Trusted Design

Threat Spotlight: Spin to Win...Malware

概要

The threat landscape is ever changing and adversaries are always working to find more efficient ways to compromise users. One of the many ways that users are driven to malicious content is through malicious advertisements known as malvertising. Talos has been monitoring several large-scale malvertising campaigns, how the initial exploit occur, and the payloads that are downloaded as a result.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Lazarus Group

Score: 39.72
Matched TTPs:
  • T1027.009 - Embedded Payloads
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1574.001 - DLL
  • T1010 - Application Window Discovery
  • T1583.006 - Web Services
  • T1491.001 - Internal Defacement
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1012 - Query Registry
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1027.007 - Dynamic API Resolution
  • T1564.001 - Hidden Files and Directories
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

TA577

Score: 6.65
Matched TTPs:
  • T1027.009 - Embedded Payloads
  • T1566.002 - Spearphishing Link
  • T1204.001 - Malicious Link
MITREへのリンク →

Moonstone Sleet

Score: 19.26
Matched TTPs:
  • T1027.009 - Embedded Payloads
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1195.002 - Compromise Software Supply Chain
  • T1598 - Phishing for Information
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Volt Typhoon

Score: 34.99
Matched TTPs:
  • T1592 - Gather Victim Host Information
  • T1584.008 - Network Devices
  • T1069 - Permission Groups Discovery
  • T1010 - Application Window Discovery
  • T1584.005 - Botnet
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1012 - Query Registry
  • T1584.004 - Server
  • T1518 - Software Discovery
  • T1596.005 - Scan Databases
MITREへのリンク →

LAPSUS$

Score: 23.80
Matched TTPs:
  • T1597.002 - Purchase Technical Data
  • T1598.004 - Spearphishing Voice
  • T1591.002 - Business Relationships
  • T1588.001 - Malware
  • T1204 - User Execution
  • T1588.002 - Tool
  • T1213.005 - Messaging Applications
MITREへのリンク →

Contagious Interview

Score: 40.40
Matched TTPs:
  • T1588.007 - Artificial Intelligence
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1681 - Search Threat Vendor Data
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1593.001 - Social Media
  • T1543.001 - Launch Agent
  • T1204.004 - Malicious Copy and Paste
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Ember Bear

Score: 24.97
Matched TTPs:
  • T1491.002 - External Defacement
  • T1195 - Supply Chain Compromise
  • T1036 - Masquerading
  • T1595.002 - Vulnerability Scanning
  • T1588.001 - Malware
  • T1203 - Exploitation for Client Execution
  • T1595.001 - Scanning IP Blocks
  • T1588.005 - Exploits
MITREへのリンク →

Sandworm Team

Score: 55.86
Matched TTPs:
  • T1491.002 - External Defacement
  • T1587.001 - Malware
  • T1586.001 - Social Media Accounts
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1036 - Masquerading
  • T1595.002 - Vulnerability Scanning
  • T1591.002 - Business Relationships
  • T1584.005 - Botnet
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1592.002 - Software
  • T1195.002 - Compromise Software Supply Chain
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1499 - Endpoint Denial of Service
  • T1584.004 - Server
  • T1204.001 - Malicious Link
MITREへのリンク →

Winnti Group

Score: 3.29
Matched TTPs:
  • T1014 - Rootkit
MITREへのリンク →

APT41

Score: 29.95
Matched TTPs:
  • T1014 - Rootkit
  • T1069 - Permission Groups Discovery
  • T1574.001 - DLL
  • T1595.002 - Vulnerability Scanning
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1595.003 - Wordlist Scanning
  • T1012 - Query Registry
  • T1596.005 - Scan Databases
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Rocke

Score: 15.38
Matched TTPs:
  • T1014 - Rootkit
  • T1102 - Web Service
  • T1027.004 - Compile After Delivery
  • T1564.001 - Hidden Files and Directories
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

TeamTNT

Score: 18.79
Matched TTPs:
  • T1014 - Rootkit
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1595.002 - Vulnerability Scanning
  • T1102 - Web Service
  • T1595.001 - Scanning IP Blocks
MITREへのリンク →

APT28

Score: 42.93
Matched TTPs:
  • T1014 - Rootkit
  • T1584.008 - Network Devices
  • T1598.003 - Spearphishing Link
  • T1036 - Masquerading
  • T1595.002 - Vulnerability Scanning
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1598 - Phishing for Information
  • T1189 - Drive-by Compromise
  • T1498 - Network Denial of Service
  • T1564.001 - Hidden Files and Directories
  • T1204.001 - Malicious Link
  • T1550.001 - Application Access Token
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

UNC3886

Score: 13.47
Matched TTPs:
  • T1014 - Rootkit
  • T1587.001 - Malware
  • T1681 - Search Threat Vendor Data
  • T1588.001 - Malware
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

ZIRCONIUM

Score: 21.16
Matched TTPs:
  • T1584.008 - Network Devices
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1036 - Masquerading
  • T1583.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1012 - Query Registry
  • T1598 - Phishing for Information
  • T1204.001 - Malicious Link
MITREへのリンク →

Leviathan

Score: 23.38
Matched TTPs:
  • T1584.008 - Network Devices
  • T1586.001 - Social Media Accounts
  • T1566.002 - Spearphishing Link
  • T1595.002 - Vulnerability Scanning
  • T1102.003 - One-Way Communication
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1204.001 - Malicious Link
MITREへのリンク →

Mustard Tempest

Score: 18.66
Matched TTPs:
  • T1583.008 - Malvertising
  • T1566.002 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1189 - Drive-by Compromise
  • T1608.006 - SEO Poisoning
  • T1204.001 - Malicious Link
MITREへのリンク →

Scattered Spider

Score: 27.12
Matched TTPs:
  • T1069 - Permission Groups Discovery
  • T1598.003 - Spearphishing Link
  • T1598.004 - Spearphishing Voice
  • T1588.001 - Malware
  • T1657 - Financial Theft
  • T1204 - User Execution
  • T1588.002 - Tool
  • T1598 - Phishing for Information
  • T1213.005 - Messaging Applications
MITREへのリンク →

TA505

Score: 15.22
Matched TTPs:
  • T1069 - Permission Groups Discovery
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1553.005 - Mark-of-the-Web Bypass
  • T1588.002 - Tool
  • T1204.001 - Malicious Link
MITREへのリンク →

APT3

Score: 9.32
Matched TTPs:
  • T1069 - Permission Groups Discovery
  • T1566.002 - Spearphishing Link
  • T1574.001 - DLL
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN13

Score: 15.34
Matched TTPs:
  • T1069 - Permission Groups Discovery
  • T1587.001 - Malware
  • T1574.001 - DLL
  • T1036 - Masquerading
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Kimsuky

Score: 53.54
Matched TTPs:
  • T1587.001 - Malware
  • T1176.001 - Browser Extensions
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1593.002 - Search Engines
  • T1657 - Financial Theft
  • T1027.012 - LNK Icon Smuggling
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1566 - Phishing
  • T1593.001 - Social Media
  • T1102.002 - Bidirectional Communication
  • T1012 - Query Registry
  • T1598 - Phishing for Information
  • T1204.001 - Malicious Link
  • T1588.005 - Exploits
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Indrik Spider

Score: 7.16
Matched TTPs:
  • T1587.001 - Malware
  • T1012 - Query Registry
  • T1584.004 - Server
MITREへのリンク →

OilRig

Score: 27.29
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1137.004 - Outlook Home Page
  • T1573.002 - Asymmetric Cryptography
  • T1012 - Query Registry
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

LuminousMoth

Score: 17.62
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1574.001 - DLL
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1564.001 - Hidden Files and Directories
  • T1204.001 - Malicious Link
MITREへのリンク →

APT29

Score: 26.38
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1595.002 - Vulnerability Scanning
  • T1553.005 - Mark-of-the-Web Bypass
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
  • T1027.006 - HTML Smuggling
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Play

Score: 5.47
Matched TTPs:
  • T1587.001 - Malware
  • T1657 - Financial Theft
  • T1588.002 - Tool
MITREへのリンク →

Aoqin Dragon

Score: 6.62
Matched TTPs:
  • T1587.001 - Malware
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

RedCurl

Score: 20.41
Matched TTPs:
  • T1587.001 - Malware
  • T1080 - Taint Shared Content
  • T1566.002 - Spearphishing Link
  • T1102 - Web Service
  • T1056.002 - GUI Input Capture
  • T1573.002 - Asymmetric Cryptography
  • T1564.001 - Hidden Files and Directories
  • T1204.001 - Malicious Link
MITREへのリンク →

Turla

Score: 25.60
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1588.001 - Malware
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1584.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1012 - Query Registry
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1204.001 - Malicious Link
MITREへのリンク →

Ke3chang

Score: 10.41
Matched TTPs:
  • T1587.001 - Malware
  • T1583.005 - Botnet
  • T1588.002 - Tool
  • T1614.001 - System Language Discovery
MITREへのリンク →

Mustang Panda

Score: 43.70
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1574.001 - DLL
  • T1608.001 - Upload Malware
  • T1102 - Web Service
  • T1608 - Stage Capabilities
  • T1027.012 - LNK Icon Smuggling
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1678 - Delay Execution
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
  • T1027.007 - Dynamic API Resolution
  • T1564.001 - Hidden Files and Directories
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN7

Score: 29.43
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1674 - Input Injection
  • T1583.006 - Web Services
  • T1497.002 - User Activity Based Checks
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1102.002 - Bidirectional Communication
  • T1564.001 - Hidden Files and Directories
  • T1204.001 - Malicious Link
MITREへのリンク →

Darkhotel

Score: 10.83
Matched TTPs:
  • T1080 - Taint Shared Content
  • T1497.002 - User Activity Based Checks
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Gamaredon Group

Score: 36.77
Matched TTPs:
  • T1080 - Taint Shared Content
  • T1608.001 - Upload Malware
  • T1102 - Web Service
  • T1027.012 - LNK Icon Smuggling
  • T1583.006 - Web Services
  • T1491.001 - Internal Defacement
  • T1102.003 - One-Way Communication
  • T1588.002 - Tool
  • T1001 - Data Obfuscation
  • T1102.002 - Bidirectional Communication
  • T1012 - Query Registry
  • T1027.004 - Compile After Delivery
  • T1204.001 - Malicious Link
MITREへのリンク →

BRONZE BUTLER

Score: 17.50
Matched TTPs:
  • T1080 - Taint Shared Content
  • T1574.001 - DLL
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1518 - Software Discovery
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Cinnamon Tempest

Score: 8.55
Matched TTPs:
  • T1080 - Taint Shared Content
  • T1574.001 - DLL
  • T1657 - Financial Theft
  • T1588.002 - Tool
MITREへのリンク →

BlackTech

Score: 6.88
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1574.001 - DLL
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

MuddyWater

Score: 17.66
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1574.001 - DLL
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1027.004 - Compile After Delivery
  • T1518 - Software Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

Confucius

Score: 6.31
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Sidewinder

Score: 14.86
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1574.001 - DLL
  • T1598.002 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

Elderwood

Score: 6.07
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Machete

Score: 4.57
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Transparent Tribe

Score: 11.77
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1564.001 - Hidden Files and Directories
  • T1204.001 - Malicious Link
MITREへのリンク →

Evilnum

Score: 4.54
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1574.001 - DLL
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN8

Score: 8.93
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1573.002 - Asymmetric Cryptography
  • T1204.001 - Malicious Link
MITREへのリンク →

APT32

Score: 27.74
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1574.001 - DLL
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1012 - Query Registry
  • T1189 - Drive-by Compromise
  • T1564.001 - Hidden Files and Directories
  • T1204.001 - Malicious Link
MITREへのリンク →

APT1

Score: 4.75
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

APT33

Score: 5.15
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

EXOTIC LILY

Score: 15.16
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1102 - Web Service
  • T1593.001 - Social Media
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Magic Hound

Score: 24.87
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1595.002 - Vulnerability Scanning
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1573 - Encrypted Channel
  • T1592.002 - Software
  • T1102.002 - Bidirectional Communication
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Windshift

Score: 12.03
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1036 - Masquerading
  • T1189 - Drive-by Compromise
  • T1518 - Software Discovery
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Cobalt Group

Score: 10.82
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1573.002 - Asymmetric Cryptography
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN4

Score: 6.94
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1056.002 - GUI Input Capture
  • T1204.001 - Malicious Link
MITREへのリンク →

TA2541

Score: 12.85
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1573.002 - Asymmetric Cryptography
  • T1204.001 - Malicious Link
MITREへのリンク →

Earth Lusca

Score: 22.65
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1574.001 - DLL
  • T1608.001 - Upload Malware
  • T1595.002 - Vulnerability Scanning
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1204.001 - Malicious Link
MITREへのリンク →

Storm-1811

Score: 17.82
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1574.001 - DLL
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1566.004 - Spearphishing Voice
  • T1667 - Email Bombing
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Wizard Spider

Score: 3.66
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1588.002 - Tool
  • T1204.001 - Malicious Link
MITREへのリンク →

Patchwork

Score: 14.39
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1574.001 - DLL
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

LazyScripter

Score: 13.96
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1588.001 - Malware
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

APT42

Score: 9.54
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1573.002 - Asymmetric Cryptography
MITREへのリンク →

APT39

Score: 8.29
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1012 - Query Registry
  • T1204.001 - Malicious Link
MITREへのリンク →

Silent Librarian

Score: 3.31
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1588.002 - Tool
MITREへのリンク →

Star Blizzard

Score: 12.19
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1598.002 - Spearphishing Attachment
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
MITREへのリンク →

CURIUM

Score: 13.40
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Dragonfly

Score: 27.66
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1595.002 - Vulnerability Scanning
  • T1591.002 - Business Relationships
  • T1598.002 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1012 - Query Registry
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
MITREへのリンク →

Chimera

Score: 4.82
Matched TTPs:
  • T1574.001 - DLL
  • T1588.002 - Tool
  • T1012 - Query Registry
MITREへのリンク →

Velvet Ant

Score: 8.61
Matched TTPs:
  • T1574.001 - DLL
  • T1573.002 - Asymmetric Cryptography
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

RTM

Score: 6.79
Matched TTPs:
  • T1574.001 - DLL
  • T1189 - Drive-by Compromise
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Tonto Team

Score: 3.23
Matched TTPs:
  • T1574.001 - DLL
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Aquatic Panda

Score: 7.63
Matched TTPs:
  • T1574.001 - DLL
  • T1595.002 - Vulnerability Scanning
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

Higaisa

Score: 3.23
Matched TTPs:
  • T1574.001 - DLL
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Tropic Trooper

Score: 15.01
Matched TTPs:
  • T1574.001 - DLL
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
  • T1573.002 - Asymmetric Cryptography
  • T1518 - Software Discovery
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

SideCopy

Score: 10.08
Matched TTPs:
  • T1574.001 - DLL
  • T1608.001 - Upload Malware
  • T1598.002 - Spearphishing Attachment
  • T1518 - Software Discovery
MITREへのリンク →

Daggerfly

Score: 12.86
Matched TTPs:
  • T1574.001 - DLL
  • T1195.002 - Compromise Software Supply Chain
  • T1012 - Query Registry
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1204.001 - Malicious Link
MITREへのリンク →

Threat Group-3390

Score: 20.15
Matched TTPs:
  • T1574.001 - DLL
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1608.002 - Upload Tool
  • T1588.002 - Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1012 - Query Registry
  • T1189 - Drive-by Compromise
MITREへのリンク →

BackdoorDiplomacy

Score: 5.04
Matched TTPs:
  • T1574.001 - DLL
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

APT19

Score: 4.35
Matched TTPs:
  • T1574.001 - DLL
  • T1588.002 - Tool
  • T1189 - Drive-by Compromise
MITREへのリンク →

menuPass

Score: 4.77
Matched TTPs:
  • T1574.001 - DLL
  • T1036 - Masquerading
  • T1588.002 - Tool
MITREへのリンク →

HAFNIUM

Score: 20.82
Matched TTPs:
  • T1583.005 - Botnet
  • T1592.004 - Client Configurations
  • T1584.005 - Botnet
  • T1583.006 - Web Services
  • T1564.001 - Hidden Files and Directories
  • T1550.001 - Application Access Token
MITREへのリンク →

APT5

Score: 3.84
Matched TTPs:
  • T1583.005 - Botnet
MITREへのリンク →

APT38

Score: 12.36
Matched TTPs:
  • T1565.003 - Runtime Data Manipulation
  • T1553.005 - Mark-of-the-Web Bypass
  • T1588.002 - Tool
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

BlackByte

Score: 11.67
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1491.001 - Internal Defacement
  • T1614.001 - System Language Discovery
  • T1012 - Query Registry
MITREへのリンク →

BITTER

Score: 7.94
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

HEXANE

Score: 11.81
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1010 - Application Window Discovery
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1518 - Software Discovery
MITREへのリンク →

Saint Bear

Score: 6.84
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Winter Vivern

Score: 11.53
Matched TTPs:
  • T1036 - Masquerading
  • T1595.002 - Vulnerability Scanning
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

PLATINUM

Score: 3.95
Matched TTPs:
  • T1036 - Masquerading
  • T1189 - Drive-by Compromise
MITREへのリンク →

MoustachedBouncer

Score: 4.54
Matched TTPs:
  • T1659 - Content Injection
MITREへのリンク →

Medusa Group

Score: 21.34
Matched TTPs:
  • T1608.002 - Upload Tool
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1573.002 - Asymmetric Cryptography
  • T1650 - Acquire Access
  • T1218.014 - MMC
MITREへのリンク →

Volatile Cedar

Score: 6.72
Matched TTPs:
  • T1595.002 - Vulnerability Scanning
  • T1595.003 - Wordlist Scanning
MITREへのリンク →

Metador

Score: 3.31
Matched TTPs:
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

Andariel

Score: 9.56
Matched TTPs:
  • T1588.001 - Malware
  • T1592.002 - Software
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Axiom

Score: 14.70
Matched TTPs:
  • T1584.005 - Botnet
  • T1566 - Phishing
  • T1553 - Subvert Trust Controls
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Inception

Score: 7.61
Matched TTPs:
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

FIN6

Score: 8.64
Matched TTPs:
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1573.002 - Asymmetric Cryptography
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Fox Kitten

Score: 8.60
Matched TTPs:
  • T1102 - Web Service
  • T1012 - Query Registry
  • T1213.005 - Messaging Applications
MITREへのリンク →

INC Ransom

Score: 6.66
Matched TTPs:
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1566 - Phishing
MITREへのリンク →

Malteiro

Score: 6.14
Matched TTPs:
  • T1657 - Financial Theft
  • T1614.001 - System Language Discovery
MITREへのリンク →

Storm-0501

Score: 6.14
Matched TTPs:
  • T1657 - Financial Theft
  • T1614.001 - System Language Discovery
MITREへのリンク →

AppleJeus

Score: 5.81
Matched TTPs:
  • T1657 - Financial Theft
  • T1566 - Phishing
MITREへのリンク →

POLONIUM

Score: 5.26
Matched TTPs:
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

TA578

Score: 3.37
Matched TTPs:
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

Sea Turtle

Score: 9.25
Matched TTPs:
  • T1588.002 - Tool
  • T1566 - Phishing
  • T1203 - Exploitation for Client Execution
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Lotus Blossom

Score: 3.08
Matched TTPs:
  • T1588.002 - Tool
  • T1012 - Query Registry
MITREへのリンク →

Carbanak

Score: 3.25
Matched TTPs:
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

GOLD SOUTHFIELD

Score: 6.21
Matched TTPs:
  • T1566 - Phishing
  • T1195.002 - Compromise Software Supply Chain
MITREへのリンク →

APT37

Score: 5.66
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

APT12

Score: 3.89
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Dark Caracal

Score: 4.29
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Windigo

Score: 4.51
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1518 - Software Discovery
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Sandworm Team

Score: 0.82
Matched TTPs:
  • T1204.001 - Malicious Link
  • T1584.005 - Botnet
  • T1499 - Endpoint Denial of Service
  • T1588.002 - Tool
  • T1598.003 - Spearphishing Link
  • T1593 - Search Open Websites/Domains
  • T1102.002 - Bidirectional Communication
  • T1584.004 - Server
  • T1591.002 - Business Relationships
  • T1595.002 - Vulnerability Scanning
  • T1608.001 - Upload Malware
  • T1566.002 - Spearphishing Link
  • T1592.002 - Software
  • T1491.002 - External Defacement
  • T1195.002 - Compromise Software Supply Chain
  • T1587.001 - Malware
  • T1203 - Exploitation for Client Execution
  • T1195 - Supply Chain Compromise
  • T1036 - Masquerading
  • T1586.001 - Social Media Accounts
MITREへのリンク →

Kimsuky

Score: 0.76
Matched TTPs:
  • T1204.001 - Malicious Link
  • T1588.002 - Tool
  • T1598.003 - Spearphishing Link
  • T1593 - Search Open Websites/Domains
  • T1102.002 - Bidirectional Communication
  • T1593.001 - Social Media
  • T1566 - Phishing
  • T1598 - Phishing for Information
  • T1027.012 - LNK Icon Smuggling
  • T1012 - Query Registry
  • T1593.002 - Search Engines
  • T1583.006 - Web Services
  • T1608.001 - Upload Malware
  • T1588.005 - Exploits
  • T1566.002 - Spearphishing Link
  • T1176.001 - Browser Extensions
  • T1102.001 - Dead Drop Resolver
  • T1657 - Financial Theft
  • T1587.001 - Malware
MITREへのリンク →

APT28

Score: 0.66
Matched TTPs:
  • T1204.001 - Malicious Link
  • T1014 - Rootkit
  • T1583.006 - Web Services
  • T1595.002 - Vulnerability Scanning
  • T1102.002 - Bidirectional Communication
  • T1498 - Network Denial of Service
  • T1598.003 - Spearphishing Link
  • T1189 - Drive-by Compromise
  • T1550.001 - Application Access Token
  • T1211 - Exploitation for Defense Evasion
  • T1203 - Exploitation for Client Execution
  • T1588.002 - Tool
  • T1598 - Phishing for Information
  • T1564.001 - Hidden Files and Directories
  • T1036 - Masquerading
  • T1584.008 - Network Devices
MITREへのリンク →

Mustang Panda

Score: 0.64
Matched TTPs:
  • T1204.001 - Malicious Link
  • T1583.006 - Web Services
  • T1574.001 - DLL
  • T1593 - Search Open Websites/Domains
  • T1608 - Stage Capabilities
  • T1518 - Software Discovery
  • T1564.001 - Hidden Files and Directories
  • T1608.001 - Upload Malware
  • T1027.012 - LNK Icon Smuggling
  • T1027.007 - Dynamic API Resolution
  • T1587.001 - Malware
  • T1678 - Delay Execution
  • T1566.002 - Spearphishing Link
  • T1588.002 - Tool
  • T1102 - Web Service
  • T1203 - Exploitation for Client Execution
  • T1598.003 - Spearphishing Link
MITREへのリンク →

Contagious Interview

Score: 0.61
Matched TTPs:
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1657 - Financial Theft
  • T1588.007 - Artificial Intelligence
  • T1593.001 - Social Media
  • T1608.001 - Upload Malware
  • T1543.001 - Launch Agent
  • T1587.001 - Malware
  • T1204.004 - Malicious Copy and Paste
  • T1588.002 - Tool
  • T1681 - Search Threat Vendor Data
  • T1036 - Masquerading
MITREへのリンク →

Lazarus Group

Score: 0.59
Matched TTPs:
  • T1566.003 - Spearphishing via Service
  • T1583.006 - Web Services
  • T1574.001 - DLL
  • T1102.002 - Bidirectional Communication
  • T1010 - Application Window Discovery
  • T1189 - Drive-by Compromise
  • T1027.009 - Embedded Payloads
  • T1027.007 - Dynamic API Resolution
  • T1587.001 - Malware
  • T1584.004 - Server
  • T1566.002 - Spearphishing Link
  • T1588.002 - Tool
  • T1564.001 - Hidden Files and Directories
  • T1203 - Exploitation for Client Execution
  • T1012 - Query Registry
  • T1491.001 - Internal Defacement
MITREへのリンク →

Gamaredon Group

Score: 0.55
Matched TTPs:
  • T1204.001 - Malicious Link
  • T1583.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1027.004 - Compile After Delivery
  • T1001 - Data Obfuscation
  • T1608.001 - Upload Malware
  • T1102.003 - One-Way Communication
  • T1588.002 - Tool
  • T1102 - Web Service
  • T1027.012 - LNK Icon Smuggling
  • T1012 - Query Registry
  • T1080 - Taint Shared Content
  • T1491.001 - Internal Defacement
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る