Pulse Detail-

MALWARE POSING AS HUMAN RIGHTS ORGANIZATIONS AND COMMERCIAL SOFTWARE TARGETING IRANIANS AND FOREIGN POLICY INSTITUTIONS

概要

On August 4, 2016, the Gmail account of an unknown individual was compromised in order to conduct spearphishing campaigns against a diverse set of targets related to Iran. The spearphishing attempt posed as a message from the Director of United for Iran, a U.S.-based human rights organization, claiming that the organization had developed a secure communications tool for activists. The message was sent from an account created under her name on lesser known email provider (1&1’s Mail.com), a common tactic in recent months, with a link to a file hosted on Dropbox and an additional credential phishing attempt. Once the observed Gmail account was under their control, the actors then forwarded malware to over a hundred of their contacts, ranging from an address for the United Nations Refugee Agency in Turkey to a site contact for Reza Pahlavi, the son of the deposed Shah Mohammad Reza Pahlavi.

Created: 2026-02-23

Indicators

類似Pulses

London Calling: Two-Factor Authentication Phishing From Iran (score: 0.70)
Attacks Against the Mongolian Government (score: 0.69)
NetTraveler Spear-Phishing Email Targets Diplomat of Uzbekistan (score: 0.69)
A Look at Targeted Attacks Through the Lense of an NGO (score: 0.69)
The Postal Group (score: 0.68)

このPulseに関連する脅威アクター (事実ベース)

LAPSUS$

Score: 32.09

Matched TTPs:

T1597.002 - Purchase Technical Data
T1586.002 - Email Accounts
T1589.002 - Email Addresses
T1598.004 - Spearphishing Voice
T1591.002 - Business Relationships
T1204 - User Execution
T1199 - Trusted Relationship
T1588.002 - Tool
T1656 - Impersonation
T1591.004 - Identify Roles

MITREへのリンク →

Contagious Interview

Score: 32.36

Matched TTPs:

T1588.007 - Artificial Intelligence
T1608.001 - Upload Malware
T1681 - Search Threat Vendor Data
T1585.002 - Email Accounts
T1657 - Financial Theft
T1583.006 - Web Services
T1593 - Search Open Websites/Domains
T1588.002 - Tool
T1593.001 - Social Media
T1656 - Impersonation
T1204.001 - Malicious Link
T1566.003 - Spearphishing via Service

MITREへのリンク →

Ember Bear

Score: 9.25

Matched TTPs:

T1491.002 - External Defacement
T1114 - Email Collection
T1203 - Exploitation for Client Execution

MITREへのリンク →

Sandworm Team

Score: 54.15

Matched TTPs:

T1491.002 - External Defacement
T1594 - Search Victim-Owned Websites
T1586.001 - Social Media Accounts
T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1608.001 - Upload Malware
T1585.002 - Email Accounts
T1589.002 - Email Addresses
T1591.002 - Business Relationships
T1589.003 - Employee Names
T1199 - Trusted Relationship
T1593 - Search Open Websites/Domains
T1588.002 - Tool
T1592.002 - Software
T1102.002 - Bidirectional Communication
T1203 - Exploitation for Client Execution
T1584.004 - Server
T1590.001 - Domain Properties
T1204.001 - Malicious Link

MITREへのリンク →

Silent Librarian

Score: 22.71

Matched TTPs:

T1114 - Email Collection
T1594 - Search Victim-Owned Websites
T1598.003 - Spearphishing Link
T1585.002 - Email Accounts
T1589.002 - Email Addresses
T1589.003 - Employee Names
T1608.005 - Link Target
T1588.002 - Tool

MITREへのリンク →

Magic Hound

Score: 36.99

Matched TTPs:

T1114 - Email Collection
T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1586.002 - Email Accounts
T1585.002 - Email Accounts
T1589.002 - Email Addresses
T1036.004 - Masquerade Task or Service
T1583.006 - Web Services
T1588.002 - Tool
T1592.002 - Software
T1102.002 - Bidirectional Communication
T1036.010 - Masquerade Account Name
T1204.001 - Malicious Link
T1566.003 - Spearphishing via Service
T1584.001 - Domains

MITREへのリンク →

Scattered Spider

Score: 44.68

Matched TTPs:

T1114 - Email Collection
T1598.003 - Spearphishing Link
T1070.008 - Clear Mailbox Data
T1598.004 - Spearphishing Voice
T1087 - Account Discovery
T1657 - Financial Theft
T1204 - User Execution
T1588.002 - Tool
T1656 - Impersonation
T1598 - Phishing for Information
T1556.009 - Conditional Access Policies
T1136 - Create Account
T1538 - Cloud Service Dashboard

MITREへのリンク →

Kimsuky

Score: 67.37

Matched TTPs:

T1594 - Search Victim-Owned Websites
T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1608.001 - Upload Malware
T1585.002 - Email Accounts
T1589.002 - Email Addresses
T1593.002 - Search Engines
T1589.003 - Employee Names
T1036.004 - Masquerade Task or Service
T1657 - Financial Theft
T1583.006 - Web Services
T1591 - Gather Victim Org Information
T1534 - Internal Spearphishing
T1593 - Search Open Websites/Domains
T1588.002 - Tool
T1566 - Phishing
T1055.012 - Process Hollowing
T1593.001 - Social Media
T1102.002 - Bidirectional Communication
T1656 - Impersonation
T1598 - Phishing for Information
T1204.001 - Malicious Link
T1584.001 - Domains

MITREへのリンク →

Volt Typhoon

Score: 23.82

Matched TTPs:

T1594 - Search Victim-Owned Websites
T1589.002 - Email Addresses
T1591 - Gather Victim Org Information
T1593 - Search Open Websites/Domains
T1588.002 - Tool
T1614 - System Location Discovery
T1591.004 - Identify Roles
T1584.004 - Server

MITREへのリンク →

EXOTIC LILY

Score: 21.61

Matched TTPs:

T1594 - Search Victim-Owned Websites
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1608.001 - Upload Malware
T1585.002 - Email Accounts
T1589.002 - Email Addresses
T1593.001 - Social Media
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link
T1566.003 - Spearphishing via Service

MITREへのリンク →

TA578

Score: 6.66

Matched TTPs:

T1594 - Search Victim-Owned Websites
T1583.006 - Web Services
T1204.001 - Malicious Link

MITREへのリンク →

Leviathan

Score: 23.87

Matched TTPs:

T1586.001 - Social Media Accounts
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1585.002 - Email Accounts
T1534 - Internal Spearphishing
T1203 - Exploitation for Client Execution
T1584.004 - Server
T1204.001 - Malicious Link
T1027.015 - Compression

MITREへのリンク →

BlackTech

Score: 6.02

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

MuddyWater

Score: 10.43

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1583.006 - Web Services
T1588.002 - Tool
T1102.002 - Bidirectional Communication
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

LuminousMoth

Score: 9.47

Matched TTPs:

T1566.002 - Spearphishing Link
T1608.001 - Upload Malware
T1608.005 - Link Target
T1588.002 - Tool
T1204.001 - Malicious Link

MITREへのリンク →

Confucius

Score: 7.19

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1583.006 - Web Services
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

Mofang

Score: 6.83

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link
T1027.015 - Compression

MITREへのリンク →

Sidewinder

Score: 11.25

Matched TTPs:

T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1598.002 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

Elderwood

Score: 5.17

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

Machete

Score: 3.68

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link

MITREへのリンク →

FIN7

Score: 29.60

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1608.001 - Upload Malware
T1036.004 - Masquerade Task or Service
T1608.005 - Link Target
T1583.006 - Web Services
T1591 - Gather Victim Org Information
T1588.002 - Tool
T1102.002 - Bidirectional Communication
T1591.004 - Identify Roles
T1204.001 - Malicious Link
T1569.002 - Service Execution
T1008 - Fallback Channels

MITREへのリンク →

Mustard Tempest

Score: 8.07

Matched TTPs:

T1566.002 - Spearphishing Link
T1608.001 - Upload Malware
T1204.001 - Malicious Link
T1584.001 - Domains

MITREへのリンク →

Transparent Tribe

Score: 8.46

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link
T1584.001 - Domains

MITREへのリンク →

Mustang Panda

Score: 24.84

Matched TTPs:

T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1608.001 - Upload Malware
T1585.002 - Email Accounts
T1583.006 - Web Services
T1593 - Search Open Websites/Domains
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1027.007 - Dynamic API Resolution
T1204.001 - Malicious Link

MITREへのリンク →

FIN8

Score: 7.28

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1588.002 - Tool
T1573.002 - Asymmetric Cryptography
T1204.001 - Malicious Link

MITREへのリンク →

APT32

Score: 19.48

Matched TTPs:

T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1608.001 - Upload Malware
T1589.002 - Email Addresses
T1036.004 - Masquerade Task or Service
T1583.006 - Web Services
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link
T1569.002 - Service Execution

MITREへのリンク →

APT3

Score: 7.92

Matched TTPs:

T1566.002 - Spearphishing Link
T1203 - Exploitation for Client Execution
T1036.010 - Masquerade Account Name
T1204.001 - Malicious Link

MITREへのリンク →

APT1

Score: 8.74

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1585.002 - Email Accounts
T1588.002 - Tool
T1584.001 - Domains

MITREへのリンク →

Lazarus Group

Score: 32.19

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1585.002 - Email Accounts
T1589.002 - Email Addresses
T1036.004 - Masquerade Task or Service
T1583.006 - Web Services
T1591 - Gather Victim Org Information
T1588.002 - Tool
T1102.002 - Bidirectional Communication
T1203 - Exploitation for Client Execution
T1584.004 - Server
T1027.007 - Dynamic API Resolution
T1008 - Fallback Channels
T1566.003 - Spearphishing via Service

MITREへのリンク →

APT33

Score: 6.02

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

ZIRCONIUM

Score: 15.21

Matched TTPs:

T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1036.004 - Masquerade Task or Service
T1583.006 - Web Services
T1102.002 - Bidirectional Communication
T1598 - Phishing for Information
T1204.001 - Malicious Link

MITREへのリンク →

Molerats

Score: 6.83

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link
T1027.015 - Compression

MITREへのリンク →

OilRig

Score: 26.84

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1608.001 - Upload Malware
T1588.002 - Tool
T1201 - Password Policy Discovery
T1203 - Exploitation for Client Execution
T1573.002 - Asymmetric Cryptography
T1555.004 - Windows Credential Manager
T1204.001 - Malicious Link
T1008 - Fallback Channels
T1566.003 - Spearphishing via Service

MITREへのリンク →

Windshift

Score: 6.20

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link
T1566.003 - Spearphishing via Service

MITREへのリンク →

Cobalt Group

Score: 8.77

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1573.002 - Asymmetric Cryptography
T1204.001 - Malicious Link

MITREへのリンク →

APT29

Score: 25.05

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.003 - Cloud Accounts
T1586.002 - Email Accounts
T1583.006 - Web Services
T1199 - Trusted Relationship
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1090.004 - Domain Fronting
T1204.001 - Malicious Link
T1566.003 - Spearphishing via Service

MITREへのリンク →

FIN4

Score: 3.68

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link

MITREへのリンク →

TA2541

Score: 17.57

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1608.001 - Upload Malware
T1583.006 - Web Services
T1588.002 - Tool
T1055.012 - Process Hollowing
T1573.002 - Asymmetric Cryptography
T1204.001 - Malicious Link
T1027.015 - Compression

MITREへのリンク →

Earth Lusca

Score: 14.10

Matched TTPs:

T1566.002 - Spearphishing Link
T1608.001 - Upload Malware
T1583.006 - Web Services
T1588.002 - Tool
T1584.006 - Web Services
T1584.004 - Server
T1204.001 - Malicious Link

MITREへのリンク →

RedCurl

Score: 13.02

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1199 - Trusted Relationship
T1573.002 - Asymmetric Cryptography
T1537 - Transfer Data to Cloud Account
T1204.001 - Malicious Link

MITREへのリンク →

Storm-1811

Score: 20.55

Matched TTPs:

T1566.002 - Spearphishing Link
T1588.002 - Tool
T1566.004 - Spearphishing Voice
T1667 - Email Bombing
T1656 - Impersonation
T1036.010 - Masquerade Account Name
T1566.003 - Spearphishing via Service

MITREへのリンク →

Turla

Score: 21.99

Matched TTPs:

T1566.002 - Spearphishing Link
T1583.006 - Web Services
T1588.002 - Tool
T1584.006 - Web Services
T1201 - Password Policy Discovery
T1102.002 - Bidirectional Communication
T1555.004 - Windows Credential Manager
T1584.004 - Server
T1204.001 - Malicious Link

MITREへのリンク →

Wizard Spider

Score: 14.93

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1585.002 - Email Accounts
T1036.004 - Masquerade Task or Service
T1588.002 - Tool
T1555.004 - Windows Credential Manager
T1204.001 - Malicious Link
T1569.002 - Service Execution

MITREへのリンク →

TA577

Score: 5.47

Matched TTPs:

T1566.002 - Spearphishing Link
T1586.002 - Email Accounts
T1204.001 - Malicious Link

MITREへのリンク →

Patchwork

Score: 11.63

Matched TTPs:

T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1588.002 - Tool
T1055.012 - Process Hollowing
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

TA505

Score: 6.50

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1608.001 - Upload Malware
T1588.002 - Tool
T1204.001 - Malicious Link

MITREへのリンク →

LazyScripter

Score: 7.67

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1608.001 - Upload Malware
T1583.006 - Web Services
T1204.001 - Malicious Link

MITREへのリンク →

APT42

Score: 16.47

Matched TTPs:

T1566.002 - Spearphishing Link
T1608.001 - Upload Malware
T1070.008 - Clear Mailbox Data
T1585.002 - Email Accounts
T1588.002 - Tool
T1573.002 - Asymmetric Cryptography
T1656 - Impersonation

MITREへのリンク →

APT39

Score: 9.33

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1588.002 - Tool
T1102.002 - Bidirectional Communication
T1204.001 - Malicious Link
T1569.002 - Service Execution

MITREへのリンク →

APT28

Score: 32.25

Matched TTPs:

T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1583.006 - Web Services
T1591 - Gather Victim Org Information
T1199 - Trusted Relationship
T1588.002 - Tool
T1102.002 - Bidirectional Communication
T1203 - Exploitation for Client Execution
T1598 - Phishing for Information
T1498 - Network Denial of Service
T1204.001 - Malicious Link
T1211 - Exploitation for Defense Evasion

MITREへのリンク →

Star Blizzard

Score: 18.01

Matched TTPs:

T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1608.001 - Upload Malware
T1585.002 - Email Accounts
T1598.002 - Spearphishing Attachment
T1593 - Search Open Websites/Domains
T1588.002 - Tool

MITREへのリンク →

Moonstone Sleet

Score: 21.76

Matched TTPs:

T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1608.001 - Upload Malware
T1585.002 - Email Accounts
T1589.002 - Email Addresses
T1591 - Gather Victim Org Information
T1598 - Phishing for Information
T1569.002 - Service Execution
T1566.003 - Spearphishing via Service

MITREへのリンク →

CURIUM

Score: 11.76

Matched TTPs:

T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1585.002 - Email Accounts
T1584.006 - Web Services
T1566.003 - Spearphishing via Service

MITREへのリンク →

Dragonfly

Score: 19.60

Matched TTPs:

T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1591.002 - Business Relationships
T1598.002 - Spearphishing Attachment
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1036.010 - Masquerade Account Name
T1584.004 - Server

MITREへのリンク →

Saint Bear

Score: 13.27

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1608.001 - Upload Malware
T1589.002 - Email Addresses
T1583.006 - Web Services
T1203 - Exploitation for Client Execution
T1656 - Impersonation
T1204.001 - Malicious Link

MITREへのリンク →

Tropic Trooper

Score: 5.11

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

FIN6

Score: 11.49

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1036.004 - Masquerade Task or Service
T1588.002 - Tool
T1573.002 - Asymmetric Cryptography
T1569.002 - Service Execution
T1566.003 - Spearphishing via Service

MITREへのリンク →

BRONZE BUTLER

Score: 3.22

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1588.002 - Tool
T1203 - Exploitation for Client Execution

MITREへのリンク →

menuPass

Score: 7.62

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1199 - Trusted Relationship
T1588.002 - Tool
T1055.012 - Process Hollowing

MITREへのリンク →

Threat Group-3390

Score: 18.37

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1608.001 - Upload Malware
T1608.002 - Upload Tool
T1199 - Trusted Relationship
T1588.002 - Tool
T1055.012 - Process Hollowing
T1203 - Exploitation for Client Execution
T1027.015 - Compression

MITREへのリンク →

Gamaredon Group

Score: 16.24

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1608.001 - Upload Malware
T1583.006 - Web Services
T1534 - Internal Spearphishing
T1588.002 - Tool
T1102.002 - Bidirectional Communication
T1204.001 - Malicious Link
T1027.015 - Compression

MITREへのリンク →

BITTER

Score: 7.29

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1608.001 - Upload Malware
T1036.004 - Masquerade Task or Service
T1588.002 - Tool
T1203 - Exploitation for Client Execution

MITREへのリンク →

Inception

Score: 3.22

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1588.002 - Tool
T1203 - Exploitation for Client Execution

MITREへのリンク →

Ajax Security Team

Score: 3.40

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1566.003 - Spearphishing via Service

MITREへのリンク →

TA551

Score: 3.40

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1589.002 - Email Addresses

MITREへのリンク →

APT41

Score: 14.18

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1036.004 - Masquerade Task or Service
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1656 - Impersonation
T1569.002 - Service Execution
T1008 - Fallback Channels

MITREへのリンク →

Winter Vivern

Score: 7.95

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1036.004 - Masquerade Task or Service
T1584.006 - Web Services
T1204.001 - Malicious Link

MITREへのリンク →

Higaisa

Score: 7.62

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1036.004 - Masquerade Task or Service
T1203 - Exploitation for Client Execution
T1027.015 - Compression

MITREへのリンク →

Gorgon Group

Score: 4.88

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1588.002 - Tool
T1055.012 - Process Hollowing

MITREへのリンク →

APT12

Score: 4.77

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1102.002 - Bidirectional Communication
T1203 - Exploitation for Client Execution

MITREへのリンク →

Malteiro

Score: 3.40

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1657 - Financial Theft

MITREへのリンク →

SideCopy

Score: 13.89

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1608.001 - Upload Malware
T1598.002 - Spearphishing Attachment
T1614 - System Location Discovery
T1584.001 - Domains

MITREへのリンク →

Andariel

Score: 6.21

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1592.002 - Software
T1203 - Exploitation for Client Execution

MITREへのリンク →

APT37

Score: 4.77

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1102.002 - Bidirectional Communication
T1203 - Exploitation for Client Execution

MITREへのリンク →

Silence

Score: 4.12

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1588.002 - Tool
T1569.002 - Service Execution

MITREへのリンク →

IndigoZebra

Score: 6.40

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1583.006 - Web Services
T1588.002 - Tool

MITREへのリンク →

APT38

Score: 5.48

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1588.002 - Tool
T1204.001 - Malicious Link
T1569.002 - Service Execution

MITREへのリンク →

APT-C-36

Score: 3.82

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1036.004 - Masquerade Task or Service
T1588.002 - Tool

MITREへのリンク →

HEXANE

Score: 19.94

Matched TTPs:

T1586.002 - Email Accounts
T1608.001 - Upload Malware
T1585.002 - Email Accounts
T1589.002 - Email Addresses
T1534 - Internal Spearphishing
T1588.002 - Tool
T1102.002 - Bidirectional Communication
T1591.004 - Identify Roles

MITREへのリンク →

BlackByte

Score: 7.52

Matched TTPs:

T1608.001 - Upload Malware
T1055.012 - Process Hollowing
T1569.002 - Service Execution

MITREへのリンク →

Medusa Group

Score: 16.95

Matched TTPs:

T1608.002 - Upload Tool
T1585.002 - Email Accounts
T1657 - Financial Theft
T1583.006 - Web Services
T1588.002 - Tool
T1573.002 - Asymmetric Cryptography
T1569.002 - Service Execution

MITREへのリンク →

UNC3886

Score: 11.16

Matched TTPs:

T1681 - Search Threat Vendor Data
T1036.004 - Masquerade Task or Service
T1203 - Exploitation for Client Execution
T1008 - Fallback Channels

MITREへのリンク →

Indrik Spider

Score: 8.96

Matched TTPs:

T1585.002 - Email Accounts
T1136 - Create Account
T1584.004 - Server

MITREへのリンク →

HAFNIUM

Score: 7.28

Matched TTPs:

T1589.002 - Email Addresses
T1583.006 - Web Services
T1199 - Trusted Relationship

MITREへのリンク →

Aquatic Panda

Score: 6.79

Matched TTPs:

T1087 - Account Discovery
T1036.004 - Masquerade Task or Service
T1588.002 - Tool

MITREへのリンク →

FIN13

Score: 9.31

Matched TTPs:

T1087 - Account Discovery
T1036.004 - Masquerade Task or Service
T1657 - Financial Theft
T1588.002 - Tool

MITREへのリンク →

Carbanak

Score: 5.34

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1588.002 - Tool
T1102.002 - Bidirectional Communication

MITREへのリンク →

Storm-0501

Score: 12.60

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1657 - Financial Theft
T1556.009 - Conditional Access Policies
T1537 - Transfer Data to Cloud Account

MITREへのリンク →

INC Ransom

Score: 12.90

Matched TTPs:

T1657 - Financial Theft
T1588.002 - Tool
T1566 - Phishing
T1537 - Transfer Data to Cloud Account
T1569.002 - Service Execution

MITREへのリンク →

Cinnamon Tempest

Score: 3.37

Matched TTPs:

T1657 - Financial Theft
T1588.002 - Tool

MITREへのリンク →

AppleJeus

Score: 5.81

Matched TTPs:

T1657 - Financial Theft
T1566 - Phishing

MITREへのリンク →

Play

Score: 3.37

Matched TTPs:

T1657 - Financial Theft
T1588.002 - Tool

MITREへのリンク →

POLONIUM

Score: 8.01

Matched TTPs:

T1583.006 - Web Services
T1199 - Trusted Relationship
T1588.002 - Tool
T1102.002 - Bidirectional Communication

MITREへのリンク →

GOLD SOUTHFIELD

Score: 6.03

Matched TTPs:

T1199 - Trusted Relationship
T1566 - Phishing

MITREへのリンク →

Sea Turtle

Score: 8.37

Matched TTPs:

T1199 - Trusted Relationship
T1588.002 - Tool
T1566 - Phishing
T1203 - Exploitation for Client Execution

MITREへのリンク →

Ke3chang

Score: 3.25

Matched TTPs:

T1588.002 - Tool
T1569.002 - Service Execution

MITREへのリンク →

Chimera

Score: 7.09

Matched TTPs:

T1588.002 - Tool
T1201 - Password Policy Discovery
T1569.002 - Service Execution

MITREへのリンク →

Salt Typhoon

Score: 4.69

Matched TTPs:

T1588.002 - Tool
T1136 - Create Account

MITREへのリンク →

Blue Mockingbird

Score: 3.25

Matched TTPs:

T1588.002 - Tool
T1569.002 - Service Execution

MITREへのリンク →

Axiom

Score: 4.78

Matched TTPs:

T1566 - Phishing
T1203 - Exploitation for Client Execution

MITREへのリンク →

Velvet Ant

Score: 9.28

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1569.002 - Service Execution
T1211 - Exploitation for Defense Evasion

MITREへのリンク →

Stealth Falcon

Score: 3.62

Matched TTPs:

T1555.004 - Windows Credential Manager

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Daggerfly

Score: 4.19

Matched TTPs:

T1584.004 - Server
T1204.001 - Malicious Link

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.84

Matched TTPs:

T1566.002 - Spearphishing Link
T1586.002 - Email Accounts
T1657 - Financial Theft
T1566 - Phishing
T1608.001 - Upload Malware
T1593.002 - Search Engines
T1583.006 - Web Services
T1589.002 - Email Addresses
T1566.001 - Spearphishing Attachment
T1591 - Gather Victim Org Information
T1598 - Phishing for Information
T1585.002 - Email Accounts
T1593 - Search Open Websites/Domains
T1593.001 - Social Media
T1036.004 - Masquerade Task or Service
T1588.002 - Tool
T1204.001 - Malicious Link
T1656 - Impersonation
T1584.001 - Domains
T1598.003 - Spearphishing Link
T1594 - Search Victim-Owned Websites
T1534 - Internal Spearphishing
T1055.012 - Process Hollowing
T1102.002 - Bidirectional Communication
T1589.003 - Employee Names

MITREへのリンク →

Sandworm Team

Score: 0.72

Matched TTPs:

T1566.002 - Spearphishing Link
T1608.001 - Upload Malware
T1589.002 - Email Addresses
T1566.001 - Spearphishing Attachment
T1199 - Trusted Relationship
T1592.002 - Software
T1585.002 - Email Accounts
T1591.002 - Business Relationships
T1593 - Search Open Websites/Domains
T1588.002 - Tool
T1204.001 - Malicious Link
T1491.002 - External Defacement
T1584.004 - Server
T1590.001 - Domain Properties
T1598.003 - Spearphishing Link
T1594 - Search Victim-Owned Websites
T1102.002 - Bidirectional Communication
T1586.001 - Social Media Accounts
T1203 - Exploitation for Client Execution
T1589.003 - Employee Names

MITREへのリンク →

Scattered Spider

Score: 0.59

Matched TTPs:

T1087 - Account Discovery
T1556.009 - Conditional Access Policies
T1598.004 - Spearphishing Voice
T1538 - Cloud Service Dashboard
T1588.002 - Tool
T1070.008 - Clear Mailbox Data
T1598 - Phishing for Information
T1657 - Financial Theft
T1114 - Email Collection
T1656 - Impersonation
T1598.003 - Spearphishing Link
T1204 - User Execution
T1136 - Create Account

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る

MALWARE POSING AS HUMAN RIGHTS ORGANIZATIONS AND COMMERCIAL SOFTWARE TARGETING IRANIANS AND FOREIGN POLICY INSTITUTIONS

概要

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

Pulse – 脅威アクター グラフ

Pulse – 脅威アクターグラフ