Trusted Design

Malicious VBScript file delivers Pony Loader

概要

researchers observed a spam campaign distributing a malicious Visual Basic script (VBScript) that delivers the Pony Loader credential-stealing malware. The subject of the emails was "UPDATED STATEMENT & INVOICE #725563" and the sender was purportedly "CREDIT & COLLECTION <florinda.bento@maersk . com>," although it is unclear if the emails were sent from this account or if the address was forged. CTU researchers observed a low volume of this spam distributed to organizations in multiple verticals and do not believe the activity was targeted. In January 2016, the same email address was observed distributing the Adwind remote access trojan (RAT).

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

APT32

Score: 17.36
Matched TTPs:
  • T1216.001 - PubPrn
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
  • T1059.005 - Visual Basic
  • T1569.002 - Service Execution
MITREへのリンク →

Scattered Spider

Score: 20.79
Matched TTPs:
  • T1564.008 - Email Hiding Rules
  • T1598.003 - Spearphishing Link
  • T1588.001 - Malware
  • T1657 - Financial Theft
  • T1204 - User Execution
  • T1598 - Phishing for Information
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

FIN4

Score: 11.99
Matched TTPs:
  • T1564.008 - Email Hiding Rules
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1056.002 - GUI Input Capture
  • T1059.005 - Visual Basic
MITREへのリンク →

Ember Bear

Score: 13.40
Matched TTPs:
  • T1491.002 - External Defacement
  • T1195 - Supply Chain Compromise
  • T1190 - Exploit Public-Facing Application
  • T1588.001 - Malware
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Sandworm Team

Score: 27.87
Matched TTPs:
  • T1491.002 - External Defacement
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1195 - Supply Chain Compromise
  • T1190 - Exploit Public-Facing Application
  • T1584.005 - Botnet
  • T1199 - Trusted Relationship
  • T1203 - Exploitation for Client Execution
  • T1078.002 - Domain Accounts
  • T1059.005 - Visual Basic
MITREへのリンク →

Mustard Tempest

Score: 10.52
Matched TTPs:
  • T1583.008 - Malvertising
  • T1566.002 - Spearphishing Link
  • T1608.006 - SEO Poisoning
MITREへのリンク →

Kimsuky

Score: 35.89
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1027.012 - LNK Icon Smuggling
  • T1566 - Phishing
  • T1218.010 - Regsvr32
  • T1598 - Phishing for Information
  • T1059.005 - Visual Basic
  • T1588.003 - Code Signing Certificates
  • T1021.001 - Remote Desktop Protocol
  • T1680 - Local Storage Discovery
MITREへのリンク →

FIN13

Score: 9.14
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1059.005 - Visual Basic
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Moonstone Sleet

Score: 13.79
Matched TTPs:
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1598 - Phishing for Information
  • T1569.002 - Service Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Indrik Spider

Score: 6.03
Matched TTPs:
  • T1587.001 - Malware
  • T1078.002 - Domain Accounts
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Lazarus Group

Score: 18.45
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1059.005 - Visual Basic
  • T1027.007 - Dynamic API Resolution
  • T1021.001 - Remote Desktop Protocol
  • T1680 - Local Storage Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Contagious Interview

Score: 13.08
Matched TTPs:
  • T1587.001 - Malware
  • T1657 - Financial Theft
  • T1059.005 - Visual Basic
  • T1204.004 - Malicious Copy and Paste
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

OilRig

Score: 31.59
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1195 - Supply Chain Compromise
  • T1203 - Exploitation for Client Execution
  • T1137.004 - Outlook Home Page
  • T1078.002 - Domain Accounts
  • T1555.004 - Windows Credential Manager
  • T1059.005 - Visual Basic
  • T1588.003 - Code Signing Certificates
  • T1021.001 - Remote Desktop Protocol
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

UNC3886

Score: 7.52
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1588.001 - Malware
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

LuminousMoth

Score: 6.00
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1588.001 - Malware
MITREへのリンク →

Salt Typhoon

Score: 3.57
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
MITREへのリンク →

APT29

Score: 15.32
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1199 - Trusted Relationship
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Play

Score: 8.38
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1078.002 - Domain Accounts
MITREへのリンク →

Aoqin Dragon

Score: 3.59
Matched TTPs:
  • T1587.001 - Malware
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

RedCurl

Score: 12.70
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1199 - Trusted Relationship
  • T1056.002 - GUI Input Capture
  • T1059.005 - Visual Basic
MITREへのリンク →

Moses Staff

Score: 3.57
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
MITREへのリンク →

Turla

Score: 11.03
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1588.001 - Malware
  • T1555.004 - Windows Credential Manager
  • T1059.005 - Visual Basic
MITREへのリンク →

Ke3chang

Score: 5.96
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1569.002 - Service Execution
MITREへのリンク →

Mustang Panda

Score: 28.10
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1176.002 - IDE Extensions
  • T1027.012 - LNK Icon Smuggling
  • T1203 - Exploitation for Client Execution
  • T1059.005 - Visual Basic
  • T1588.003 - Code Signing Certificates
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

TeamTNT

Score: 4.93
Matched TTPs:
  • T1587.001 - Malware
  • T1680 - Local Storage Discovery
MITREへのリンク →

FIN7

Score: 20.01
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1674 - Input Injection
  • T1497.002 - User Activity Based Checks
  • T1059.005 - Visual Basic
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
MITREへのリンク →

BlackTech

Score: 8.44
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1203 - Exploitation for Client Execution
  • T1588.003 - Code Signing Certificates
MITREへのリンク →

MuddyWater

Score: 18.98
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1218.003 - CMSTP
  • T1137.001 - Office Template Macros
  • T1203 - Exploitation for Client Execution
  • T1027.004 - Compile After Delivery
  • T1059.005 - Visual Basic
MITREへのリンク →

Confucius

Score: 8.05
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1059.005 - Visual Basic
  • T1680 - Local Storage Discovery
MITREへのリンク →

Mofang

Score: 5.47
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1027.015 - Compression
MITREへのリンク →

Sidewinder

Score: 11.30
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1598.002 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1059.005 - Visual Basic
MITREへのリンク →

Elderwood

Score: 3.81
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Machete

Score: 3.72
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1059.005 - Visual Basic
MITREへのリンク →

Transparent Tribe

Score: 5.22
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1059.005 - Visual Basic
MITREへのリンク →

FIN8

Score: 7.12
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1588.003 - Code Signing Certificates
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

APT3

Score: 10.50
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1203 - Exploitation for Client Execution
  • T1078.002 - Domain Accounts
  • T1036.010 - Masquerade Account Name
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

APT1

Score: 6.43
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1588.001 - Malware
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Leviathan

Score: 16.90
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
  • T1059.005 - Visual Basic
  • T1021.001 - Remote Desktop Protocol
  • T1027.015 - Compression
MITREへのリンク →

APT33

Score: 5.22
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1059.005 - Visual Basic
MITREへのリンク →

ZIRCONIUM

Score: 7.34
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1598 - Phishing for Information
MITREへのリンク →

EXOTIC LILY

Score: 6.34
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Molerats

Score: 6.88
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1059.005 - Visual Basic
  • T1027.015 - Compression
MITREへのリンク →

Magic Hound

Score: 19.52
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1078.002 - Domain Accounts
  • T1036.010 - Masquerade Account Name
  • T1059.005 - Visual Basic
  • T1021.001 - Remote Desktop Protocol
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Windshift

Score: 6.25
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1059.005 - Visual Basic
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Cobalt Group

Score: 13.74
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1218.003 - CMSTP
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
  • T1059.005 - Visual Basic
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

TA2541

Score: 9.33
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1588.001 - Malware
  • T1059.005 - Visual Basic
  • T1027.015 - Compression
MITREへのリンク →

Earth Lusca

Score: 6.78
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1588.001 - Malware
  • T1059.005 - Visual Basic
MITREへのリンク →

Storm-1811

Score: 16.67
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.004 - Spearphishing Voice
  • T1667 - Email Bombing
  • T1036.010 - Masquerade Account Name
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Wizard Spider

Score: 15.43
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1078.002 - Domain Accounts
  • T1555.004 - Windows Credential Manager
  • T1588.003 - Code Signing Certificates
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
MITREへのリンク →

TA577

Score: 4.11
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1586.002 - Email Accounts
MITREへのリンク →

Patchwork

Score: 12.16
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1059.005 - Visual Basic
  • T1021.001 - Remote Desktop Protocol
  • T1680 - Local Storage Discovery
MITREへのリンク →

TA505

Score: 8.47
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1588.001 - Malware
  • T1078.002 - Domain Accounts
  • T1059.005 - Visual Basic
MITREへのリンク →

LazyScripter

Score: 6.18
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1588.001 - Malware
  • T1059.005 - Visual Basic
MITREへのリンク →

APT39

Score: 9.24
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1059.005 - Visual Basic
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
MITREへのリンク →

APT28

Score: 24.22
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1199 - Trusted Relationship
  • T1203 - Exploitation for Client Execution
  • T1598 - Phishing for Information
  • T1498 - Network Denial of Service
  • T1669 - Wi-Fi Networks
MITREへのリンク →

Star Blizzard

Score: 9.62
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1598.002 - Spearphishing Attachment
MITREへのリンク →

CURIUM

Score: 5.86
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Dragonfly

Score: 15.19
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1598.002 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1036.010 - Masquerade Account Name
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Tropic Trooper

Score: 5.20
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1680 - Local Storage Discovery
MITREへのリンク →

FIN6

Score: 7.44
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

BRONZE BUTLER

Score: 3.77
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1059.005 - Visual Basic
MITREへのリンク →

WIRTE

Score: 5.02
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1218.010 - Regsvr32
  • T1059.005 - Visual Basic
MITREへのリンク →

menuPass

Score: 6.74
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1199 - Trusted Relationship
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Threat Group-3390

Score: 12.89
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1199 - Trusted Relationship
  • T1203 - Exploitation for Client Execution
  • T1588.003 - Code Signing Certificates
  • T1027.015 - Compression
MITREへのリンク →

Gamaredon Group

Score: 12.90
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1027.012 - LNK Icon Smuggling
  • T1027.004 - Compile After Delivery
  • T1059.005 - Visual Basic
  • T1027.015 - Compression
MITREへのリンク →

Darkhotel

Score: 6.50
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1497.002 - User Activity Based Checks
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Inception

Score: 6.52
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
  • T1059.005 - Visual Basic
MITREへのリンク →

Ajax Security Team

Score: 3.40
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

TA551

Score: 3.62
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1218.010 - Regsvr32
MITREへのリンク →

APT41

Score: 7.88
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1203 - Exploitation for Client Execution
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
MITREへのリンク →

Higaisa

Score: 9.76
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1059.005 - Visual Basic
  • T1680 - Local Storage Discovery
  • T1027.015 - Compression
MITREへのリンク →

TA459

Score: 3.77
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1059.005 - Visual Basic
MITREへのリンク →

Naikon

Score: 3.16
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1078.002 - Domain Accounts
MITREへのリンク →

APT19

Score: 3.62
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1218.010 - Regsvr32
MITREへのリンク →

Malteiro

Score: 4.80
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1657 - Financial Theft
  • T1059.005 - Visual Basic
MITREへのリンク →

SideCopy

Score: 5.90
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1598.002 - Spearphishing Attachment
  • T1059.005 - Visual Basic
MITREへのリンク →

Andariel

Score: 4.83
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1588.001 - Malware
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT37

Score: 3.77
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1059.005 - Visual Basic
MITREへのリンク →

Silence

Score: 6.32
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1059.005 - Visual Basic
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
MITREへのリンク →

IndigoZebra

Score: 3.54
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
MITREへのリンク →

APT38

Score: 4.67
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1059.005 - Visual Basic
  • T1569.002 - Service Execution
MITREへのリンク →

PLATINUM

Score: 5.41
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1056.004 - Credential API Hooking
MITREへのリンク →

HEXANE

Score: 5.72
Matched TTPs:
  • T1586.002 - Email Accounts
  • T1059.005 - Visual Basic
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

LAPSUS$

Score: 12.00
Matched TTPs:
  • T1586.002 - Email Accounts
  • T1588.001 - Malware
  • T1204 - User Execution
  • T1199 - Trusted Relationship
MITREへのリンク →

Rocke

Score: 5.09
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Volt Typhoon

Score: 11.86
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1584.005 - Botnet
  • T1078.002 - Domain Accounts
  • T1021.001 - Remote Desktop Protocol
  • T1680 - Local Storage Discovery
MITREへのリンク →

BackdoorDiplomacy

Score: 3.93
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.001 - Malware
MITREへのリンク →

GOLD SOUTHFIELD

Score: 7.50
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1199 - Trusted Relationship
  • T1566 - Phishing
MITREへのリンク →

Medusa Group

Score: 12.58
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
  • T1218.014 - MMC
MITREへのリンク →

Sea Turtle

Score: 12.62
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1199 - Trusted Relationship
  • T1566 - Phishing
  • T1203 - Exploitation for Client Execution
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Storm-0501

Score: 6.74
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1218.010 - Regsvr32
MITREへのリンク →

Fox Kitten

Score: 3.12
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Cinnamon Tempest

Score: 6.28
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1078.002 - Domain Accounts
MITREへのリンク →

BlackByte

Score: 7.80
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1078.002 - Domain Accounts
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
MITREへのリンク →

Agrius

Score: 5.40
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1078.002 - Domain Accounts
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

ToddyCat

Score: 9.11
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1078.002 - Domain Accounts
  • T1680 - Local Storage Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Blue Mockingbird

Score: 8.26
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1218.010 - Regsvr32
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
MITREへのリンク →

INC Ransom

Score: 11.32
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1566 - Phishing
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
MITREへのリンク →

Axiom

Score: 11.52
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1584.005 - Botnet
  • T1566 - Phishing
  • T1203 - Exploitation for Client Execution
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

HAFNIUM

Score: 7.84
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1584.005 - Botnet
  • T1199 - Trusted Relationship
MITREへのリンク →

APT5

Score: 5.40
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1078.002 - Domain Accounts
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Aquatic Panda

Score: 6.39
Matched TTPs:
  • T1588.001 - Malware
  • T1078.002 - Domain Accounts
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

AppleJeus

Score: 5.81
Matched TTPs:
  • T1657 - Financial Theft
  • T1566 - Phishing
MITREへのリンク →

Akira

Score: 4.17
Matched TTPs:
  • T1657 - Financial Theft
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Chimera

Score: 9.17
Matched TTPs:
  • T1078.002 - Domain Accounts
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
  • T1680 - Local Storage Discovery
MITREへのリンク →

Stealth Falcon

Score: 3.62
Matched TTPs:
  • T1555.004 - Windows Credential Manager
MITREへのリンク →

Equation

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

Strider

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.80
Matched TTPs:
  • T1657 - Financial Theft
  • T1027.012 - LNK Icon Smuggling
  • T1566.002 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1598.003 - Spearphishing Link
  • T1586.002 - Email Accounts
  • T1587.001 - Malware
  • T1021.001 - Remote Desktop Protocol
  • T1190 - Exploit Public-Facing Application
  • T1566 - Phishing
  • T1566.001 - Spearphishing Attachment
  • T1059.005 - Visual Basic
  • T1680 - Local Storage Discovery
  • T1598 - Phishing for Information
  • T1588.003 - Code Signing Certificates
MITREへのリンク →

OilRig

Score: 0.71
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.003 - Spearphishing via Service
  • T1586.002 - Email Accounts
  • T1587.001 - Malware
  • T1555.004 - Windows Credential Manager
  • T1203 - Exploitation for Client Execution
  • T1078.002 - Domain Accounts
  • T1021.001 - Remote Desktop Protocol
  • T1059.005 - Visual Basic
  • T1566.001 - Spearphishing Attachment
  • T1137.004 - Outlook Home Page
  • T1195 - Supply Chain Compromise
  • T1588.003 - Code Signing Certificates
MITREへのリンク →

Sandworm Team

Score: 0.67
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1491.002 - External Defacement
  • T1598.003 - Spearphishing Link
  • T1587.001 - Malware
  • T1203 - Exploitation for Client Execution
  • T1078.002 - Domain Accounts
  • T1190 - Exploit Public-Facing Application
  • T1059.005 - Visual Basic
  • T1566.001 - Spearphishing Attachment
  • T1199 - Trusted Relationship
  • T1584.005 - Botnet
  • T1195 - Supply Chain Compromise
MITREへのリンク →

Mustang Panda

Score: 0.66
Matched TTPs:
  • T1027.012 - LNK Icon Smuggling
  • T1566.002 - Spearphishing Link
  • T1176.002 - IDE Extensions
  • T1598.003 - Spearphishing Link
  • T1586.002 - Email Accounts
  • T1587.001 - Malware
  • T1027.007 - Dynamic API Resolution
  • T1203 - Exploitation for Client Execution
  • T1059.005 - Visual Basic
  • T1566.001 - Spearphishing Attachment
  • T1588.003 - Code Signing Certificates
MITREへのリンク →

APT28

Score: 0.61
Matched TTPs:
  • T1669 - Wi-Fi Networks
  • T1598.003 - Spearphishing Link
  • T1586.002 - Email Accounts
  • T1203 - Exploitation for Client Execution
  • T1190 - Exploit Public-Facing Application
  • T1199 - Trusted Relationship
  • T1566.001 - Spearphishing Attachment
  • T1498 - Network Denial of Service
  • T1598 - Phishing for Information
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る