Pulse Detail-

EITest uses Adobe Flash to redirect to Angler exploit kit

概要

a shift in tactics by EITest, one of the main gates that drives traffic to the Angler exploit kit. Threat actors commonly use a gate, also known as a traffic detection system (TDS), to filter traffic based on a specific set of predefined criteria. Only the compromised systems that meet the criteria are redirected to the exploit kit. Until February 2016, obfuscated JavaScript injected by EITest on a compromised site contained a simple check to determine if the victim was using Internet Explorer. If so, the JavaScript redirected the browser to the Angler exploit kit's landing page

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

The Many Paths to Angler (score: 0.64)
Large Malvertising Campaign Goes (Almost) Undetected (score: 0.64)
Alienvault Labs: Malvertising leading to the Angler Exploit Kit (score: 0.62)
Web Attack (score: 0.62)
Large Malvertising Campaign Leads to Angler EK & Bunitu Malware (score: 0.62)

このPulseに関連する脅威アクター (事実ベース)

Turla

Score: 22.64

Matched TTPs:

T1546.013 - PowerShell Profile
T1099 - Timestomp
T1684 - Social Engineering
T1045 - Software Packing
T1608.005 - Link Target
T1547.002 - Authentication Package
T1059.012 - Hypervisor CLI
T1556.005 - Reversible Encryption
T1546.016 - Installer Packages
T1569.002 - Service Execution

MITREへのリンク →

APT32

Score: 22.91

Matched TTPs:

T1546.013 - PowerShell Profile
T1115 - Clipboard Data
T1007 - System Service Discovery
T1684 - Social Engineering
T1592.004 - Client Configurations
T1608.005 - Link Target
T1027.014 - Polymorphic Code
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1556.005 - Reversible Encryption

MITREへのリンク →

Saint Bear

Score: 5.48

Matched TTPs:

T1546.013 - PowerShell Profile
T1608.005 - Link Target
T1218.010 - Regsvr32

MITREへのリンク →

FIN6

Score: 4.72

Matched TTPs:

T1546.013 - PowerShell Profile
T1128 - Netsh Helper DLL

MITREへのリンク →

Sidewinder

Score: 4.65

Matched TTPs:

T1546.013 - PowerShell Profile
T1218.010 - Regsvr32
T1556.005 - Reversible Encryption

MITREへのリンク →

MoustachedBouncer

Score: 8.85

Matched TTPs:

T1546.013 - PowerShell Profile
T1055.003 - Thread Execution Hijacking
T1045 - Software Packing

MITREへのリンク →

MuddyWater

Score: 11.81

Matched TTPs:

T1546.013 - PowerShell Profile
T1547.011 - Plist Modification
T1608.005 - Link Target
T1547.002 - Authentication Package
T1218.010 - Regsvr32
T1556.005 - Reversible Encryption

MITREへのリンク →

Earth Lusca

Score: 13.52

Matched TTPs:

T1546.013 - PowerShell Profile
T1562.004 - Disable or Modify System Firewall
T1045 - Software Packing
T1608.005 - Link Target
T1059.012 - Hypervisor CLI
T1546.016 - Installer Packages

MITREへのリンク →

Winter Vivern

Score: 12.06

Matched TTPs:

T1546.013 - PowerShell Profile
T1562.004 - Disable or Modify System Firewall
T1548 - Abuse Elevation Control Mechanism
T1059.012 - Hypervisor CLI
T1556.005 - Reversible Encryption

MITREへのリンク →

Silence

Score: 7.18

Matched TTPs:

T1546.013 - PowerShell Profile
T1684 - Social Engineering
T1547.011 - Plist Modification

MITREへのリンク →

Contagious Interview

Score: 14.71

Matched TTPs:

T1546.013 - PowerShell Profile
T1045 - Software Packing
T1562.010 - Downgrade Attack
T1608.005 - Link Target
T1221 - Template Injection

MITREへのリンク →

LazyScripter

Score: 3.99

Matched TTPs:

T1546.013 - PowerShell Profile
T1608.005 - Link Target

MITREへのリンク →

TA505

Score: 3.16

Matched TTPs:

T1546.013 - PowerShell Profile
T1556.005 - Reversible Encryption

MITREへのリンク →

FIN7

Score: 16.88

Matched TTPs:

T1546.013 - PowerShell Profile
T1115 - Clipboard Data
T1011.001 - Exfiltration Over Bluetooth
T1608.005 - Link Target
T1573 - Encrypted Channel
T1547.002 - Authentication Package

MITREへのリンク →

Cobalt Group

Score: 15.53

Matched TTPs:

T1546.013 - PowerShell Profile
T1684 - Social Engineering
T1027.014 - Polymorphic Code
T1573 - Encrypted Channel
T1218.010 - Regsvr32
T1128 - Netsh Helper DLL
T1556.005 - Reversible Encryption

MITREへのリンク →

Higaisa

Score: 7.58

Matched TTPs:

T1546.013 - PowerShell Profile
T1218.010 - Regsvr32
T1556.005 - Reversible Encryption
T1569.002 - Service Execution

MITREへのリンク →

Kimsuky

Score: 21.45

Matched TTPs:

T1546.013 - PowerShell Profile
T1684 - Social Engineering
T1602.002 - Network Device Configuration Dump
T1608.005 - Link Target
T1027.014 - Polymorphic Code
T1547.002 - Authentication Package
T1556.005 - Reversible Encryption
T1003.003 - NTDS

MITREへのリンク →

Indrik Spider

Score: 4.81

Matched TTPs:

T1546.013 - PowerShell Profile
T1546.016 - Installer Packages

MITREへのリンク →

Leafminer

Score: 3.74

Matched TTPs:

T1546.013 - PowerShell Profile
T1059.012 - Hypervisor CLI

MITREへのリンク →

Mustang Panda

Score: 6.67

Matched TTPs:

T1546.013 - PowerShell Profile
T1608.005 - Link Target
T1218.010 - Regsvr32
T1556.005 - Reversible Encryption

MITREへのリンク →

TA578

Score: 3.99

Matched TTPs:

T1546.013 - PowerShell Profile
T1608.005 - Link Target

MITREへのリンク →

Magic Hound

Score: 15.04

Matched TTPs:

T1099 - Timestomp
T1562.004 - Disable or Modify System Firewall
T1045 - Software Packing
T1608.005 - Link Target
T1547.002 - Authentication Package
T1059.012 - Hypervisor CLI
T1556.005 - Reversible Encryption

MITREへのリンク →

HEXANE

Score: 5.14

Matched TTPs:

T1099 - Timestomp
T1547.002 - Authentication Package

MITREへのリンク →

APT29

Score: 19.97

Matched TTPs:

T1099 - Timestomp
T1562.004 - Disable or Modify System Firewall
T1547.011 - Plist Modification
T1592.004 - Client Configurations
T1608.005 - Link Target
T1218.010 - Regsvr32
T1223 - Compiled HTML File

MITREへのリンク →

Gamaredon Group

Score: 16.99

Matched TTPs:

T1099 - Timestomp
T1684 - Social Engineering
T1045 - Software Packing
T1562.010 - Downgrade Attack
T1608.005 - Link Target
T1547.002 - Authentication Package
T1556.005 - Reversible Encryption

MITREへのリンク →

TA2541

Score: 9.96

Matched TTPs:

T1099 - Timestomp
T1684 - Social Engineering
T1608.005 - Link Target
T1128 - Netsh Helper DLL

MITREへのリンク →

Lotus Blossom

Score: 5.67

Matched TTPs:

T1099 - Timestomp
T1569.002 - Service Execution

MITREへのリンク →

FIN13

Score: 9.26

Matched TTPs:

T1099 - Timestomp
T1007 - System Service Discovery
T1556.005 - Reversible Encryption
T1569.002 - Service Execution

MITREへのリンク →

HAFNIUM

Score: 10.48

Matched TTPs:

T1099 - Timestomp
T1059 - Command and Scripting Interpreter
T1608.005 - Link Target
T1556.005 - Reversible Encryption

MITREへのリンク →

Volt Typhoon

Score: 10.85

Matched TTPs:

T1099 - Timestomp
T1045 - Software Packing
T1546.016 - Installer Packages
T1569.002 - Service Execution

MITREへのリンク →

FIN8

Score: 6.68

Matched TTPs:

T1099 - Timestomp
T1128 - Netsh Helper DLL
T1556.005 - Reversible Encryption

MITREへのリンク →

Transparent Tribe

Score: 6.29

Matched TTPs:

T1115 - Clipboard Data
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

LuminousMoth

Score: 4.22

Matched TTPs:

T1115 - Clipboard Data
T1556.005 - Reversible Encryption

MITREへのリンク →

Dragonfly

Score: 17.04

Matched TTPs:

T1115 - Clipboard Data
T1007 - System Service Discovery
T1562.004 - Disable or Modify System Firewall
T1573 - Encrypted Channel
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1546.016 - Installer Packages

MITREへのリンク →

CURIUM

Score: 4.80

Matched TTPs:

T1115 - Clipboard Data
T1059.012 - Hypervisor CLI

MITREへのリンク →

Threat Group-3390

Score: 10.41

Matched TTPs:

T1115 - Clipboard Data
T1573 - Encrypted Channel
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1556.005 - Reversible Encryption

MITREへのリンク →

Mustard Tempest

Score: 4.80

Matched TTPs:

T1115 - Clipboard Data
T1059.012 - Hypervisor CLI

MITREへのリンク →

Tonto Team

Score: 6.64

Matched TTPs:

T1007 - System Service Discovery
T1547.011 - Plist Modification
T1218.010 - Regsvr32

MITREへのリンク →

APT39

Score: 11.66

Matched TTPs:

T1007 - System Service Discovery
T1547.011 - Plist Modification
T1547.002 - Authentication Package
T1556.005 - Reversible Encryption
T1569.002 - Service Execution

MITREへのリンク →

APT41

Score: 15.40

Matched TTPs:

T1007 - System Service Discovery
T1684 - Social Engineering
T1562.004 - Disable or Modify System Firewall
T1045 - Software Packing
T1573 - Encrypted Channel
T1218.010 - Regsvr32
T1556.005 - Reversible Encryption

MITREへのリンク →

Medusa Group

Score: 11.97

Matched TTPs:

T1007 - System Service Discovery
T1608.005 - Link Target
T1128 - Netsh Helper DLL
T1556.005 - Reversible Encryption
T1216 - System Script Proxy Execution

MITREへのリンク →

Chimera

Score: 3.59

Matched TTPs:

T1007 - System Service Discovery
T1556.005 - Reversible Encryption

MITREへのリンク →

APT38

Score: 11.43

Matched TTPs:

T1007 - System Service Discovery
T1684 - Social Engineering
T1059.012 - Hypervisor CLI
T1556.005 - Reversible Encryption
T1216 - System Script Proxy Execution

MITREへのリンク →

BlackByte

Score: 9.89

Matched TTPs:

T1007 - System Service Discovery
T1684 - Social Engineering
T1562.010 - Downgrade Attack
T1556.005 - Reversible Encryption

MITREへのリンク →

Tropic Trooper

Score: 7.83

Matched TTPs:

T1007 - System Service Discovery
T1218.010 - Regsvr32
T1128 - Netsh Helper DLL
T1556.005 - Reversible Encryption

MITREへのリンク →

Wizard Spider

Score: 6.04

Matched TTPs:

T1007 - System Service Discovery
T1684 - Social Engineering
T1556.005 - Reversible Encryption

MITREへのリンク →

APT37

Score: 12.92

Matched TTPs:

T1684 - Social Engineering
T1547.002 - Authentication Package
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1556.005 - Reversible Encryption
T1216 - System Script Proxy Execution

MITREへのリンク →

Velvet Ant

Score: 8.13

Matched TTPs:

T1684 - Social Engineering
T1128 - Netsh Helper DLL
T1569.002 - Service Execution

MITREへのリンク →

PLATINUM

Score: 4.22

Matched TTPs:

T1684 - Social Engineering
T1059.012 - Hypervisor CLI

MITREへのリンク →

Sandworm Team

Score: 15.77

Matched TTPs:

T1562.004 - Disable or Modify System Firewall
T1045 - Software Packing
T1573 - Encrypted Channel
T1547.002 - Authentication Package
T1218.010 - Regsvr32
T1556.005 - Reversible Encryption
T1546.016 - Installer Packages

MITREへのリンク →

Leviathan

Score: 11.43

Matched TTPs:

T1562.004 - Disable or Modify System Firewall
T1027.014 - Polymorphic Code
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1546.016 - Installer Packages

MITREへのリンク →

Ember Bear

Score: 8.22

Matched TTPs:

T1562.004 - Disable or Modify System Firewall
T1218.010 - Regsvr32
T1003.003 - NTDS

MITREへのリンク →

TeamTNT

Score: 3.78

Matched TTPs:

T1562.004 - Disable or Modify System Firewall
T1556.005 - Reversible Encryption

MITREへのリンク →

APT28

Score: 18.73

Matched TTPs:

T1562.004 - Disable or Modify System Firewall
T1547.011 - Plist Modification
T1608.005 - Link Target
T1547.002 - Authentication Package
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1556.005 - Reversible Encryption
T1588.003 - Code Signing Certificates

MITREへのリンク →

Lazarus Group

Score: 20.99

Matched TTPs:

T1547.011 - Plist Modification
T1608.005 - Link Target
T1547.002 - Authentication Package
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1556.005 - Reversible Encryption
T1546.016 - Installer Packages
T1569.002 - Service Execution
T1216 - System Script Proxy Execution

MITREへのリンク →

APT3

Score: 4.24

Matched TTPs:

T1547.011 - Plist Modification
T1218.010 - Regsvr32

MITREへのリンク →

LAPSUS$

Score: 6.47

Matched TTPs:

T1045 - Software Packing
T1619 - Cloud Storage Object Discovery

MITREへのリンク →

Blue Mockingbird

Score: 5.09

Matched TTPs:

T1045 - Software Packing
T1027.014 - Polymorphic Code

MITREへのリンク →

Windigo

Score: 4.11

Matched TTPs:

T1045 - Software Packing
T1059.012 - Hypervisor CLI

MITREへのリンク →

POLONIUM

Score: 6.75

Matched TTPs:

T1045 - Software Packing
T1608.005 - Link Target
T1547.002 - Authentication Package

MITREへのリンク →

Scattered Spider

Score: 6.47

Matched TTPs:

T1045 - Software Packing
T1619 - Cloud Storage Object Discovery

MITREへのリンク →

BRONZE BUTLER

Score: 8.29

Matched TTPs:

T1592.004 - Client Configurations
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1556.005 - Reversible Encryption

MITREへのリンク →

ZIRCONIUM

Score: 4.41

Matched TTPs:

T1608.005 - Link Target
T1547.002 - Authentication Package

MITREへのリンク →

Confucius

Score: 4.69

Matched TTPs:

T1608.005 - Link Target
T1218.010 - Regsvr32
T1556.005 - Reversible Encryption

MITREへのリンク →

TA551

Score: 3.93

Matched TTPs:

T1027.014 - Polymorphic Code
T1556.005 - Reversible Encryption

MITREへのリンク →

Inception

Score: 5.43

Matched TTPs:

T1027.014 - Polymorphic Code
T1218.010 - Regsvr32
T1556.005 - Reversible Encryption

MITREへのリンク →

WIRTE

Score: 3.93

Matched TTPs:

T1027.014 - Polymorphic Code
T1556.005 - Reversible Encryption

MITREへのリンク →

APT19

Score: 5.70

Matched TTPs:

T1027.014 - Polymorphic Code
T1059.012 - Hypervisor CLI
T1556.005 - Reversible Encryption

MITREへのリンク →

Daggerfly

Score: 8.72

Matched TTPs:

T1573 - Encrypted Channel
T1059.012 - Hypervisor CLI
T1556.005 - Reversible Encryption
T1546.016 - Installer Packages

MITREへのリンク →

Moonstone Sleet

Score: 4.12

Matched TTPs:

T1573 - Encrypted Channel
T1556.005 - Reversible Encryption

MITREへのリンク →

APT12

Score: 3.89

Matched TTPs:

T1547.002 - Authentication Package
T1218.010 - Regsvr32

MITREへのリンク →

Andariel

Score: 3.26

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

Patchwork

Score: 3.26

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

Axiom

Score: 3.26

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

Elderwood

Score: 3.26

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

Darkhotel

Score: 3.26

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

OilRig

Score: 9.97

Matched TTPs:

T1218.010 - Regsvr32
T1592.002 - Software
T1128 - Netsh Helper DLL
T1556.005 - Reversible Encryption

MITREへのリンク →

RedCurl

Score: 3.93

Matched TTPs:

T1128 - Netsh Helper DLL
T1556.005 - Reversible Encryption

MITREへのリンク →

RedEcho

Score: 3.93

Matched TTPs:

T1128 - Netsh Helper DLL
T1556.005 - Reversible Encryption

MITREへのリンク →

APT42

Score: 3.93

Matched TTPs:

T1128 - Netsh Helper DLL
T1556.005 - Reversible Encryption

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Turla

Score: 0.80

Matched TTPs:

T1099 - Timestomp
T1045 - Software Packing
T1684 - Social Engineering
T1546.013 - PowerShell Profile
T1556.005 - Reversible Encryption
T1546.016 - Installer Packages
T1608.005 - Link Target
T1547.002 - Authentication Package
T1569.002 - Service Execution
T1059.012 - Hypervisor CLI

MITREへのリンク →

APT32

Score: 0.80

Matched TTPs:

T1218.010 - Regsvr32
T1592.004 - Client Configurations
T1115 - Clipboard Data
T1684 - Social Engineering
T1546.013 - PowerShell Profile
T1027.014 - Polymorphic Code
T1556.005 - Reversible Encryption
T1007 - System Service Discovery
T1608.005 - Link Target
T1059.012 - Hypervisor CLI

MITREへのリンク →

Kimsuky

Score: 0.72

Matched TTPs:

T1027.014 - Polymorphic Code
T1546.013 - PowerShell Profile
T1684 - Social Engineering
T1602.002 - Network Device Configuration Dump
T1556.005 - Reversible Encryption
T1608.005 - Link Target
T1547.002 - Authentication Package
T1003.003 - NTDS

MITREへのリンク →

Lazarus Group

Score: 0.72

Matched TTPs:

T1218.010 - Regsvr32
T1556.005 - Reversible Encryption
T1216 - System Script Proxy Execution
T1546.016 - Installer Packages
T1608.005 - Link Target
T1547.002 - Authentication Package
T1569.002 - Service Execution
T1547.011 - Plist Modification
T1059.012 - Hypervisor CLI

MITREへのリンク →

APT29

Score: 0.69

Matched TTPs:

T1099 - Timestomp
T1218.010 - Regsvr32
T1562.004 - Disable or Modify System Firewall
T1592.004 - Client Configurations
T1223 - Compiled HTML File
T1608.005 - Link Target
T1547.011 - Plist Modification

MITREへのリンク →

APT28

Score: 0.65

Matched TTPs:

T1218.010 - Regsvr32
T1562.004 - Disable or Modify System Firewall
T1556.005 - Reversible Encryption
T1588.003 - Code Signing Certificates
T1608.005 - Link Target
T1547.002 - Authentication Package
T1547.011 - Plist Modification
T1059.012 - Hypervisor CLI

MITREへのリンク →

FIN7

Score: 0.62

Matched TTPs:

T1115 - Clipboard Data
T1547.002 - Authentication Package
T1546.013 - PowerShell Profile
T1573 - Encrypted Channel
T1608.005 - Link Target
T1011.001 - Exfiltration Over Bluetooth

MITREへのリンク →

Dragonfly

Score: 0.61

Matched TTPs:

T1218.010 - Regsvr32
T1562.004 - Disable or Modify System Firewall
T1115 - Clipboard Data
T1573 - Encrypted Channel
T1007 - System Service Discovery
T1546.016 - Installer Packages
T1059.012 - Hypervisor CLI

MITREへのリンク →

Gamaredon Group

Score: 0.60

Matched TTPs:

T1099 - Timestomp
T1045 - Software Packing
T1684 - Social Engineering
T1562.010 - Downgrade Attack
T1556.005 - Reversible Encryption
T1608.005 - Link Target
T1547.002 - Authentication Package

MITREへのリンク →

APT41

Score: 0.56

Matched TTPs:

T1218.010 - Regsvr32
T1045 - Software Packing
T1562.004 - Disable or Modify System Firewall
T1684 - Social Engineering
T1573 - Encrypted Channel
T1556.005 - Reversible Encryption
T1007 - System Service Discovery

MITREへのリンク →

Sandworm Team

Score: 0.56

Matched TTPs:

T1218.010 - Regsvr32
T1045 - Software Packing
T1562.004 - Disable or Modify System Firewall
T1573 - Encrypted Channel
T1556.005 - Reversible Encryption
T1546.016 - Installer Packages
T1547.002 - Authentication Package

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る

EITest uses Adobe Flash to redirect to Angler exploit kit

概要

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

Pulse – 脅威アクター グラフ

Pulse – 脅威アクターグラフ