hide Infrastructure
MITREへのリンク →

Darkhotel

Score: 3.26
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Volatile Cedar

Score: 4.13
Matched TTPs:
  • T1002 - Data Compressed
MITREへのリンク →

Dark Caracal

Score: 4.29
Matched TTPs:
  • T1059.012 - Hypervisor CLI
  • T1547.008 - LSASS Driver
MITREへのリンク →

Daggerfly

Score: 4.60
Matched TTPs:
  • T1059.012 - Hypervisor CLI
  • T1546.016 - Installer Packages
MITREへのリンク →

ToddyCat

Score: 5.36
Matched TTPs:
  • T1665 - Hide Infrastructure
  • T1547.008 - LSASS Driver
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.79
Matched TTPs:
  • T1608.005 - Link Target
  • T1547.002 - Authentication Package
  • T1606.002 - SAML Tokens
  • T1098.007 - Additional Local or Domain Groups
  • T1197 - BITS Jobs
  • T1566.002 - Spearphishing Link
  • T1033 - System Owner/User Discovery
  • T1684 - Social Engineering
  • T1683.001 - Written Content
  • T1665 - Hide Infrastructure
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1102.003 - One-Way Communication
  • T1003.003 - NTDS
  • T1053.002 - At
  • T1543.003 - Windows Service
  • T1055.014 - VDSO Hijacking
  • T1091 - Replication Through Removable Media
  • T1552.003 - Shell History
MITREへのリンク →

Sandworm Team

Score: 0.74
Matched TTPs:
  • T1547.002 - Authentication Package
  • T1606.002 - SAML Tokens
  • T1558 - Steal or Forge Kerberos Tickets
  • T1098.007 - Additional Local or Domain Groups
  • T1546.016 - Installer Packages
  • T1033 - System Owner/User Discovery
  • T1566.002 - Spearphishing Link
  • T1049 - System Network Connections Discovery
  • T1005 - Data from Local System
  • T1484.002 - Trust Modification
  • T1218.010 - Regsvr32
  • T1102.003 - One-Way Communication
  • T1543.003 - Windows Service
  • T1564.008 - Email Hiding Rules
  • T1091 - Replication Through Removable Media
  • T1187 - Forced Authentication
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る