Trusted Design

NetTraveler APT Targets Russian, European Interests

概要

Throughout 2016, Proofpoint researchers tracked a cyber-espionage campaign targeting victims in Russia and neighboring countries. The actor utilizes spear phishing campaigns to deliver NetTraveler, also known as TravNet. First observed as early as 2004, NetTraveler is a Trojan used widely in targeted attacks. We believe that this attacker operates out of China. In addition to Russia, targeted regions include neighboring countries such as Mongolia, Belarus, and other European countries. The spear-phishing campaigns we detected use links to RAR-compressed executables and Microsoft Word attachments that exploit the CVE-2012-0158 vulnerability. This particular APT is targeting organizations that include weapons manufacturers, human rights activists, and pro-democracy groups, among others.

Created: 2026-02-23

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Kimsuky

Score: 75.82
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1594 - Search Victim-Owned Websites
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1040 - Network Sniffing
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1583.001 - Domains
  • T1596 - Search Open Technical Databases
  • T1593.002 - Search Engines
  • T1589.003 - Employee Names
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1534 - Internal Spearphishing
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1566 - Phishing
  • T1218.010 - Regsvr32
  • T1593.001 - Social Media
  • T1102.002 - Bidirectional Communication
  • T1598 - Phishing for Information
  • T1027.002 - Software Packing
  • T1204.001 - Malicious Link
  • T1588.005 - Exploits
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Sea Turtle

Score: 14.40
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1190 - Exploit Public-Facing Application
  • T1583.001 - Domains
  • T1199 - Trusted Relationship
  • T1588.002 - Tool
  • T1566 - Phishing
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Ember Bear

Score: 23.16
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1491.002 - External Defacement
  • T1195 - Supply Chain Compromise
  • T1190 - Exploit Public-Facing Application
  • T1595.002 - Vulnerability Scanning
  • T1588.001 - Malware
  • T1203 - Exploitation for Client Execution
  • T1588.005 - Exploits
MITREへのリンク →

Indrik Spider

Score: 8.97
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1587.001 - Malware
  • T1590 - Gather Victim Network Information
MITREへのリンク →

Agrius

Score: 4.50
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1190 - Exploit Public-Facing Application
MITREへのリンク →

Contagious Interview

Score: 37.53
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1588.007 - Artificial Intelligence
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1681 - Search Threat Vendor Data
  • T1593.003 - Code Repositories
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1593.001 - Social Media
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Sandworm Team

Score: 71.56
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1491.002 - External Defacement
  • T1594 - Search Victim-Owned Websites
  • T1587.001 - Malware
  • T1586.001 - Social Media Accounts
  • T1588.006 - Vulnerabilities
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1040 - Network Sniffing
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1190 - Exploit Public-Facing Application
  • T1583.001 - Domains
  • T1595.002 - Vulnerability Scanning
  • T1591.002 - Business Relationships
  • T1589.003 - Employee Names
  • T1584.005 - Botnet
  • T1199 - Trusted Relationship
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1592.002 - Software
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1590.001 - Domain Properties
  • T1204.001 - Malicious Link
MITREへのリンク →

Star Blizzard

Score: 17.61
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1598.002 - Spearphishing Attachment
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
MITREへのリンク →

Volt Typhoon

Score: 53.79
Matched TTPs:
  • T1592 - Gather Victim Host Information
  • T1584.008 - Network Devices
  • T1594 - Search Victim-Owned Websites
  • T1588.006 - Vulnerabilities
  • T1590.004 - Network Topology
  • T1190 - Exploit Public-Facing Application
  • T1584.005 - Botnet
  • T1591 - Gather Victim Org Information
  • T1590 - Gather Victim Network Information
  • T1069.001 - Local Groups
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1591.004 - Identify Roles
  • T1027.002 - Software Packing
  • T1518 - Software Discovery
  • T1596.005 - Scan Databases
  • T1124 - System Time Discovery
MITREへのリンク →

LAPSUS$

Score: 29.47
Matched TTPs:
  • T1597.002 - Purchase Technical Data
  • T1598.004 - Spearphishing Voice
  • T1591.002 - Business Relationships
  • T1593.003 - Code Repositories
  • T1588.001 - Malware
  • T1199 - Trusted Relationship
  • T1588.002 - Tool
  • T1589.001 - Credentials
  • T1591.004 - Identify Roles
MITREへのリンク →

Andariel

Score: 12.52
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1566.001 - Spearphishing Attachment
  • T1588.001 - Malware
  • T1592.002 - Software
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Magic Hound

Score: 34.29
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1583.001 - Domains
  • T1595.002 - Vulnerability Scanning
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1592.002 - Software
  • T1589.001 - Credentials
  • T1102.002 - Bidirectional Communication
  • T1591.001 - Determine Physical Locations
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

HAFNIUM

Score: 29.77
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1593.003 - Code Repositories
  • T1592.004 - Client Configurations
  • T1584.005 - Botnet
  • T1583.006 - Web Services
  • T1590 - Gather Victim Network Information
  • T1199 - Trusted Relationship
MITREへのリンク →

APT28

Score: 49.80
Matched TTPs:
  • T1584.008 - Network Devices
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1040 - Network Sniffing
  • T1190 - Exploit Public-Facing Application
  • T1583.001 - Domains
  • T1557.004 - Evil Twin
  • T1595.002 - Vulnerability Scanning
  • T1596 - Search Open Technical Databases
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1199 - Trusted Relationship
  • T1588.002 - Tool
  • T1589.001 - Credentials
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1598 - Phishing for Information
  • T1498 - Network Denial of Service
  • T1204.001 - Malicious Link
MITREへのリンク →

ZIRCONIUM

Score: 27.03
Matched TTPs:
  • T1584.008 - Network Devices
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1598 - Phishing for Information
  • T1027.002 - Software Packing
  • T1665 - Hide Infrastructure
  • T1204.001 - Malicious Link
  • T1124 - System Time Discovery
MITREへのリンク →

Leviathan

Score: 32.45
Matched TTPs:
  • T1584.008 - Network Devices
  • T1586.001 - Social Media Accounts
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1583.001 - Domains
  • T1595.002 - Vulnerability Scanning
  • T1102.003 - One-Way Communication
  • T1534 - Internal Spearphishing
  • T1218.010 - Regsvr32
  • T1589.001 - Credentials
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Mustard Tempest

Score: 13.86
Matched TTPs:
  • T1583.008 - Malvertising
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1608.006 - SEO Poisoning
  • T1204.001 - Malicious Link
MITREへのリンク →

Silent Librarian

Score: 11.96
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1598.003 - Spearphishing Link
  • T1583.001 - Domains
  • T1589.003 - Employee Names
  • T1588.002 - Tool
MITREへのリンク →

EXOTIC LILY

Score: 25.38
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1102 - Web Service
  • T1597 - Search Closed Sources
  • T1593.001 - Social Media
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

TA578

Score: 6.66
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN13

Score: 10.78
Matched TTPs:
  • T1587.001 - Malware
  • T1590.004 - Network Topology
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1588.002 - Tool
MITREへのリンク →

Moonstone Sleet

Score: 18.17
Matched TTPs:
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1591 - Gather Victim Org Information
  • T1598 - Phishing for Information
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Lazarus Group

Score: 25.22
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1027.007 - Dynamic API Resolution
  • T1124 - System Time Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

OilRig

Score: 27.03
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1583.001 - Domains
  • T1069.001 - Local Groups
  • T1588.002 - Tool
  • T1027.005 - Indicator Removal from Tools
  • T1203 - Exploitation for Client Execution
  • T1573.002 - Asymmetric Cryptography
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

UNC3886

Score: 20.43
Matched TTPs:
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1190 - Exploit Public-Facing Application
  • T1681 - Search Threat Vendor Data
  • T1588.001 - Malware
  • T1027.005 - Indicator Removal from Tools
  • T1203 - Exploitation for Client Execution
  • T1124 - System Time Discovery
MITREへのリンク →

LuminousMoth

Score: 10.18
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1204.001 - Malicious Link
MITREへのリンク →

Salt Typhoon

Score: 11.29
Matched TTPs:
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1590.004 - Network Topology
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
MITREへのリンク →

APT29

Score: 25.65
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1595.002 - Vulnerability Scanning
  • T1583.006 - Web Services
  • T1199 - Trusted Relationship
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1027.002 - Software Packing
  • T1665 - Hide Infrastructure
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Play

Score: 6.94
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1588.002 - Tool
MITREへのリンク →

Aoqin Dragon

Score: 6.49
Matched TTPs:
  • T1587.001 - Malware
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1027.002 - Software Packing
MITREへのリンク →

RedCurl

Score: 13.79
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1102 - Web Service
  • T1199 - Trusted Relationship
  • T1573.002 - Asymmetric Cryptography
  • T1204.001 - Malicious Link
MITREへのリンク →

Moses Staff

Score: 4.41
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
MITREへのリンク →

Turla

Score: 27.66
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1588.001 - Malware
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1069.001 - Local Groups
  • T1588.002 - Tool
  • T1584.006 - Web Services
  • T1027.005 - Indicator Removal from Tools
  • T1102.002 - Bidirectional Communication
  • T1204.001 - Malicious Link
  • T1124 - System Time Discovery
MITREへのリンク →

Ke3chang

Score: 8.26
Matched TTPs:
  • T1587.001 - Malware
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
MITREへのリンク →

Mustang Panda

Score: 33.31
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1102 - Web Service
  • T1608 - Stage Capabilities
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
  • T1027.007 - Dynamic API Resolution
  • T1204.001 - Malicious Link
MITREへのリンク →

TeamTNT

Score: 12.75
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1595.002 - Vulnerability Scanning
  • T1102 - Web Service
  • T1027.002 - Software Packing
MITREへのリンク →

FIN7

Score: 25.50
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1591.004 - Identify Roles
  • T1204.001 - Malicious Link
  • T1124 - System Time Discovery
MITREへのリンク →

Storm-0501

Score: 12.64
Matched TTPs:
  • T1588.006 - Vulnerabilities
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1218.010 - Regsvr32
  • T1027.002 - Software Packing
MITREへのリンク →

BlackTech

Score: 7.49
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

MuddyWater

Score: 14.65
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

Confucius

Score: 7.19
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Mofang

Score: 3.68
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1204.001 - Malicious Link
MITREへのリンク →

Sidewinder

Score: 16.59
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1598.002 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
  • T1204.001 - Malicious Link
  • T1124 - System Time Discovery
MITREへのリンク →

Elderwood

Score: 7.23
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1027.002 - Software Packing
  • T1204.001 - Malicious Link
MITREへのリンク →

Machete

Score: 3.68
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1204.001 - Malicious Link
MITREへのリンク →

Transparent Tribe

Score: 6.69
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1583.001 - Domains
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN8

Score: 9.80
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1573.002 - Asymmetric Cryptography
  • T1204.001 - Malicious Link
MITREへのリンク →

APT32

Score: 19.25
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

APT3

Score: 9.50
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1027.005 - Indicator Removal from Tools
  • T1203 - Exploitation for Client Execution
  • T1027.002 - Software Packing
  • T1204.001 - Malicious Link
MITREへのリンク →

APT1

Score: 7.15
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1583.001 - Domains
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

APT33

Score: 13.19
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1040 - Network Sniffing
  • T1552.006 - Group Policy Preferences
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Molerats

Score: 3.68
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1204.001 - Malicious Link
MITREへのリンク →

Windshift

Score: 8.95
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1518 - Software Discovery
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Cobalt Group

Score: 11.52
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
  • T1573.002 - Asymmetric Cryptography
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN4

Score: 3.68
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1204.001 - Malicious Link
MITREへのリンク →

TA2541

Score: 17.29
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1573.002 - Asymmetric Cryptography
  • T1027.002 - Software Packing
  • T1204.001 - Malicious Link
MITREへのリンク →

Earth Lusca

Score: 19.30
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1583.001 - Domains
  • T1595.002 - Vulnerability Scanning
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1584.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

Storm-1811

Score: 10.87
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1583.001 - Domains
  • T1588.002 - Tool
  • T1566.004 - Spearphishing Voice
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Wizard Spider

Score: 8.66
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1552.006 - Group Policy Preferences
  • T1588.002 - Tool
  • T1204.001 - Malicious Link
MITREへのリンク →

Patchwork

Score: 16.97
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1027.005 - Indicator Removal from Tools
  • T1203 - Exploitation for Client Execution
  • T1027.002 - Software Packing
  • T1204.001 - Malicious Link
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

TA505

Score: 12.53
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1027.002 - Software Packing
  • T1204.001 - Malicious Link
MITREへのリンク →

LazyScripter

Score: 14.17
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1588.001 - Malware
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

APT42

Score: 11.06
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1573.002 - Asymmetric Cryptography
MITREへのリンク →

APT39

Score: 10.45
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1027.002 - Software Packing
  • T1204.001 - Malicious Link
MITREへのリンク →

Scattered Spider

Score: 17.38
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1583.001 - Domains
  • T1598.004 - Spearphishing Voice
  • T1588.001 - Malware
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1598 - Phishing for Information
MITREへのリンク →

CURIUM

Score: 13.59
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1583.001 - Domains
  • T1584.006 - Web Services
  • T1124 - System Time Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Dragonfly

Score: 18.72
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1583.001 - Domains
  • T1595.002 - Vulnerability Scanning
  • T1591.002 - Business Relationships
  • T1598.002 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Saint Bear

Score: 9.77
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1027.002 - Software Packing
  • T1204.001 - Malicious Link
MITREへのリンク →

Tropic Trooper

Score: 7.86
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1573.002 - Asymmetric Cryptography
  • T1518 - Software Discovery
MITREへのリンク →

FIN6

Score: 9.52
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1573.002 - Asymmetric Cryptography
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

admin@338

Score: 5.52
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1069.001 - Local Groups
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

BRONZE BUTLER

Score: 11.84
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
  • T1124 - System Time Discovery
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

WIRTE

Score: 4.47
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
MITREへのリンク →

menuPass

Score: 7.46
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1583.001 - Domains
  • T1199 - Trusted Relationship
  • T1588.002 - Tool
MITREへのリンク →

Threat Group-3390

Score: 17.11
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1583.001 - Domains
  • T1608.002 - Upload Tool
  • T1199 - Trusted Relationship
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1027.002 - Software Packing
MITREへのリンク →

Gamaredon Group

Score: 21.26
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1102.003 - One-Way Communication
  • T1534 - Internal Spearphishing
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1204.001 - Malicious Link
MITREへのリンク →

Darkhotel

Score: 4.96
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1124 - System Time Discovery
MITREへのリンク →

BITTER

Score: 6.71
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Inception

Score: 11.23
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

Ajax Security Team

Score: 3.40
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

TA551

Score: 3.62
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1218.010 - Regsvr32
MITREへのリンク →

RTM

Score: 4.16
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

APT41

Score: 20.88
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1595.002 - Vulnerability Scanning
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1595.003 - Wordlist Scanning
  • T1027.002 - Software Packing
  • T1596.005 - Scan Databases
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Winter Vivern

Score: 15.97
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1583.001 - Domains
  • T1595.002 - Vulnerability Scanning
  • T1056.003 - Web Portal Capture
  • T1584.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

Higaisa

Score: 4.96
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1124 - System Time Discovery
MITREへのリンク →

APT12

Score: 4.77
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT19

Score: 4.47
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
MITREへのリンク →

Ferocious Kitten

Score: 3.24
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1583.001 - Domains
  • T1588.002 - Tool
MITREへのリンク →

Malteiro

Score: 3.40
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1657 - Financial Theft
MITREへのリンク →

SideCopy

Score: 9.22
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1598.002 - Spearphishing Attachment
  • T1518 - Software Discovery
MITREへのリンク →

Tonto Team

Score: 5.52
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1069.001 - Local Groups
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT37

Score: 4.77
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

IndigoZebra

Score: 5.25
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1588.002 - Tool
MITREへのリンク →

APT38

Score: 6.65
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1583.001 - Domains
  • T1588.002 - Tool
  • T1027.002 - Software Packing
  • T1204.001 - Malicious Link
MITREへのリンク →

The White Company

Score: 7.01
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1027.002 - Software Packing
  • T1124 - System Time Discovery
MITREへのリンク →

APT5

Score: 5.31
Matched TTPs:
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
MITREへのリンク →

Velvet Ant

Score: 5.78
Matched TTPs:
  • T1040 - Network Sniffing
  • T1573.002 - Asymmetric Cryptography
MITREへのリンク →

DarkVishnya

Score: 3.88
Matched TTPs:
  • T1040 - Network Sniffing
  • T1588.002 - Tool
MITREへのリンク →

BlackByte

Score: 3.44
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
MITREへのリンク →

HEXANE

Score: 19.88
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1534 - Internal Spearphishing
  • T1069.001 - Local Groups
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1591.004 - Identify Roles
  • T1518 - Software Discovery
MITREへのリンク →

Rocke

Score: 9.33
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1102 - Web Service
  • T1027.002 - Software Packing
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

BackdoorDiplomacy

Score: 4.78
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

GOLD SOUTHFIELD

Score: 7.50
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1199 - Trusted Relationship
  • T1566 - Phishing
MITREへのリンク →

Medusa Group

Score: 20.32
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1608.002 - Upload Tool
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1573.002 - Asymmetric Cryptography
  • T1650 - Acquire Access
  • T1027.002 - Software Packing
MITREへのリンク →

Fox Kitten

Score: 3.99
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1102 - Web Service
MITREへのリンク →

Cinnamon Tempest

Score: 4.84
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1588.002 - Tool
MITREへのリンク →

ToddyCat

Score: 3.99
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Blue Mockingbird

Score: 5.07
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
MITREへのリンク →

GALLIUM

Score: 7.52
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1027.005 - Indicator Removal from Tools
  • T1027.002 - Software Packing
MITREへのリンク →

Volatile Cedar

Score: 8.19
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1595.002 - Vulnerability Scanning
  • T1595.003 - Wordlist Scanning
MITREへのリンク →

INC Ransom

Score: 8.13
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1566 - Phishing
MITREへのリンク →

Axiom

Score: 14.41
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1584.005 - Botnet
  • T1566 - Phishing
  • T1203 - Exploitation for Client Execution
  • T1001.002 - Steganography
MITREへのリンク →

RedEcho

Score: 4.26
Matched TTPs:
  • T1583.001 - Domains
  • T1573.002 - Asymmetric Cryptography
MITREへのリンク →

MoustachedBouncer

Score: 6.59
Matched TTPs:
  • T1659 - Content Injection
  • T1027.002 - Software Packing
MITREへのリンク →

Aquatic Panda

Score: 5.90
Matched TTPs:
  • T1595.002 - Vulnerability Scanning
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

Metador

Score: 3.31
Matched TTPs:
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

AppleJeus

Score: 5.81
Matched TTPs:
  • T1657 - Financial Theft
  • T1566 - Phishing
MITREへのリンク →

POLONIUM

Score: 8.01
Matched TTPs:
  • T1583.006 - Web Services
  • T1199 - Trusted Relationship
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

Chimera

Score: 10.03
Matched TTPs:
  • T1069.001 - Local Groups
  • T1588.002 - Tool
  • T1589.001 - Credentials
  • T1124 - System Time Discovery
MITREへのリンク →

Carbanak

Score: 3.25
Matched TTPs:
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

Deep Panda

Score: 5.90
Matched TTPs:
  • T1027.005 - Indicator Removal from Tools
  • T1218.010 - Regsvr32
MITREへのリンク →

Dark Caracal

Score: 4.58
Matched TTPs:
  • T1027.002 - Software Packing
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.83
Matched TTPs:
  • T1040 - Network Sniffing
  • T1027.002 - Software Packing
  • T1596 - Search Open Technical Databases
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1587.001 - Malware
  • T1583 - Acquire Infrastructure
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1593.002 - Search Engines
  • T1598 - Phishing for Information
  • T1534 - Internal Spearphishing
  • T1657 - Financial Theft
  • T1102.001 - Dead Drop Resolver
  • T1102.002 - Bidirectional Communication
  • T1589.003 - Employee Names
  • T1588.005 - Exploits
  • T1583.006 - Web Services
  • T1566.002 - Spearphishing Link
  • T1593.001 - Social Media
  • T1598.003 - Spearphishing Link
  • T1204.001 - Malicious Link
  • T1218.010 - Regsvr32
  • T1594 - Search Victim-Owned Websites
  • T1583.001 - Domains
  • T1190 - Exploit Public-Facing Application
  • T1566 - Phishing
  • T1591 - Gather Victim Org Information
MITREへのリンク →

Sandworm Team

Score: 0.82
Matched TTPs:
  • T1040 - Network Sniffing
  • T1586.001 - Social Media Accounts
  • T1588.006 - Vulnerabilities
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1595.002 - Vulnerability Scanning
  • T1587.001 - Malware
  • T1491.002 - External Defacement
  • T1583 - Acquire Infrastructure
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1592.002 - Software
  • T1584.005 - Botnet
  • T1102.002 - Bidirectional Communication
  • T1589.003 - Employee Names
  • T1591.002 - Business Relationships
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1590.001 - Domain Properties
  • T1199 - Trusted Relationship
  • T1204.001 - Malicious Link
  • T1594 - Search Victim-Owned Websites
  • T1195 - Supply Chain Compromise
  • T1583.001 - Domains
  • T1190 - Exploit Public-Facing Application
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Volt Typhoon

Score: 0.63
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1590 - Gather Victim Network Information
  • T1590.004 - Network Topology
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1027.002 - Software Packing
  • T1124 - System Time Discovery
  • T1592 - Gather Victim Host Information
  • T1069.001 - Local Groups
  • T1596.005 - Scan Databases
  • T1190 - Exploit Public-Facing Application
  • T1591.004 - Identify Roles
  • T1588.006 - Vulnerabilities
  • T1584.008 - Network Devices
  • T1584.005 - Botnet
  • T1591 - Gather Victim Org Information
  • T1518 - Software Discovery
MITREへのリンク →

APT28

Score: 0.63
Matched TTPs:
  • T1040 - Network Sniffing
  • T1596 - Search Open Technical Databases
  • T1584.008 - Network Devices
  • T1566.001 - Spearphishing Attachment
  • T1557.004 - Evil Twin
  • T1595.002 - Vulnerability Scanning
  • T1588.002 - Tool
  • T1598 - Phishing for Information
  • T1102.002 - Bidirectional Communication
  • T1583.006 - Web Services
  • T1598.003 - Spearphishing Link
  • T1199 - Trusted Relationship
  • T1204.001 - Malicious Link
  • T1589.001 - Credentials
  • T1498 - Network Denial of Service
  • T1583.001 - Domains
  • T1190 - Exploit Public-Facing Application
  • T1203 - Exploitation for Client Execution
  • T1591 - Gather Victim Org Information
MITREへのリンク →

Related CVEs

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る