Trusted Design

9002 Trojan via Google Drive Tiny URL

概要

Unit 42 recently observed a 9002 Trojan delivered using a combination of shortened links and a shared file hosted on Google Drive. The delivery method also uses an actor-controlled server hosting a custom redirection script to track successful clicks by targeted email addresses. The infrastructure associated with this 9002 Trojan sample was also found to have previous ties to attacks on Myanmar and other Asian countries that used Poison Ivy as the payload, including a recent, and possibly ongoing campaign against Taiwan

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Volt Typhoon

Score: 17.61
Matched TTPs:
  • T1685.001 - Disable or Modify Windows Event Log
  • T1114 - Email Collection
  • T1057 - Process Discovery
  • T1102.003 - One-Way Communication
  • T1574.002 - DLL Side-Loading
MITREへのリンク →

APT28

Score: 24.44
Matched TTPs:
  • T1685.001 - Disable or Modify Windows Event Log
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1608.005 - Link Target
  • T1057 - Process Discovery
  • T1542.004 - ROMMONkit
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1146 - Clear Command History
  • T1027.018 - Invisible Unicode
MITREへのリンク →

ZIRCONIUM

Score: 10.90
Matched TTPs:
  • T1685.001 - Disable or Modify Windows Event Log
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1608.005 - Link Target
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Leviathan

Score: 16.46
Matched TTPs:
  • T1685.001 - Disable or Modify Windows Event Log
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1027.014 - Polymorphic Code
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
  • T1546.017 - Udev Rules
MITREへのリンク →

Mustard Tempest

Score: 14.12
Matched TTPs:
  • T1682 - Query Public AI Services
  • T1543.003 - Windows Service
  • T1115 - Clipboard Data
  • T1091 - Replication Through Removable Media
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Silent Librarian

Score: 9.59
Matched TTPs:
  • T1114 - Email Collection
  • T1566.002 - Spearphishing Link
  • T1584.005 - Botnet
MITREへのリンク →

Kimsuky

Score: 33.84
Matched TTPs:
  • T1114 - Email Collection
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1683.001 - Written Content
  • T1608.005 - Link Target
  • T1057 - Process Discovery
  • T1102.003 - One-Way Communication
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1027.014 - Polymorphic Code
  • T1027.018 - Invisible Unicode
  • T1008 - Fallback Channels
MITREへのリンク →

EXOTIC LILY

Score: 12.96
Matched TTPs:
  • T1114 - Email Collection
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1218.010 - Regsvr32
  • T1027.018 - Invisible Unicode
  • T1547.008 - LSASS Driver
MITREへのリンク →

Sandworm Team

Score: 27.49
Matched TTPs:
  • T1114 - Email Collection
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1016.002 - Wi-Fi Discovery
  • T1193 - Spearphishing Attachment
  • T1102.003 - One-Way Communication
  • T1187 - Forced Authentication
  • T1218.010 - Regsvr32
  • T1027.018 - Invisible Unicode
MITREへのリンク →

TA578

Score: 6.66
Matched TTPs:
  • T1114 - Email Collection
  • T1608.005 - Link Target
  • T1027.018 - Invisible Unicode
MITREへのリンク →

BlackTech

Score: 5.17
Matched TTPs:
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1027.018 - Invisible Unicode
MITREへのリンク →

MuddyWater

Score: 7.19
Matched TTPs:
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1608.005 - Link Target
  • T1218.010 - Regsvr32
  • T1027.018 - Invisible Unicode
MITREへのリンク →

LuminousMoth

Score: 11.66
Matched TTPs:
  • T1543.003 - Windows Service
  • T1115 - Clipboard Data
  • T1091 - Replication Through Removable Media
  • T1584.005 - Botnet
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Confucius

Score: 7.19
Matched TTPs:
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1608.005 - Link Target
  • T1218.010 - Regsvr32
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Mofang

Score: 6.83
Matched TTPs:
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1027.018 - Invisible Unicode
  • T1546.017 - Udev Rules
MITREへのリンク →

Sidewinder

Score: 11.25
Matched TTPs:
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1657 - Financial Theft
  • T1218.010 - Regsvr32
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Elderwood

Score: 6.94
Matched TTPs:
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Machete

Score: 5.45
Matched TTPs:
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
MITREへのリンク →

FIN7

Score: 20.23
Matched TTPs:
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1115 - Clipboard Data
  • T1091 - Replication Through Removable Media
  • T1584.005 - Botnet
  • T1608.005 - Link Target
  • T1057 - Process Discovery
  • T1027.018 - Invisible Unicode
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

Transparent Tribe

Score: 9.97
Matched TTPs:
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1115 - Clipboard Data
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Mustang Panda

Score: 19.04
Matched TTPs:
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1608.005 - Link Target
  • T1102.003 - One-Way Communication
  • T1218.010 - Regsvr32
  • T1055.005 - Thread Local Storage
  • T1027.018 - Invisible Unicode
MITREへのリンク →

FIN8

Score: 3.68
Matched TTPs:
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1027.018 - Invisible Unicode
MITREへのリンク →

APT32

Score: 25.41
Matched TTPs:
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1115 - Clipboard Data
  • T1091 - Replication Through Removable Media
  • T1592.004 - Client Configurations
  • T1608.005 - Link Target
  • T1027.014 - Polymorphic Code
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

APT3

Score: 4.30
Matched TTPs:
  • T1543.003 - Windows Service
  • T1218.010 - Regsvr32
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Lazarus Group

Score: 17.53
Matched TTPs:
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1608.005 - Link Target
  • T1057 - Process Discovery
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1055.005 - Thread Local Storage
  • T1547.008 - LSASS Driver
MITREへのリンク →

APT33

Score: 5.17
Matched TTPs:
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Molerats

Score: 6.83
Matched TTPs:
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1027.018 - Invisible Unicode
  • T1546.017 - Udev Rules
MITREへのリンク →

Magic Hound

Score: 23.57
Matched TTPs:
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1016.002 - Wi-Fi Discovery
  • T1608.005 - Link Target
  • T1187 - Forced Authentication
  • T1059.012 - Hypervisor CLI
  • T1098.002 - Additional Email Delegate Permissions
  • T1027.018 - Invisible Unicode
  • T1547.008 - LSASS Driver
MITREへのリンク →

OilRig

Score: 9.67
Matched TTPs:
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1218.010 - Regsvr32
  • T1027.018 - Invisible Unicode
  • T1547.008 - LSASS Driver
MITREへのリンク →

Windshift

Score: 7.97
Matched TTPs:
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
  • T1547.008 - LSASS Driver
MITREへのリンク →

Cobalt Group

Score: 7.92
Matched TTPs:
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1027.014 - Polymorphic Code
  • T1218.010 - Regsvr32
  • T1027.018 - Invisible Unicode
MITREへのリンク →

APT29

Score: 18.09
Matched TTPs:
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1592.004 - Client Configurations
  • T1608.005 - Link Target
  • T1218.010 - Regsvr32
  • T1218.009 - Regsvcs/Regasm
  • T1027.018 - Invisible Unicode
  • T1547.008 - LSASS Driver
MITREへのリンク →

FIN4

Score: 3.68
Matched TTPs:
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1027.018 - Invisible Unicode
MITREへのリンク →

TA2541

Score: 10.82
Matched TTPs:
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1608.005 - Link Target
  • T1027.018 - Invisible Unicode
  • T1546.017 - Udev Rules
MITREへのリンク →

Earth Lusca

Score: 12.18
Matched TTPs:
  • T1543.003 - Windows Service
  • T1091 - Replication Through Removable Media
  • T1608.005 - Link Target
  • T1218.001 - Compiled HTML File
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
MITREへのリンク →

RedCurl

Score: 10.34
Matched TTPs:
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1016.002 - Wi-Fi Discovery
  • T1542.004 - ROMMONkit
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Storm-1811

Score: 3.97
Matched TTPs:
  • T1543.003 - Windows Service
  • T1547.008 - LSASS Driver
MITREへのリンク →

Turla

Score: 10.21
Matched TTPs:
  • T1543.003 - Windows Service
  • T1608.005 - Link Target
  • T1218.001 - Compiled HTML File
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Wizard Spider

Score: 6.08
Matched TTPs:
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1027.018 - Invisible Unicode
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

Patchwork

Score: 12.68
Matched TTPs:
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
  • T1008 - Fallback Channels
MITREへのリンク →

TA505

Score: 9.28
Matched TTPs:
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1016.002 - Wi-Fi Discovery
  • T1027.018 - Invisible Unicode
MITREへのリンク →

LazyScripter

Score: 7.67
Matched TTPs:
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1608.005 - Link Target
  • T1027.018 - Invisible Unicode
MITREへのリンク →

APT42

Score: 3.42
Matched TTPs:
  • T1543.003 - Windows Service
  • T1091 - Replication Through Removable Media
MITREへのリンク →

APT39

Score: 6.08
Matched TTPs:
  • T1543.003 - Windows Service
  • T1598.003 - Spearphishing Link
  • T1027.018 - Invisible Unicode
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

Scattered Spider

Score: 14.97
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1144 - Gatekeeper Bypass
  • T1619 - Cloud Storage Object Discovery
  • T1027.002 - Software Packing
MITREへのリンク →

Star Blizzard

Score: 12.21
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1657 - Financial Theft
  • T1102.003 - One-Way Communication
MITREへのリンク →

Moonstone Sleet

Score: 13.51
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1057 - Process Discovery
  • T1027.007 - Dynamic API Resolution
  • T1547.008 - LSASS Driver
MITREへのリンク →

CURIUM

Score: 14.28
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1115 - Clipboard Data
  • T1218.001 - Compiled HTML File
  • T1059.012 - Hypervisor CLI
  • T1547.008 - LSASS Driver
MITREへのリンク →

Dragonfly

Score: 17.09
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1115 - Clipboard Data
  • T1193 - Spearphishing Attachment
  • T1657 - Financial Theft
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Saint Bear

Score: 7.71
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1608.005 - Link Target
  • T1218.010 - Regsvr32
  • T1027.018 - Invisible Unicode
MITREへのリンク →

FIN6

Score: 5.80
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1027.007 - Dynamic API Resolution
  • T1547.008 - LSASS Driver
MITREへのリンク →

BRONZE BUTLER

Score: 14.30
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1592.004 - Client Configurations
  • T1542.004 - ROMMONkit
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1008 - Fallback Channels
MITREへのリンク →

WIRTE

Score: 3.62
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1027.014 - Polymorphic Code
MITREへのリンク →

menuPass

Score: 3.91
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1542.004 - ROMMONkit
MITREへのリンク →

Threat Group-3390

Score: 12.29
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1115 - Clipboard Data
  • T1091 - Replication Through Removable Media
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1546.017 - Udev Rules
MITREへのリンク →

Gamaredon Group

Score: 12.41
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1608.005 - Link Target
  • T1542.004 - ROMMONkit
  • T1027.018 - Invisible Unicode
  • T1546.017 - Udev Rules
MITREへのリンク →

Darkhotel

Score: 4.13
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

BITTER

Score: 4.34
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1218.010 - Regsvr32
MITREへのリンク →

Inception

Score: 5.11
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1027.014 - Polymorphic Code
  • T1218.010 - Regsvr32
MITREへのリンク →

Ajax Security Team

Score: 3.40
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1547.008 - LSASS Driver
MITREへのリンク →

TA551

Score: 3.62
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1027.014 - Polymorphic Code
MITREへのリンク →

RTM

Score: 5.92
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1059.012 - Hypervisor CLI
  • T1008 - Fallback Channels
MITREへのリンク →

APT41

Score: 12.18
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1574.002 - DLL Side-Loading
  • T1027.007 - Dynamic API Resolution
  • T1008 - Fallback Channels
MITREへのリンク →

Winter Vivern

Score: 7.62
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1218.001 - Compiled HTML File
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Higaisa

Score: 5.52
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1546.017 - Udev Rules
MITREへのリンク →

APT19

Score: 5.39
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1027.014 - Polymorphic Code
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

SideCopy

Score: 6.47
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1657 - Financial Theft
MITREへのリンク →

Andariel

Score: 7.98
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1187 - Forced Authentication
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

APT37

Score: 4.13
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Silence

Score: 3.27
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

APT38

Score: 6.40
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

BlackByte

Score: 4.37
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

Contagious Interview

Score: 19.82
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1021.006 - Windows Remote Management
  • T1608.005 - Link Target
  • T1102.003 - One-Way Communication
  • T1221 - Template Injection
  • T1027.018 - Invisible Unicode
  • T1547.008 - LSASS Driver
MITREへのリンク →

MoustachedBouncer

Score: 4.54
Matched TTPs:
  • T1055.003 - Thread Execution Hijacking
MITREへのリンク →

UNC3886

Score: 5.63
Matched TTPs:
  • T1021.006 - Windows Remote Management
  • T1218.010 - Regsvr32
MITREへのリンク →

LAPSUS$

Score: 7.98
Matched TTPs:
  • T1193 - Spearphishing Attachment
  • T1619 - Cloud Storage Object Discovery
MITREへのリンク →

Aquatic Panda

Score: 3.84
Matched TTPs:
  • T1144 - Gatekeeper Bypass
MITREへのリンク →

FIN13

Score: 3.84
Matched TTPs:
  • T1144 - Gatekeeper Bypass
MITREへのリンク →

HAFNIUM

Score: 6.55
Matched TTPs:
  • T1059 - Command and Scripting Interpreter
  • T1608.005 - Link Target
MITREへのリンク →

Medusa Group

Score: 4.41
Matched TTPs:
  • T1608.005 - Link Target
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

INC Ransom

Score: 5.68
Matched TTPs:
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

Sea Turtle

Score: 4.78
Matched TTPs:
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1218.010 - Regsvr32
MITREへのリンク →

Axiom

Score: 11.08
Matched TTPs:
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1160 - Launch Daemon
MITREへのリンク →

AppleJeus

Score: 3.29
Matched TTPs:
  • T1562.013 - Disable or Modify Network Device Firewall
MITREへのリンク →

GOLD SOUTHFIELD

Score: 3.29
Matched TTPs:
  • T1562.013 - Disable or Modify Network Device Firewall
MITREへのリンク →

Sowbug

Score: 3.03
Matched TTPs:
  • T1542.004 - ROMMONkit
MITREへのリンク →

Chimera

Score: 5.43
Matched TTPs:
  • T1542.004 - ROMMONkit
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

Fox Kitten

Score: 3.03
Matched TTPs:
  • T1542.004 - ROMMONkit
MITREへのリンク →

Blue Mockingbird

Score: 5.14
Matched TTPs:
  • T1027.014 - Polymorphic Code
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

Dark Caracal

Score: 4.29
Matched TTPs:
  • T1059.012 - Hypervisor CLI
  • T1547.008 - LSASS Driver
MITREへのリンク →

Daggerfly

Score: 3.13
Matched TTPs:
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Rocke

Score: 3.29
Matched TTPs:
  • T1008 - Fallback Channels
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.80
Matched TTPs:
  • T1008 - Fallback Channels
  • T1608.005 - Link Target
  • T1057 - Process Discovery
  • T1027.014 - Polymorphic Code
  • T1102.003 - One-Way Communication
  • T1543.003 - Windows Service
  • T1091 - Replication Through Removable Media
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1114 - Email Collection
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1027.018 - Invisible Unicode
  • T1683.001 - Written Content
MITREへのリンク →

Sandworm Team

Score: 0.70
Matched TTPs:
  • T1016.002 - Wi-Fi Discovery
  • T1187 - Forced Authentication
  • T1218.010 - Regsvr32
  • T1543.003 - Windows Service
  • T1091 - Replication Through Removable Media
  • T1193 - Spearphishing Attachment
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1114 - Email Collection
  • T1027.018 - Invisible Unicode
  • T1102.003 - One-Way Communication
MITREへのリンク →

APT32

Score: 0.66
Matched TTPs:
  • T1608.005 - Link Target
  • T1027.014 - Polymorphic Code
  • T1115 - Clipboard Data
  • T1218.010 - Regsvr32
  • T1027.007 - Dynamic API Resolution
  • T1543.003 - Windows Service
  • T1091 - Replication Through Removable Media
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1059.012 - Hypervisor CLI
  • T1592.004 - Client Configurations
  • T1027.018 - Invisible Unicode
MITREへのリンク →

APT28

Score: 0.63
Matched TTPs:
  • T1608.005 - Link Target
  • T1057 - Process Discovery
  • T1685.001 - Disable or Modify Windows Event Log
  • T1218.010 - Regsvr32
  • T1542.004 - ROMMONkit
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1059.012 - Hypervisor CLI
  • T1146 - Clear Command History
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Magic Hound

Score: 0.59
Matched TTPs:
  • T1016.002 - Wi-Fi Discovery
  • T1608.005 - Link Target
  • T1187 - Forced Authentication
  • T1543.003 - Windows Service
  • T1547.008 - LSASS Driver
  • T1566.002 - Spearphishing Link
  • T1059.012 - Hypervisor CLI
  • T1098.002 - Additional Email Delegate Permissions
  • T1027.018 - Invisible Unicode
MITREへのリンク →

FIN7

Score: 0.56
Matched TTPs:
  • T1608.005 - Link Target
  • T1057 - Process Discovery
  • T1115 - Clipboard Data
  • T1584.005 - Botnet
  • T1027.007 - Dynamic API Resolution
  • T1543.003 - Windows Service
  • T1091 - Replication Through Removable Media
  • T1598.003 - Spearphishing Link
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る