Trusted Design

FBI Flash MC-000070-MW

概要

This report is an update to the FLASH released on 18 February 2016, Alert Number MC-000068-MW. Cyber criminals continue to use the ransomware MSIL/Samas.A to encrypt an infected host’s files, allowing them to demand considerable sums of money in return for decryption keys. Actor(s) attempt to infect whole networks with MSIL/Samas.A, increasing the potential of extorting large sums of money from victims. The common method of payment for ransom is Bitcoin (BTC). This update is to provide information about the vulnerabilities and exploits used by the actor(s) for initial intrusion into victim networks.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

Jaff Ransomware and Suspicious PDF Delivery (score: 0.65)
Necurs Botnet Fuels Massive Spam Campaigns Spreading Jaff Ransomware (score: 0.65)
Samas Ransomware (score: 0.65)
Locky Ransomware Spreads via Flash and Windows Kernel Exploits (score: 0.65)
Targeted ransomware campaign (score: 0.64)

このPulseに関連する脅威アクター (事実ベース)

FIN6

Score: 4.53

Matched TTPs:

T1560.003 - Archive via Custom Method
T1070.004 - File Deletion

MITREへのリンク →

CopyKittens

Score: 3.15

Matched TTPs:

T1560.003 - Archive via Custom Method

MITREへのリンク →

Mustang Panda

Score: 8.60

Matched TTPs:

T1560.003 - Archive via Custom Method
T1587.001 - Malware
T1608.001 - Upload Malware
T1070.004 - File Deletion

MITREへのリンク →

Kimsuky

Score: 16.73

Matched TTPs:

T1560.003 - Archive via Custom Method
T1587.001 - Malware
T1608.001 - Upload Malware
T1190 - Exploit Public-Facing Application
T1657 - Financial Theft
T1070.004 - File Deletion
T1588.005 - Exploits

MITREへのリンク →

UNC3886

Score: 8.10

Matched TTPs:

T1560.003 - Archive via Custom Method
T1587.001 - Malware
T1190 - Exploit Public-Facing Application
T1070.004 - File Deletion

MITREへのリンク →

Lotus Blossom

Score: 3.15

Matched TTPs:

T1560.003 - Archive via Custom Method

MITREへのリンク →

Lazarus Group

Score: 6.63

Matched TTPs:

T1560.003 - Archive via Custom Method
T1587.001 - Malware
T1070.004 - File Deletion

MITREへのリンク →

Mustard Tempest

Score: 6.51

Matched TTPs:

T1583.008 - Malvertising
T1608.001 - Upload Malware

MITREへのリンク →

OilRig

Score: 9.07

Matched TTPs:

T1025 - Data from Removable Media
T1587.001 - Malware
T1608.001 - Upload Malware
T1070.004 - File Deletion

MITREへのリンク →

Gamaredon Group

Score: 10.13

Matched TTPs:

T1025 - Data from Removable Media
T1608.001 - Upload Malware
T1070.004 - File Deletion
T1027.015 - Compression

MITREへのリンク →

APT28

Score: 14.86

Matched TTPs:

T1025 - Data from Removable Media
T1190 - Exploit Public-Facing Application
T1048.002 - Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
T1070.004 - File Deletion
T1669 - Wi-Fi Networks

MITREへのリンク →

Turla

Score: 5.72

Matched TTPs:

T1025 - Data from Removable Media
T1587.001 - Malware

MITREへのリンク →

FIN13

Score: 6.09

Matched TTPs:

T1587.001 - Malware
T1190 - Exploit Public-Facing Application
T1657 - Financial Theft

MITREへのリンク →

Moonstone Sleet

Score: 9.69

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1217 - Browser Information Discovery
T1486 - Data Encrypted for Impact

MITREへのリンク →

Indrik Spider

Score: 4.44

Matched TTPs:

T1587.001 - Malware
T1486 - Data Encrypted for Impact

MITREへのリンク →

Contagious Interview

Score: 7.97

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1657 - Financial Theft
T1070.004 - File Deletion

MITREへのリンク →

LuminousMoth

Score: 4.07

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware

MITREへのリンク →

Sandworm Team

Score: 9.26

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1190 - Exploit Public-Facing Application
T1486 - Data Encrypted for Impact
T1070.004 - File Deletion

MITREへのリンク →

Salt Typhoon

Score: 3.57

Matched TTPs:

T1587.001 - Malware
T1190 - Exploit Public-Facing Application

MITREへのリンク →

APT29

Score: 9.48

Matched TTPs:

T1587.001 - Malware
T1190 - Exploit Public-Facing Application
T1090.004 - Domain Fronting
T1070.004 - File Deletion

MITREへのリンク →

Play

Score: 7.47

Matched TTPs:

T1587.001 - Malware
T1190 - Exploit Public-Facing Application
T1657 - Financial Theft
T1070.004 - File Deletion

MITREへのリンク →

RedCurl

Score: 3.48

Matched TTPs:

T1587.001 - Malware
T1070.004 - File Deletion

MITREへのリンク →

Moses Staff

Score: 3.57

Matched TTPs:

T1587.001 - Malware
T1190 - Exploit Public-Facing Application

MITREへのリンク →

Ke3chang

Score: 7.41

Matched TTPs:

T1587.001 - Malware
T1583.005 - Botnet
T1190 - Exploit Public-Facing Application

MITREへのリンク →

TeamTNT

Score: 5.45

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1070.004 - File Deletion

MITREへのリンク →

FIN7

Score: 12.42

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1190 - Exploit Public-Facing Application
T1674 - Input Injection
T1486 - Data Encrypted for Impact

MITREへのリンク →

HAFNIUM

Score: 5.31

Matched TTPs:

T1583.005 - Botnet
T1190 - Exploit Public-Facing Application

MITREへのリンク →

APT5

Score: 6.70

Matched TTPs:

T1583.005 - Botnet
T1190 - Exploit Public-Facing Application
T1070.004 - File Deletion

MITREへのリンク →

TA2541

Score: 5.12

Matched TTPs:

T1608.001 - Upload Malware
T1027.015 - Compression

MITREへのリンク →

Earth Lusca

Score: 3.44

Matched TTPs:

T1608.001 - Upload Malware
T1190 - Exploit Public-Facing Application

MITREへのリンク →

Threat Group-3390

Score: 7.98

Matched TTPs:

T1608.001 - Upload Malware
T1190 - Exploit Public-Facing Application
T1070.004 - File Deletion
T1027.015 - Compression

MITREへのリンク →

SideCopy

Score: 6.11

Matched TTPs:

T1608.001 - Upload Malware
T1614 - System Location Discovery

MITREへのリンク →

TA505

Score: 4.31

Matched TTPs:

T1608.001 - Upload Malware
T1486 - Data Encrypted for Impact

MITREへのリンク →

BlackByte

Score: 7.16

Matched TTPs:

T1608.001 - Upload Malware
T1190 - Exploit Public-Facing Application
T1486 - Data Encrypted for Impact
T1070.004 - File Deletion

MITREへのリンク →

APT32

Score: 3.35

Matched TTPs:

T1608.001 - Upload Malware
T1070.004 - File Deletion

MITREへのリンク →

Volt Typhoon

Score: 10.27

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1217 - Browser Information Discovery
T1614 - System Location Discovery
T1070.004 - File Deletion

MITREへのリンク →

Ember Bear

Score: 6.98

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1070.004 - File Deletion
T1588.005 - Exploits

MITREへのリンク →

Magic Hound

Score: 5.19

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1486 - Data Encrypted for Impact
T1070.004 - File Deletion

MITREへのリンク →

Medusa Group

Score: 16.79

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1657 - Financial Theft
T1486 - Data Encrypted for Impact
T1650 - Acquire Access
T1070.004 - File Deletion
T1218.014 - MMC

MITREへのリンク →

Storm-0501

Score: 6.33

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1657 - Financial Theft
T1486 - Data Encrypted for Impact

MITREへのリンク →

Fox Kitten

Score: 4.76

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1217 - Browser Information Discovery

MITREへのリンク →

Cinnamon Tempest

Score: 3.99

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1657 - Financial Theft

MITREへのリンク →

Leviathan

Score: 4.62

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1027.015 - Compression

MITREへのリンク →

INC Ransom

Score: 7.71

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1657 - Financial Theft
T1486 - Data Encrypted for Impact
T1070.004 - File Deletion

MITREへのリンク →

Axiom

Score: 6.01

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1001.002 - Steganography

MITREへのリンク →

APT41

Score: 5.19

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1486 - Data Encrypted for Impact
T1070.004 - File Deletion

MITREへのリンク →

APT38

Score: 7.01

Matched TTPs:

T1217 - Browser Information Discovery
T1486 - Data Encrypted for Impact
T1070.004 - File Deletion

MITREへのリンク →

Scattered Spider

Score: 8.15

Matched TTPs:

T1217 - Browser Information Discovery
T1657 - Financial Theft
T1486 - Data Encrypted for Impact

MITREへのリンク →

Chimera

Score: 4.67

Matched TTPs:

T1217 - Browser Information Discovery
T1070.004 - File Deletion

MITREへのリンク →

Akira

Score: 4.86

Matched TTPs:

T1657 - Financial Theft
T1486 - Data Encrypted for Impact

MITREへのリンク →

Water Galura

Score: 4.86

Matched TTPs:

T1657 - Financial Theft
T1486 - Data Encrypted for Impact

MITREへのリンク →

CURIUM

Score: 3.84

Matched TTPs:

T1048.002 - Exfiltration Over Asymmetric Encrypted Non-C2 Protocol

MITREへのリンク →

Storm-1811

Score: 6.19

Matched TTPs:

T1048.002 - Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
T1486 - Data Encrypted for Impact

MITREへのリンク →

FIN8

Score: 3.72

Matched TTPs:

T1486 - Data Encrypted for Impact
T1070.004 - File Deletion

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

PLATINUM

Score: 4.54

Matched TTPs:

T1056.004 - Credential API Hooking

MITREへのリンク →

Molerats

Score: 3.15

Matched TTPs:

T1027.015 - Compression

MITREへのリンク →

Higaisa

Score: 3.15

Matched TTPs:

T1027.015 - Compression

MITREへのリンク →

Mofang

Score: 3.15

Matched TTPs:

T1027.015 - Compression

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Medusa Group

Score: 0.85

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1070.004 - File Deletion
T1218.014 - MMC
T1657 - Financial Theft
T1486 - Data Encrypted for Impact
T1650 - Acquire Access

MITREへのリンク →

Kimsuky

Score: 0.81

Matched TTPs:

T1560.003 - Archive via Custom Method
T1588.005 - Exploits
T1587.001 - Malware
T1190 - Exploit Public-Facing Application
T1070.004 - File Deletion
T1657 - Financial Theft
T1608.001 - Upload Malware

MITREへのリンク →

APT28

Score: 0.73

Matched TTPs:

T1048.002 - Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
T1190 - Exploit Public-Facing Application
T1025 - Data from Removable Media
T1070.004 - File Deletion
T1669 - Wi-Fi Networks

MITREへのリンク →

FIN7

Score: 0.69

Matched TTPs:

T1587.001 - Malware
T1190 - Exploit Public-Facing Application
T1486 - Data Encrypted for Impact
T1674 - Input Injection
T1608.001 - Upload Malware

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る