Andromeda Botnet Targets Italy in Recent Spam Campaigns
概要
Over the past month, Palo Alto Networks has observed two spam campaigns targeting users residing in Italy. The spam emails attempt to install the pervasive Andromeda malware onto victim machines. This malware has been around since 2011 and shows no signs of stopping. Compromised hosts cause a victim’s machine to be attached to the Andromeda botnet, giving attackers the ability to push plugins or additional malware onto these machines.
Created: 2026-02-23
Indicators
類似Pulses
このPulseに関連する脅威アクター (事実ベース)
Score: 12.11
Matched TTPs:
- T1564.008 - Email Hiding Rules
- T1621 - Multi-Factor Authentication Request Generation
- T1556.009 - Conditional Access Policies
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1564.008 - Email Hiding Rules
MITREへのリンク →
Score: 7.10
Matched TTPs:
- T1489 - Service Stop
- T1027.002 - Software Packing
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 19.60
Matched TTPs:
- T1489 - Service Stop
- T1102.002 - Bidirectional Communication
- T1584.004 - Server
- T1046 - Network Service Discovery
- T1027.007 - Dynamic API Resolution
- T1564.001 - Hidden Files and Directories
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 12.14
Matched TTPs:
- T1489 - Service Stop
- T1584.005 - Botnet
- T1102.002 - Bidirectional Communication
- T1584.004 - Server
MITREへのリンク →
Score: 7.13
Matched TTPs:
- T1489 - Service Stop
- T1621 - Multi-Factor Authentication Request Generation
MITREへのリンク →
Score: 6.12
Matched TTPs:
- T1489 - Service Stop
- T1584.004 - Server
MITREへのリンク →
Score: 10.42
Matched TTPs:
- T1584.005 - Botnet
- T1564.001 - Hidden Files and Directories
- T1550.001 - Application Access Token
MITREへのリンク →
Score: 14.41
Matched TTPs:
- T1584.005 - Botnet
- T1614 - System Location Discovery
- T1027.002 - Software Packing
- T1584.004 - Server
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 17.50
Matched TTPs:
- T1621 - Multi-Factor Authentication Request Generation
- T1090.004 - Domain Fronting
- T1651 - Cloud Administration Command
- T1027.002 - Software Packing
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 4.45
Matched TTPs:
- T1102.002 - Bidirectional Communication
- T1027.002 - Software Packing
MITREへのリンク →
Score: 6.22
Matched TTPs:
- T1102.002 - Bidirectional Communication
- T1027.002 - Software Packing
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 6.69
Matched TTPs:
- T1102.002 - Bidirectional Communication
- T1046 - Network Service Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 5.23
Matched TTPs:
- T1102.002 - Bidirectional Communication
- T1584.004 - Server
MITREへのリンク →
Score: 5.06
Matched TTPs:
- T1102.002 - Bidirectional Communication
- T1564.001 - Hidden Files and Directories
MITREへのリンク →
Score: 13.73
Matched TTPs:
- T1102.002 - Bidirectional Communication
- T1564.001 - Hidden Files and Directories
- T1550.001 - Application Access Token
- T1669 - Wi-Fi Networks
MITREへのリンク →
Score: 4.45
Matched TTPs:
- T1102.002 - Bidirectional Communication
- T1027.002 - Software Packing
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1614 - System Location Discovery
MITREへのリンク →
Score: 6.19
Matched TTPs:
- T1556.009 - Conditional Access Policies
- T1027.002 - Software Packing
MITREへのリンク →
Score: 3.82
Matched TTPs:
- T1027.002 - Software Packing
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 4.58
Matched TTPs:
- T1027.002 - Software Packing
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 3.82
Matched TTPs:
- T1027.002 - Software Packing
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 6.48
Matched TTPs:
- T1027.002 - Software Packing
- T1046 - Network Service Discovery
- T1564.001 - Hidden Files and Directories
MITREへのリンク →
Score: 3.82
Matched TTPs:
- T1027.002 - Software Packing
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 8.56
Matched TTPs:
- T1046 - Network Service Discovery
- T1027.007 - Dynamic API Resolution
- T1564.001 - Hidden Files and Directories
MITREへのリンク →
Score: 4.43
Matched TTPs:
- T1046 - Network Service Discovery
- T1564.001 - Hidden Files and Directories
MITREへのリンク →
Score: 4.29
Matched TTPs:
- T1046 - Network Service Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 4.43
Matched TTPs:
- T1046 - Network Service Discovery
- T1564.001 - Hidden Files and Directories
MITREへのリンク →
Score: 4.43
Matched TTPs:
- T1046 - Network Service Discovery
- T1564.001 - Hidden Files and Directories
MITREへのリンク →
Score: 4.29
Matched TTPs:
- T1046 - Network Service Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 4.43
Matched TTPs:
- T1046 - Network Service Discovery
- T1564.001 - Hidden Files and Directories
MITREへのリンク →
このPulseに関連する脅威アクター (推論ベース)
Score: 0.78
Matched TTPs:
- T1046 - Network Service Discovery
- T1489 - Service Stop
- T1102.002 - Bidirectional Communication
- T1564.001 - Hidden Files and Directories
- T1566.003 - Spearphishing via Service
- T1584.004 - Server
- T1027.007 - Dynamic API Resolution
MITREへのリンク →
Score: 0.70
Matched TTPs:
- T1027.002 - Software Packing
- T1621 - Multi-Factor Authentication Request Generation
- T1566.003 - Spearphishing via Service
- T1651 - Cloud Administration Command
- T1090.004 - Domain Fronting
MITREへのリンク →
Score: 0.62
Matched TTPs:
- T1584.005 - Botnet
- T1027.002 - Software Packing
- T1046 - Network Service Discovery
- T1614 - System Location Discovery
- T1584.004 - Server
MITREへのリンク →
Score: 0.59
Matched TTPs:
- T1550.001 - Application Access Token
- T1669 - Wi-Fi Networks
- T1564.001 - Hidden Files and Directories
- T1102.002 - Bidirectional Communication
MITREへのリンク →
Related CVEs
このPulseに見つかったCVEはありません。
Pulse – 脅威アクター グラフ
← Pulse一覧に戻る
Trusted Design