Trusted Design

New purchasing Order.doc Banking Trojan

概要

Signatures Starts servers listening on 0.0.0.0:17438 File has been identified by at least one AntiVirus on VirusTotal as malicious Performs some HTTP requests A process attempted to delay the analysis task by a long amount of time. Tries to unhook Windows functions monitored by Cuckoo Steals private information from local Internet browsers Collects information to fingerprint the system (MachineGuid, DigitalProductId, SystemBiosDate) Creates Zeus (Banking Trojan) mutexes Operates on local firewall's policies and settings Installs itself for autorun at Windows startup

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Turla

Score: 27.36
Matched TTPs:
  • T1564.012 - File/Path Exclusions
  • T1016.001 - Internet Connection Discovery
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1553.006 - Code Signing Policy Modification
  • T1562.001 - Disable or Modify Tools
  • T1027.005 - Indicator Removal from Tools
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1124 - System Time Discovery
  • T1078.003 - Local Accounts
MITREへのリンク →

Magic Hound

Score: 7.45
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1562.001 - Disable or Modify Tools
  • T1189 - Drive-by Compromise
MITREへのリンク →

APT29

Score: 13.14
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1090.004 - Domain Fronting
  • T1027.002 - Software Packing
  • T1078.003 - Local Accounts
MITREへのリンク →

Gamaredon Group

Score: 8.83
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1562.001 - Disable or Modify Tools
  • T1027.015 - Compression
MITREへのリンク →

TA2541

Score: 10.88
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1562.001 - Disable or Modify Tools
  • T1027.002 - Software Packing
  • T1027.015 - Compression
MITREへのリンク →

Lotus Blossom

Score: 4.68
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1543.003 - Windows Service
MITREへのリンク →

FIN13

Score: 3.88
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1036.005 - Match Legitimate Resource Name or Location
MITREへのリンク →

HAFNIUM

Score: 5.41
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1078.003 - Local Accounts
MITREへのリンク →

Volt Typhoon

Score: 29.18
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1218 - System Binary Proxy Execution
  • T1217 - Browser Information Discovery
  • T1552.004 - Private Keys
  • T1614 - System Location Discovery
  • T1027.002 - Software Packing
  • T1584.004 - Server
  • T1680 - Local Storage Discovery
  • T1124 - System Time Discovery
MITREへのリンク →

FIN8

Score: 5.90
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1588.003 - Code Signing Certificates
MITREへのリンク →

TeamTNT

Score: 13.19
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1543.003 - Windows Service
  • T1552.004 - Private Keys
  • T1562.001 - Disable or Modify Tools
  • T1027.002 - Software Packing
  • T1680 - Local Storage Discovery
MITREへのリンク →

BRONZE BUTLER

Score: 7.29
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1562.001 - Disable or Modify Tools
  • T1189 - Drive-by Compromise
  • T1124 - System Time Discovery
MITREへのリンク →

APT41

Score: 7.06
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1543.003 - Windows Service
  • T1553.002 - Code Signing
  • T1027.002 - Software Packing
MITREへのリンク →

Indrik Spider

Score: 9.61
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1562.001 - Disable or Modify Tools
  • T1136 - Create Account
  • T1584.004 - Server
MITREへのリンク →

FIN7

Score: 14.80
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1543.003 - Windows Service
  • T1553.002 - Code Signing
  • T1674 - Input Injection
  • T1124 - System Time Discovery
  • T1078.003 - Local Accounts
MITREへのリンク →

MuddyWater

Score: 7.07
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1218.003 - CMSTP
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Patchwork

Score: 12.88
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1553.002 - Code Signing
  • T1027.005 - Indicator Removal from Tools
  • T1189 - Drive-by Compromise
  • T1027.002 - Software Packing
  • T1680 - Local Storage Discovery
MITREへのリンク →

Earth Lusca

Score: 12.21
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1543.003 - Windows Service
  • T1547.012 - Print Processors
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
MITREへのリンク →

RedCurl

Score: 5.27
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1056.002 - GUI Input Capture
MITREへのリンク →

Chimera

Score: 9.85
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1217 - Browser Information Discovery
  • T1680 - Local Storage Discovery
  • T1124 - System Time Discovery
MITREへのリンク →

Aquatic Panda

Score: 4.87
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1543.003 - Windows Service
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

APT32

Score: 10.79
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1543.003 - Windows Service
  • T1036.003 - Rename Legitimate Utilities
  • T1189 - Drive-by Compromise
  • T1078.003 - Local Accounts
MITREへのリンク →

Ke3chang

Score: 3.07
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1543.003 - Windows Service
MITREへのリンク →

Tropic Trooper

Score: 8.57
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1543.003 - Windows Service
  • T1680 - Local Storage Discovery
  • T1078.003 - Local Accounts
MITREへのリンク →

PROMETHIUM

Score: 9.44
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1543.003 - Windows Service
  • T1553.002 - Code Signing
  • T1189 - Drive-by Compromise
  • T1078.003 - Local Accounts
MITREへのリンク →

LuminousMoth

Score: 3.07
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1553.002 - Code Signing
MITREへのリンク →

OilRig

Score: 11.31
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1543.003 - Windows Service
  • T1553.002 - Code Signing
  • T1027.005 - Indicator Removal from Tools
  • T1588.003 - Code Signing Certificates
MITREへのリンク →

Machete

Score: 6.19
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1218.007 - Msiexec
  • T1189 - Drive-by Compromise
MITREへのリンク →

Carbanak

Score: 3.07
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1543.003 - Windows Service
MITREへのリンク →

Lazarus Group

Score: 32.41
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1543.003 - Windows Service
  • T1553.002 - Code Signing
  • T1218 - System Binary Proxy Execution
  • T1574.013 - KernelCallbackTable
  • T1562.001 - Disable or Modify Tools
  • T1036.003 - Rename Legitimate Utilities
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1680 - Local Storage Discovery
  • T1124 - System Time Discovery
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Darkhotel

Score: 7.43
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1553.002 - Code Signing
  • T1189 - Drive-by Compromise
  • T1124 - System Time Discovery
MITREへのリンク →

Blue Mockingbird

Score: 7.61
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1543.003 - Windows Service
  • T1574.012 - COR_PROFILER
MITREへのリンク →

Sidewinder

Score: 3.73
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1124 - System Time Discovery
MITREへのリンク →

menuPass

Score: 6.36
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1553.002 - Code Signing
  • T1036.003 - Rename Legitimate Utilities
MITREへのリンク →

APT39

Score: 7.32
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1553.006 - Code Signing Policy Modification
  • T1027.002 - Software Packing
MITREへのリンク →

Velvet Ant

Score: 5.60
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1562.001 - Disable or Modify Tools
  • T1078.003 - Local Accounts
MITREへのリンク →

Kimsuky

Score: 17.51
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1543.003 - Windows Service
  • T1553.002 - Code Signing
  • T1562.001 - Disable or Modify Tools
  • T1027.002 - Software Packing
  • T1588.003 - Code Signing Certificates
  • T1680 - Local Storage Discovery
  • T1078.003 - Local Accounts
MITREへのリンク →

Silence

Score: 3.07
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1553.002 - Code Signing
MITREへのリンク →

Fox Kitten

Score: 4.42
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1217 - Browser Information Discovery
MITREへのリンク →

ToddyCat

Score: 3.97
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1680 - Local Storage Discovery
MITREへのリンク →

SideCopy

Score: 5.27
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1614 - System Location Discovery
MITREへのリンク →

Mustang Panda

Score: 10.76
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1553.002 - Code Signing
  • T1678 - Delay Execution
  • T1588.003 - Code Signing Certificates
MITREへのリンク →

Sandworm Team

Score: 3.97
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1584.004 - Server
MITREへのリンク →

Rocke

Score: 8.43
Matched TTPs:
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1552.004 - Private Keys
  • T1562.001 - Disable or Modify Tools
  • T1027.002 - Software Packing
MITREへのリンク →

Medusa Group

Score: 15.88
Matched TTPs:
  • T1543.003 - Windows Service
  • T1553.002 - Code Signing
  • T1562.001 - Disable or Modify Tools
  • T1027.002 - Software Packing
  • T1529 - System Shutdown/Reboot
  • T1218.014 - MMC
MITREへのリンク →

APT38

Score: 30.10
Matched TTPs:
  • T1543.003 - Windows Service
  • T1218.007 - Msiexec
  • T1480.002 - Mutual Exclusion
  • T1217 - Browser Information Discovery
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1562.001 - Disable or Modify Tools
  • T1036.003 - Rename Legitimate Utilities
  • T1189 - Drive-by Compromise
  • T1027.002 - Software Packing
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Wizard Spider

Score: 8.82
Matched TTPs:
  • T1543.003 - Windows Service
  • T1553.002 - Code Signing
  • T1562.001 - Disable or Modify Tools
  • T1588.003 - Code Signing Certificates
MITREへのリンク →

BlackByte

Score: 3.73
Matched TTPs:
  • T1543.003 - Windows Service
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

APT19

Score: 3.70
Matched TTPs:
  • T1543.003 - Windows Service
  • T1189 - Drive-by Compromise
MITREへのリンク →

Threat Group-3390

Score: 12.06
Matched TTPs:
  • T1543.003 - Windows Service
  • T1189 - Drive-by Compromise
  • T1027.002 - Software Packing
  • T1588.003 - Code Signing Certificates
  • T1027.015 - Compression
MITREへのリンク →

APT3

Score: 7.14
Matched TTPs:
  • T1543.003 - Windows Service
  • T1027.005 - Indicator Removal from Tools
  • T1027.002 - Software Packing
MITREへのリンク →

Agrius

Score: 3.73
Matched TTPs:
  • T1543.003 - Windows Service
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Cobalt Group

Score: 6.07
Matched TTPs:
  • T1543.003 - Windows Service
  • T1218.003 - CMSTP
MITREへのリンク →

Scattered Spider

Score: 18.43
Matched TTPs:
  • T1553.002 - Code Signing
  • T1217 - Browser Information Discovery
  • T1552.004 - Private Keys
  • T1562.001 - Disable or Modify Tools
  • T1556.009 - Conditional Access Policies
  • T1136 - Create Account
MITREへのリンク →

GALLIUM

Score: 10.43
Matched TTPs:
  • T1553.002 - Code Signing
  • T1027.005 - Indicator Removal from Tools
  • T1036.003 - Rename Legitimate Utilities
  • T1027.002 - Software Packing
MITREへのリンク →

Saint Bear

Score: 5.79
Matched TTPs:
  • T1553.002 - Code Signing
  • T1562.001 - Disable or Modify Tools
  • T1027.002 - Software Packing
MITREへのリンク →

Molerats

Score: 8.37
Matched TTPs:
  • T1553.002 - Code Signing
  • T1218.007 - Msiexec
  • T1027.015 - Compression
MITREへのリンク →

Leviathan

Score: 9.69
Matched TTPs:
  • T1553.002 - Code Signing
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1027.015 - Compression
MITREへのリンク →

FIN6

Score: 3.73
Matched TTPs:
  • T1553.002 - Code Signing
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

TA505

Score: 9.07
Matched TTPs:
  • T1553.002 - Code Signing
  • T1218.007 - Msiexec
  • T1562.001 - Disable or Modify Tools
  • T1027.002 - Software Packing
MITREへのリンク →

Daggerfly

Score: 9.82
Matched TTPs:
  • T1553.002 - Code Signing
  • T1036.003 - Rename Legitimate Utilities
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
MITREへのリンク →

Rancor

Score: 3.29
Matched TTPs:
  • T1218.007 - Msiexec
MITREへのリンク →

ZIRCONIUM

Score: 7.93
Matched TTPs:
  • T1218.007 - Msiexec
  • T1027.002 - Software Packing
  • T1124 - System Time Discovery
MITREへのリンク →

Moonstone Sleet

Score: 3.29
Matched TTPs:
  • T1217 - Browser Information Discovery
MITREへのリンク →

Storm-0501

Score: 9.62
Matched TTPs:
  • T1552.004 - Private Keys
  • T1556.009 - Conditional Access Policies
  • T1027.002 - Software Packing
MITREへのリンク →

FIN4

Score: 4.13
Matched TTPs:
  • T1056.002 - GUI Input Capture
MITREへのリンク →

UNC3886

Score: 7.54
Matched TTPs:
  • T1562.001 - Disable or Modify Tools
  • T1027.005 - Indicator Removal from Tools
  • T1124 - System Time Discovery
MITREへのリンク →

Play

Score: 4.46
Matched TTPs:
  • T1562.001 - Disable or Modify Tools
  • T1078.003 - Local Accounts
MITREへのリンク →

Deep Panda

Score: 3.15
Matched TTPs:
  • T1027.005 - Indicator Removal from Tools
MITREへのリンク →

APT37

Score: 9.52
Matched TTPs:
  • T1036.001 - Invalid Code Signature
  • T1189 - Drive-by Compromise
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Windshift

Score: 5.90
Matched TTPs:
  • T1036.001 - Invalid Code Signature
  • T1189 - Drive-by Compromise
MITREへのリンク →

Sea Turtle

Score: 7.20
Matched TTPs:
  • T1608.003 - Install Digital Certificate
  • T1078.003 - Local Accounts
MITREへのリンク →

PLATINUM

Score: 6.30
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1056.004 - Credential API Hooking
MITREへのリンク →

Dragonfly

Score: 4.60
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
MITREへのリンク →

Dark Caracal

Score: 3.82
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1027.002 - Software Packing
MITREへのリンク →

Elderwood

Score: 3.82
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1027.002 - Software Packing
MITREへのリンク →

CURIUM

Score: 4.36
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1124 - System Time Discovery
MITREへのリンク →

The White Company

Score: 4.65
Matched TTPs:
  • T1027.002 - Software Packing
  • T1124 - System Time Discovery
MITREへのリンク →

Equation

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

Strider

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

Salt Typhoon

Score: 3.84
Matched TTPs:
  • T1136 - Create Account
MITREへのリンク →

BlackTech

Score: 3.15
Matched TTPs:
  • T1588.003 - Code Signing Certificates
MITREへのリンク →

Higaisa

Score: 8.58
Matched TTPs:
  • T1680 - Local Storage Discovery
  • T1124 - System Time Discovery
  • T1027.015 - Compression
MITREへのリンク →

Mofang

Score: 3.15
Matched TTPs:
  • T1027.015 - Compression
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Lazarus Group

Score: 0.77
Matched TTPs:
  • T1562.001 - Disable or Modify Tools
  • T1218 - System Binary Proxy Execution
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1189 - Drive-by Compromise
  • T1680 - Local Storage Discovery
  • T1124 - System Time Discovery
  • T1584.004 - Server
  • T1543.003 - Windows Service
  • T1574.013 - KernelCallbackTable
  • T1553.002 - Code Signing
  • T1036.003 - Rename Legitimate Utilities
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

APT38

Score: 0.75
Matched TTPs:
  • T1562.001 - Disable or Modify Tools
  • T1189 - Drive-by Compromise
  • T1480.002 - Mutual Exclusion
  • T1027.002 - Software Packing
  • T1218.007 - Msiexec
  • T1543.003 - Windows Service
  • T1217 - Browser Information Discovery
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1036.003 - Rename Legitimate Utilities
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Volt Typhoon

Score: 0.69
Matched TTPs:
  • T1218 - System Binary Proxy Execution
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1124 - System Time Discovery
  • T1614 - System Location Discovery
  • T1584.004 - Server
  • T1552.004 - Private Keys
  • T1027.002 - Software Packing
  • T1217 - Browser Information Discovery
  • T1680 - Local Storage Discovery
  • T1016.001 - Internet Connection Discovery
MITREへのリンク →

Turla

Score: 0.69
Matched TTPs:
  • T1562.001 - Disable or Modify Tools
  • T1124 - System Time Discovery
  • T1036.005 - Match Legitimate Resource Name or Location
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1027.005 - Indicator Removal from Tools
  • T1553.006 - Code Signing Policy Modification
  • T1078.003 - Local Accounts
  • T1564.012 - File/Path Exclusions
  • T1016.001 - Internet Connection Discovery
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る