Trusted Design

Targeted ransomware campaign

概要

During the past few weeks, we have received information about a new campaign of targeted ransomware attacks. Instead of the normal modus operandi (phishing attacks or drive-by downloads that lead to automatic execution of ransomware), the attackers gained persistent access to the victim’s network through vulnerability exploitation and spread their access to any connected systems that they could. On each system several tools were used to find, encrypt, and delete the original files as well as any backups. These tools included utilities from Microsoft Sysinternals and parts of open-source projects. After the encryption of the files, a ransom note appears, demanding a payment in Bitcoins to retrieve the files.

Created: 2026-02-23

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

HAFNIUM

Score: 4.38
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1583.006 - Web Services
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

menuPass

Score: 10.66
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1039 - Data from Network Shared Drive
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Wizard Spider

Score: 14.51
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1570 - Lateral Tool Transfer
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1490 - Inhibit System Recovery
MITREへのリンク →

APT33

Score: 7.74
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Fox Kitten

Score: 11.44
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1217 - Browser Information Discovery
  • T1210 - Exploitation of Remote Services
  • T1039 - Data from Network Shared Drive
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

CopyKittens

Score: 5.59
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1560.003 - Archive via Custom Method
  • T1588.002 - Tool
MITREへのリンク →

Volt Typhoon

Score: 18.35
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1588.006 - Vulnerabilities
  • T1217 - Browser Information Discovery
  • T1588.002 - Tool
  • T1570 - Lateral Tool Transfer
  • T1105 - Ingress Tool Transfer
  • T1680 - Local Storage Discovery
  • T1090.001 - Internal Proxy
MITREへのリンク →

APT1

Score: 5.78
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1566.001 - Spearphishing Attachment
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

Mustang Panda

Score: 14.87
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1560.003 - Archive via Custom Method
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Play

Score: 5.74
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Chimera

Score: 14.61
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1217 - Browser Information Discovery
  • T1588.002 - Tool
  • T1039 - Data from Network Shared Drive
  • T1570 - Lateral Tool Transfer
  • T1105 - Ingress Tool Transfer
  • T1680 - Local Storage Discovery
MITREへのリンク →

Gallmaker

Score: 3.26
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
MITREへのリンク →

Sea Turtle

Score: 7.56
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1027.004 - Compile After Delivery
MITREへのリンク →

APT39

Score: 9.17
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1090.001 - Internal Proxy
MITREへのリンク →

RedCurl

Score: 7.65
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1039 - Data from Network Shared Drive
  • T1204.001 - Malicious Link
MITREへのリンク →

Agrius

Score: 3.83
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1570 - Lateral Tool Transfer
MITREへのリンク →

GALLIUM

Score: 5.45
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1588.002 - Tool
  • T1570 - Lateral Tool Transfer
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT41

Score: 10.16
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
  • T1203 - Exploitation for Client Execution
  • T1570 - Lateral Tool Transfer
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

MuddyWater

Score: 19.15
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1583.006 - Web Services
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1027.003 - Steganography
  • T1027.004 - Compile After Delivery
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

APT28

Score: 31.66
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1025 - Data from Removable Media
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1583.006 - Web Services
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1039 - Data from Network Shared Drive
  • T1203 - Exploitation for Client Execution
  • T1598 - Phishing for Information
  • T1498 - Network Denial of Service
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1669 - Wi-Fi Networks
MITREへのリンク →

Turla

Score: 17.84
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1025 - Data from Removable Media
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1570 - Lateral Tool Transfer
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1090.001 - Internal Proxy
MITREへのリンク →

Sowbug

Score: 4.63
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1039 - Data from Network Shared Drive
MITREへのリンク →

BRONZE BUTLER

Score: 12.44
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1039 - Data from Network Shared Drive
  • T1203 - Exploitation for Client Execution
  • T1027.003 - Steganography
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

UNC3886

Score: 15.07
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1560.003 - Archive via Custom Method
  • T1588.001 - Malware
  • T1205.001 - Port Knocking
  • T1203 - Exploitation for Client Execution
  • T1570 - Lateral Tool Transfer
MITREへのリンク →

Kimsuky

Score: 26.31
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1560.003 - Archive via Custom Method
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1598 - Phishing for Information
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1680 - Local Storage Discovery
  • T1588.005 - Exploits
MITREへのリンク →

APT3

Score: 5.22
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN8

Score: 8.58
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Ke3chang

Score: 3.22
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Lotus Blossom

Score: 8.52
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1560.003 - Archive via Custom Method
  • T1588.002 - Tool
  • T1090.001 - Internal Proxy
MITREへのリンク →

FIN13

Score: 8.67
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
  • T1090.001 - Internal Proxy
MITREへのリンク →

Earth Lusca

Score: 16.81
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1204.002 - Malicious File
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1027.003 - Steganography
  • T1204.001 - Malicious Link
MITREへのリンク →

Magic Hound

Score: 18.10
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1204.002 - Malicious File
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
  • T1573 - Encrypted Channel
  • T1570 - Lateral Tool Transfer
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Aquatic Panda

Score: 5.68
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

INC Ransom

Score: 10.32
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
  • T1570 - Lateral Tool Transfer
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Akira

Score: 10.59
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1657 - Financial Theft
  • T1531 - Account Access Removal
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

ToddyCat

Score: 6.95
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1680 - Local Storage Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

FIN6

Score: 8.19
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Lazarus Group

Score: 21.85
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
  • T1680 - Local Storage Discovery
  • T1566.003 - Spearphishing via Service
  • T1090.001 - Internal Proxy
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

OilRig

Score: 14.26
Matched TTPs:
  • T1025 - Data from Removable Media
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Gamaredon Group

Score: 22.06
Matched TTPs:
  • T1025 - Data from Removable Media
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1039 - Data from Network Shared Drive
  • T1027.004 - Compile After Delivery
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1027.015 - Compression
MITREへのリンク →

Malteiro

Score: 4.19
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1657 - Financial Theft
MITREへのリンク →

APT12

Score: 3.16
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Machete

Score: 3.02
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1204.001 - Malicious Link
MITREへのリンク →

Elderwood

Score: 5.29
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Transparent Tribe

Score: 4.52
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Dragonfly

Score: 7.53
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

WIRTE

Score: 3.29
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Contagious Interview

Score: 12.03
Matched TTPs:
  • T1204.002 - Malicious File
  • T1608.001 - Upload Malware
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Aoqin Dragon

Score: 5.37
Matched TTPs:
  • T1204.002 - Malicious File
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1570 - Lateral Tool Transfer
MITREへのリンク →

APT-C-36

Score: 3.29
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

CURIUM

Score: 4.19
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Tropic Trooper

Score: 13.42
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
  • T1027.003 - Steganography
  • T1105 - Ingress Tool Transfer
  • T1680 - Local Storage Discovery
MITREへのリンク →

Dark Caracal

Score: 3.31
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

TA551

Score: 5.47
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1027.003 - Steganography
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

HEXANE

Score: 4.39
Matched TTPs:
  • T1204.002 - Malicious File
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Threat Group-3390

Score: 16.79
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1608.002 - Upload Tool
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
  • T1027.015 - Compression
MITREへのリンク →

BITTER

Score: 10.38
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT37

Score: 10.59
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1027.003 - Steganography
  • T1105 - Ingress Tool Transfer
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

LazyScripter

Score: 10.24
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

PROMETHIUM

Score: 4.92
Matched TTPs:
  • T1204.002 - Malicious File
  • T1205.001 - Port Knocking
MITREへのリンク →

TA505

Score: 11.42
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Star Blizzard

Score: 4.48
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
MITREへのリンク →

Higaisa

Score: 12.07
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1680 - Local Storage Discovery
  • T1090.001 - Internal Proxy
  • T1027.015 - Compression
MITREへのリンク →

Sandworm Team

Score: 19.82
Matched TTPs:
  • T1204.002 - Malicious File
  • T1588.006 - Vulnerabilities
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
  • T1203 - Exploitation for Client Execution
  • T1570 - Lateral Tool Transfer
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1490 - Inhibit System Recovery
MITREへのリンク →

FIN4

Score: 3.02
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1204.001 - Malicious Link
MITREへのリンク →

Cobalt Group

Score: 6.14
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Storm-1811

Score: 9.51
Matched TTPs:
  • T1204.002 - Malicious File
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
  • T1570 - Lateral Tool Transfer
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Inception

Score: 4.01
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

EXOTIC LILY

Score: 9.01
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Ajax Security Team

Score: 4.96
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Saint Bear

Score: 8.50
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Patchwork

Score: 8.98
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1680 - Local Storage Discovery
MITREへのリンク →

TA459

Score: 3.16
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

FIN7

Score: 13.72
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Moonstone Sleet

Score: 16.00
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1217 - Browser Information Discovery
  • T1486 - Data Encrypted for Impact
  • T1598 - Phishing for Information
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Gorgon Group

Score: 3.29
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

TA2541

Score: 14.24
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1027.015 - Compression
MITREへのリンク →

SideCopy

Score: 4.41
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Mofang

Score: 6.17
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1204.001 - Malicious Link
  • T1027.015 - Compression
MITREへのリンク →

Leviathan

Score: 11.48
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1027.003 - Steganography
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1027.015 - Compression
MITREへのリンク →

Tonto Team

Score: 6.68
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1210 - Exploitation of Remote Services
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Andariel

Score: 9.43
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1588.001 - Malware
  • T1203 - Exploitation for Client Execution
  • T1027.003 - Steganography
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT38

Score: 13.90
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1217 - Browser Information Discovery
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Molerats

Score: 6.95
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1027.015 - Compression
MITREへのリンク →

admin@338

Score: 3.16
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Darkhotel

Score: 3.93
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT32

Score: 12.36
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1570 - Lateral Tool Transfer
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

The White Company

Score: 3.16
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

IndigoZebra

Score: 5.30
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Silence

Score: 3.29
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Sidewinder

Score: 5.29
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Indrik Spider

Score: 3.91
Matched TTPs:
  • T1204.002 - Malicious File
  • T1486 - Data Encrypted for Impact
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT29

Score: 14.30
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Confucius

Score: 10.14
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1680 - Local Storage Discovery
MITREへのリンク →

BlackTech

Score: 5.37
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Windshift

Score: 6.32
Matched TTPs:
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Storm-0501

Score: 11.99
Matched TTPs:
  • T1588.006 - Vulnerabilities
  • T1657 - Financial Theft
  • T1486 - Data Encrypted for Impact
  • T1490 - Inhibit System Recovery
MITREへのリンク →

Winter Vivern

Score: 3.01
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

LuminousMoth

Score: 7.42
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Mustard Tempest

Score: 4.11
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

TeamTNT

Score: 5.58
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1105 - Ingress Tool Transfer
  • T1680 - Local Storage Discovery
MITREへのリンク →

BlackByte

Score: 10.61
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1486 - Data Encrypted for Impact
  • T1570 - Lateral Tool Transfer
  • T1105 - Ingress Tool Transfer
  • T1490 - Inhibit System Recovery
MITREへのリンク →

Medusa Group

Score: 30.85
Matched TTPs:
  • T1608.002 - Upload Tool
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
  • T1570 - Lateral Tool Transfer
  • T1650 - Acquire Access
  • T1105 - Ingress Tool Transfer
  • T1490 - Inhibit System Recovery
  • T1529 - System Shutdown/Reboot
  • T1218.014 - MMC
MITREへのリンク →

Scattered Spider

Score: 23.50
Matched TTPs:
  • T1217 - Browser Information Discovery
  • T1588.001 - Malware
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
  • T1598 - Phishing for Information
  • T1538 - Cloud Service Dashboard
  • T1105 - Ingress Tool Transfer
  • T1490 - Inhibit System Recovery
MITREへのリンク →

Ember Bear

Score: 13.07
Matched TTPs:
  • T1588.001 - Malware
  • T1210 - Exploitation of Remote Services
  • T1203 - Exploitation for Client Execution
  • T1570 - Lateral Tool Transfer
  • T1588.005 - Exploits
MITREへのリンク →

LAPSUS$

Score: 7.44
Matched TTPs:
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1531 - Account Access Removal
MITREへのリンク →

Metador

Score: 4.08
Matched TTPs:
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

BackdoorDiplomacy

Score: 4.08
Matched TTPs:
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Cinnamon Tempest

Score: 4.15
Matched TTPs:
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Water Galura

Score: 4.86
Matched TTPs:
  • T1657 - Financial Theft
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

ZIRCONIUM

Score: 7.59
Matched TTPs:
  • T1583.006 - Web Services
  • T1598 - Phishing for Information
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

TA578

Score: 3.37
Matched TTPs:
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN10

Score: 3.08
Matched TTPs:
  • T1588.002 - Tool
  • T1570 - Lateral Tool Transfer
MITREへのリンク →

Axiom

Score: 6.03
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1001.002 - Steganography
MITREへのリンク →

Velvet Ant

Score: 5.16
Matched TTPs:
  • T1570 - Lateral Tool Transfer
  • T1090.001 - Internal Proxy
MITREへのリンク →

Rocke

Score: 4.40
Matched TTPs:
  • T1027.004 - Compile After Delivery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Equation

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

Strider

Score: 7.06
Matched TTPs:
  • T1564.005 - Hidden File System
  • T1090.001 - Internal Proxy
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Medusa Group

Score: 0.84
Matched TTPs:
  • T1486 - Data Encrypted for Impact
  • T1608.002 - Upload Tool
  • T1570 - Lateral Tool Transfer
  • T1218.014 - MMC
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1490 - Inhibit System Recovery
  • T1650 - Acquire Access
  • T1105 - Ingress Tool Transfer
  • T1657 - Financial Theft
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

APT28

Score: 0.80
Matched TTPs:
  • T1025 - Data from Removable Media
  • T1210 - Exploitation of Remote Services
  • T1498 - Network Denial of Service
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
  • T1039 - Data from Network Shared Drive
  • T1204.002 - Malicious File
  • T1598 - Phishing for Information
  • T1560.001 - Archive via Utility
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
  • T1669 - Wi-Fi Networks
MITREへのリンク →

Kimsuky

Score: 0.66
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1204.001 - Malicious Link
  • T1588.005 - Exploits
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
  • T1657 - Financial Theft
  • T1204.002 - Malicious File
  • T1680 - Local Storage Discovery
  • T1598 - Phishing for Information
  • T1560.001 - Archive via Utility
  • T1566.001 - Spearphishing Attachment
  • T1560.003 - Archive via Custom Method
MITREへのリンク →

Scattered Spider

Score: 0.62
Matched TTPs:
  • T1486 - Data Encrypted for Impact
  • T1490 - Inhibit System Recovery
  • T1588.002 - Tool
  • T1538 - Cloud Service Dashboard
  • T1105 - Ingress Tool Transfer
  • T1657 - Financial Theft
  • T1217 - Browser Information Discovery
  • T1598 - Phishing for Information
  • T1588.001 - Malware
MITREへのリンク →

Gamaredon Group

Score: 0.58
Matched TTPs:
  • T1025 - Data from Removable Media
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1027.015 - Compression
  • T1105 - Ingress Tool Transfer
  • T1039 - Data from Network Shared Drive
  • T1204.002 - Malicious File
  • T1566.001 - Spearphishing Attachment
  • T1027.004 - Compile After Delivery
  • T1204.001 - Malicious Link
MITREへのリンク →

Lazarus Group

Score: 0.58
Matched TTPs:
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
  • T1204.002 - Malicious File
  • T1680 - Local Storage Discovery
  • T1529 - System Shutdown/Reboot
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1560.003 - Archive via Custom Method
  • T1090.001 - Internal Proxy
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る