Trusted Design

ESET | Malicious scripts gaining prevalence in Brazil

概要

BY MATÍAS POROLLI POSTED 19 JUL 2016 - 02:30PM | let’s take a look at the top 10 threat detections in Brazil for the first five months of 2016. The most prevalent one is a generic detection of obfuscated scripts. Even though the final payload may vary, below we will see a connection between this kind of detection and banking trojans. Although we will not elaborate on the other nine threats in this article, it is worth noting the many different programming languages and platforms that are being used in attacks that target Brazil today. Name of the Threat Level of Prevalence VBS/Obfuscated.G 10.52% JS/Danger.ScriptAttachment 4.60% VBS/Kryptik.FN 3.50% Win32/Toptools.A 3.09% JS/TrojanDownloader.Iframe.NKE 2.66% Java/TrojanDownloader.Banload.AK 2.24% Java/TrojanDownloader.Banload.AE 2.18% Win32/Toptools.D 2.18% JS/Adware.Agent.L 2.09% JS/Toolbar.Crossrider.G 2.06%

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Turla

Score: 12.61
Matched TTPs:
  • T1056.001 - Keylogging
  • T1606.002 - SAML Tokens
  • T1059.010 - AutoHotKey & AutoIT
  • T1601.001 - Patch System Image
  • T1059.012 - Hypervisor CLI
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Kimsuky

Score: 11.84
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.001 - Malware
  • T1601.001 - Patch System Image
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

FIN13

Score: 8.01
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1059.010 - AutoHotKey & AutoIT
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.001 - Malware
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Moonstone Sleet

Score: 8.94
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1547.013 - XDG Autostart Entries
  • T1547.008 - LSASS Driver
MITREへのリンク →

Lazarus Group

Score: 16.45
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1059.010 - AutoHotKey & AutoIT
  • T1588.001 - Malware
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1547.013 - XDG Autostart Entries
  • T1055.005 - Thread Local Storage
  • T1547.008 - LSASS Driver
MITREへのリンク →

Contagious Interview

Score: 17.13
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1091 - Replication Through Removable Media
  • T1021.006 - Windows Remote Management
  • T1059.006 - Python
  • T1601.001 - Patch System Image
  • T1547.008 - LSASS Driver
MITREへのリンク →

OilRig

Score: 14.27
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1005 - Data from Local System
  • T1218.010 - Regsvr32
  • T1547.013 - XDG Autostart Entries
  • T1547.008 - LSASS Driver
MITREへのリンク →

UNC3886

Score: 11.29
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1140 - Deobfuscate/Decode Files or Information
  • T1021.006 - Windows Remote Management
  • T1588.001 - Malware
  • T1218.010 - Regsvr32
MITREへのリンク →

LuminousMoth

Score: 4.85
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1091 - Replication Through Removable Media
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Sandworm Team

Score: 18.93
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1005 - Data from Local System
  • T1140 - Deobfuscate/Decode Files or Information
  • T1187 - Forced Authentication
  • T1218.010 - Regsvr32
  • T1601.001 - Patch System Image
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Salt Typhoon

Score: 3.57
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1140 - Deobfuscate/Decode Files or Information
MITREへのリンク →

APT29

Score: 8.36
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1140 - Deobfuscate/Decode Files or Information
  • T1218.010 - Regsvr32
  • T1547.013 - XDG Autostart Entries
  • T1547.008 - LSASS Driver
MITREへのリンク →

Play

Score: 6.21
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1140 - Deobfuscate/Decode Files or Information
  • T1601.001 - Patch System Image
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Aoqin Dragon

Score: 3.59
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1218.010 - Regsvr32
MITREへのリンク →

Moses Staff

Score: 4.34
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1140 - Deobfuscate/Decode Files or Information
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Ke3chang

Score: 9.53
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1059.010 - AutoHotKey & AutoIT
  • T1140 - Deobfuscate/Decode Files or Information
  • T1102.002 - Bidirectional Communication
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Mustang Panda

Score: 12.04
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1218.010 - Regsvr32
  • T1547.013 - XDG Autostart Entries
  • T1055.005 - Thread Local Storage
MITREへのリンク →

TeamTNT

Score: 6.41
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

FIN7

Score: 16.38
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1140 - Deobfuscate/Decode Files or Information
  • T1011.001 - Exfiltration Over Bluetooth
  • T1588.001 - Malware
  • T1601.001 - Patch System Image
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

BRONZE BUTLER

Score: 5.60
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

APT39

Score: 3.81
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1140 - Deobfuscate/Decode Files or Information
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Agrius

Score: 3.04
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1140 - Deobfuscate/Decode Files or Information
MITREへのリンク →

APT38

Score: 8.65
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1059.012 - Hypervisor CLI
  • T1059.005 - Visual Basic
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Volt Typhoon

Score: 3.81
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1140 - Deobfuscate/Decode Files or Information
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Darkhotel

Score: 5.60
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Earth Lusca

Score: 6.78
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1140 - Deobfuscate/Decode Files or Information
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Storm-1811

Score: 4.87
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1547.013 - XDG Autostart Entries
  • T1547.008 - LSASS Driver
MITREへのリンク →

ZIRCONIUM

Score: 4.44
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1588.001 - Malware
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

MuddyWater

Score: 10.79
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1140 - Deobfuscate/Decode Files or Information
  • T1218.010 - Regsvr32
  • T1059.013 - Container CLI/API
  • T1601.001 - Patch System Image
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Gamaredon Group

Score: 9.80
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1059.013 - Container CLI/API
  • T1601.001 - Patch System Image
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

TA505

Score: 6.18
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1601.001 - Patch System Image
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Threat Group-3390

Score: 13.18
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1140 - Deobfuscate/Decode Files or Information
  • T1218.003 - CMSTP
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

APT28

Score: 15.74
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1140 - Deobfuscate/Decode Files or Information
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1146 - Clear Command History
  • T1547.013 - XDG Autostart Entries
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Winter Vivern

Score: 7.68
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.001 - Malware
  • T1059.012 - Hypervisor CLI
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

menuPass

Score: 3.81
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1140 - Deobfuscate/Decode Files or Information
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

BlackByte

Score: 9.41
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1091 - Replication Through Removable Media
  • T1140 - Deobfuscate/Decode Files or Information
  • T1102.002 - Bidirectional Communication
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Leviathan

Score: 7.07
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1140 - Deobfuscate/Decode Files or Information
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Cinnamon Tempest

Score: 3.81
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1140 - Deobfuscate/Decode Files or Information
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Rocke

Score: 7.44
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1140 - Deobfuscate/Decode Files or Information
  • T1059.013 - Container CLI/API
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Tropic Trooper

Score: 3.84
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1218.010 - Regsvr32
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Malteiro

Score: 5.19
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

APT19

Score: 5.20
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1601.001 - Patch System Image
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Higaisa

Score: 5.16
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1588.001 - Malware
  • T1218.010 - Regsvr32
MITREへのリンク →

Mustard Tempest

Score: 4.52
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1059.012 - Hypervisor CLI
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

LazyScripter

Score: 4.61
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1601.001 - Patch System Image
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

BITTER

Score: 6.34
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1588.001 - Malware
  • T1218.010 - Regsvr32
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

APT32

Score: 9.97
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1588.001 - Malware
  • T1218.010 - Regsvr32
  • T1601.001 - Patch System Image
  • T1059.012 - Hypervisor CLI
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

HEXANE

Score: 4.61
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1601.001 - Patch System Image
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Saint Bear

Score: 3.47
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1218.010 - Regsvr32
MITREへのリンク →

EXOTIC LILY

Score: 5.99
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1218.010 - Regsvr32
  • T1547.008 - LSASS Driver
MITREへのリンク →

Ember Bear

Score: 6.81
Matched TTPs:
  • T1005 - Data from Local System
  • T1140 - Deobfuscate/Decode Files or Information
  • T1218.010 - Regsvr32
MITREへのリンク →

BackdoorDiplomacy

Score: 4.34
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.001 - Malware
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

GOLD SOUTHFIELD

Score: 3.33
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1601.001 - Patch System Image
MITREへのリンク →

Magic Hound

Score: 14.34
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.001 - Malware
  • T1187 - Forced Authentication
  • T1601.001 - Patch System Image
  • T1059.012 - Hypervisor CLI
  • T1547.013 - XDG Autostart Entries
  • T1547.008 - LSASS Driver
MITREへのリンク →

Medusa Group

Score: 12.78
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1218.003 - CMSTP
  • T1601.001 - Patch System Image
  • T1547.013 - XDG Autostart Entries
  • T1094 - Custom Command and Control Protocol
MITREへのリンク →

Sea Turtle

Score: 6.59
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1218.010 - Regsvr32
  • T1059.013 - Container CLI/API
MITREへのリンク →

Storm-0501

Score: 7.19
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.001 - Malware
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

Fox Kitten

Score: 6.21
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.001 - Malware
  • T1601.001 - Patch System Image
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

ToddyCat

Score: 3.99
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1547.008 - LSASS Driver
MITREへのリンク →

Dragonfly

Score: 5.51
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Axiom

Score: 9.27
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1160 - Launch Daemon
MITREへのリンク →

APT41

Score: 5.84
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.001 - Malware
  • T1218.010 - Regsvr32
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Aquatic Panda

Score: 4.74
Matched TTPs:
  • T1588.001 - Malware
  • T1601.001 - Patch System Image
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Wizard Spider

Score: 4.74
Matched TTPs:
  • T1588.001 - Malware
  • T1601.001 - Patch System Image
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

FIN6

Score: 6.48
Matched TTPs:
  • T1588.001 - Malware
  • T1601.001 - Patch System Image
  • T1547.008 - LSASS Driver
MITREへのリンク →

PROMETHIUM

Score: 3.86
Matched TTPs:
  • T1588.001 - Malware
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Andariel

Score: 7.88
Matched TTPs:
  • T1187 - Forced Authentication
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Sidewinder

Score: 4.13
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1601.001 - Patch System Image
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Patchwork

Score: 5.90
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1601.001 - Patch System Image
  • T1059.012 - Hypervisor CLI
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Cobalt Group

Score: 4.13
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1601.001 - Patch System Image
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

APT37

Score: 4.04
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Transparent Tribe

Score: 3.26
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Elderwood

Score: 4.04
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Leafminer

Score: 3.63
Matched TTPs:
  • T1601.001 - Patch System Image
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Windshift

Score: 5.07
Matched TTPs:
  • T1059.012 - Hypervisor CLI
  • T1547.013 - XDG Autostart Entries
  • T1547.008 - LSASS Driver
MITREへのリンク →

Dark Caracal

Score: 4.29
Matched TTPs:
  • T1059.012 - Hypervisor CLI
  • T1547.008 - LSASS Driver
MITREへのリンク →

CURIUM

Score: 4.29
Matched TTPs:
  • T1059.012 - Hypervisor CLI
  • T1547.008 - LSASS Driver
MITREへのリンク →

Scattered Spider

Score: 5.31
Matched TTPs:
  • T1027.002 - Software Packing
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Ajax Security Team

Score: 3.30
Matched TTPs:
  • T1547.013 - XDG Autostart Entries
  • T1547.008 - LSASS Driver
MITREへのリンク →

Velvet Ant

Score: 4.13
Matched TTPs:
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Sandworm Team

Score: 0.83
Matched TTPs:
  • T1601.001 - Patch System Image
  • T1140 - Deobfuscate/Decode Files or Information
  • T1091 - Replication Through Removable Media
  • T1218.010 - Regsvr32
  • T1005 - Data from Local System
  • T1606.002 - SAML Tokens
  • T1187 - Forced Authentication
  • T1547.013 - XDG Autostart Entries
  • T1059.010 - AutoHotKey & AutoIT
MITREへのリンク →

FIN7

Score: 0.75
Matched TTPs:
  • T1601.001 - Patch System Image
  • T1140 - Deobfuscate/Decode Files or Information
  • T1091 - Replication Through Removable Media
  • T1606.002 - SAML Tokens
  • T1011.001 - Exfiltration Over Bluetooth
  • T1588.001 - Malware
  • T1547.013 - XDG Autostart Entries
  • T1059.010 - AutoHotKey & AutoIT
MITREへのリンク →

Contagious Interview

Score: 0.73
Matched TTPs:
  • T1601.001 - Patch System Image
  • T1059.006 - Python
  • T1091 - Replication Through Removable Media
  • T1021.006 - Windows Remote Management
  • T1547.008 - LSASS Driver
  • T1606.002 - SAML Tokens
MITREへのリンク →

APT28

Score: 0.72
Matched TTPs:
  • T1566.003 - Spearphishing via Service
  • T1140 - Deobfuscate/Decode Files or Information
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1146 - Clear Command History
  • T1547.013 - XDG Autostart Entries
  • T1059.010 - AutoHotKey & AutoIT
MITREへのリンク →

Lazarus Group

Score: 0.70
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1218.010 - Regsvr32
  • T1547.008 - LSASS Driver
  • T1606.002 - SAML Tokens
  • T1059.012 - Hypervisor CLI
  • T1055.005 - Thread Local Storage
  • T1547.013 - XDG Autostart Entries
  • T1588.001 - Malware
MITREへのリンク →

Magic Hound

Score: 0.64
Matched TTPs:
  • T1601.001 - Patch System Image
  • T1140 - Deobfuscate/Decode Files or Information
  • T1547.008 - LSASS Driver
  • T1059.012 - Hypervisor CLI
  • T1187 - Forced Authentication
  • T1547.013 - XDG Autostart Entries
  • T1588.001 - Malware
MITREへのリンク →

OilRig

Score: 0.63
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1218.010 - Regsvr32
  • T1005 - Data from Local System
  • T1606.002 - SAML Tokens
  • T1547.008 - LSASS Driver
  • T1547.013 - XDG Autostart Entries
  • T1059.010 - AutoHotKey & AutoIT
MITREへのリンク →

Turla

Score: 0.63
Matched TTPs:
  • T1601.001 - Patch System Image
  • T1606.002 - SAML Tokens
  • T1059.012 - Hypervisor CLI
  • T1056.001 - Keylogging
  • T1547.013 - XDG Autostart Entries
  • T1059.010 - AutoHotKey & AutoIT
MITREへのリンク →

Threat Group-3390

Score: 0.63
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1091 - Replication Through Removable Media
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1218.003 - CMSTP
  • T1547.013 - XDG Autostart Entries
  • T1059.010 - AutoHotKey & AutoIT
MITREへのリンク →

Medusa Group

Score: 0.59
Matched TTPs:
  • T1601.001 - Patch System Image
  • T1140 - Deobfuscate/Decode Files or Information
  • T1094 - Custom Command and Control Protocol
  • T1218.003 - CMSTP
  • T1547.013 - XDG Autostart Entries
MITREへのリンク →

Mustang Panda

Score: 0.57
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1218.010 - Regsvr32
  • T1606.002 - SAML Tokens
  • T1055.005 - Thread Local Storage
  • T1547.013 - XDG Autostart Entries
  • T1059.010 - AutoHotKey & AutoIT
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る