Trusted Design

Tofsee

概要

Tofsee is multi-purpose malware that has been in existence for several years, operating since at least 2013. It features a number of modules that are used to carry out various activities such as sending spam messages, conducting click fraud, mining cryptocurrency, and more. Once infected, systems become part of the Tofsee spam botnet and are used to send large volumes of spam messages in an effort to infect additional systems and increase the overall size of the botnet under the operator’s control.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

A deeper look at Tofsee modules (score: 0.89)
Tofsee – modular spambot (score: 0.77)
A deeper look at Tofsee modules - CERT Polska (score: 0.77)
Hijacked Existing E-mail Thread - Ursnif (aka Gozi aka Gozi ISFB) Malware Phishing (score: 0.57)
Dyre Malware Campaigners Innovate with Distribution Techniques (score: 0.57)

このPulseに関連する脅威アクター (事実ベース)

Kimsuky

Score: 12.74

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1102.002 - Bidirectional Communication
T1598 - Phishing for Information
T1680 - Local Storage Discovery

MITREへのリンク →

Moonstone Sleet

Score: 12.43

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1598 - Phishing for Information
T1569.002 - Service Execution
T1566.003 - Spearphishing via Service

MITREへのリンク →

Lazarus Group

Score: 24.62

Matched TTPs:

T1587.001 - Malware
T1102.002 - Bidirectional Communication
T1203 - Exploitation for Client Execution
T1027.007 - Dynamic API Resolution
T1680 - Local Storage Discovery
T1124 - System Time Discovery
T1055.001 - Dynamic-link Library Injection
T1566.003 - Spearphishing via Service
T1529 - System Shutdown/Reboot

MITREへのリンク →

Contagious Interview

Score: 6.59

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1566.003 - Spearphishing via Service

MITREへのリンク →

OilRig

Score: 12.62

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1203 - Exploitation for Client Execution
T1137.004 - Outlook Home Page
T1566.003 - Spearphishing via Service

MITREへのリンク →

UNC3886

Score: 8.64

Matched TTPs:

T1587.001 - Malware
T1588.001 - Malware
T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

LuminousMoth

Score: 9.97

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1588.001 - Malware
T1030 - Data Transfer Size Limits

MITREへのリンク →

Sandworm Team

Score: 11.58

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1584.005 - Botnet
T1102.002 - Bidirectional Communication
T1203 - Exploitation for Client Execution

MITREへのリンク →

APT29

Score: 10.65

Matched TTPs:

T1587.001 - Malware
T1203 - Exploitation for Client Execution
T1562.008 - Disable or Modify Cloud Logs
T1566.003 - Spearphishing via Service

MITREへのリンク →

Play

Score: 5.53

Matched TTPs:

T1587.001 - Malware
T1030 - Data Transfer Size Limits

MITREへのリンク →

Aoqin Dragon

Score: 3.59

Matched TTPs:

T1587.001 - Malware
T1203 - Exploitation for Client Execution

MITREへのリンク →

Turla

Score: 12.47

Matched TTPs:

T1587.001 - Malware
T1588.001 - Malware
T1102.002 - Bidirectional Communication
T1124 - System Time Discovery
T1055.001 - Dynamic-link Library Injection

MITREへのリンク →

Ke3chang

Score: 8.34

Matched TTPs:

T1587.001 - Malware
T1583.005 - Botnet
T1569.002 - Service Execution

MITREへのリンク →

Mustang Panda

Score: 9.69

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1203 - Exploitation for Client Execution
T1027.007 - Dynamic API Resolution

MITREへのリンク →

TeamTNT

Score: 10.52

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1496.001 - Compute Hijacking
T1680 - Local Storage Discovery

MITREへのリンク →

FIN7

Score: 11.46

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1102.002 - Bidirectional Communication
T1569.002 - Service Execution
T1124 - System Time Discovery

MITREへのリンク →

HAFNIUM

Score: 7.47

Matched TTPs:

T1583.005 - Botnet
T1584.005 - Botnet

MITREへのリンク →

APT5

Score: 3.84

Matched TTPs:

T1583.005 - Botnet

MITREへのリンク →

TA2541

Score: 4.43

Matched TTPs:

T1608.001 - Upload Malware
T1588.001 - Malware

MITREへのリンク →

Earth Lusca

Score: 4.43

Matched TTPs:

T1608.001 - Upload Malware
T1588.001 - Malware

MITREへのリンク →

LazyScripter

Score: 4.43

Matched TTPs:

T1608.001 - Upload Malware
T1588.001 - Malware

MITREへのリンク →

Gamaredon Group

Score: 8.91

Matched TTPs:

T1608.001 - Upload Malware
T1001 - Data Obfuscation
T1102.002 - Bidirectional Communication

MITREへのリンク →

Threat Group-3390

Score: 6.91

Matched TTPs:

T1608.001 - Upload Malware
T1203 - Exploitation for Client Execution
T1030 - Data Transfer Size Limits

MITREへのリンク →

TA505

Score: 7.36

Matched TTPs:

T1608.001 - Upload Malware
T1588.001 - Malware
T1055.001 - Dynamic-link Library Injection

MITREへのリンク →

BlackByte

Score: 4.37

Matched TTPs:

T1608.001 - Upload Malware
T1569.002 - Service Execution

MITREへのリンク →

BITTER

Score: 3.47

Matched TTPs:

T1608.001 - Upload Malware
T1203 - Exploitation for Client Execution

MITREへのリンク →

APT32

Score: 5.86

Matched TTPs:

T1608.001 - Upload Malware
T1203 - Exploitation for Client Execution
T1569.002 - Service Execution

MITREへのリンク →

HEXANE

Score: 4.37

Matched TTPs:

T1608.001 - Upload Malware
T1102.002 - Bidirectional Communication

MITREへのリンク →

Saint Bear

Score: 3.47

Matched TTPs:

T1608.001 - Upload Malware
T1203 - Exploitation for Client Execution

MITREへのリンク →

EXOTIC LILY

Score: 5.99

Matched TTPs:

T1608.001 - Upload Malware
T1203 - Exploitation for Client Execution
T1566.003 - Spearphishing via Service

MITREへのリンク →

Ember Bear

Score: 3.95

Matched TTPs:

T1588.001 - Malware
T1203 - Exploitation for Client Execution

MITREへのリンク →

Andariel

Score: 3.95

Matched TTPs:

T1588.001 - Malware
T1203 - Exploitation for Client Execution

MITREへのリンク →

BackdoorDiplomacy

Score: 5.39

Matched TTPs:

T1588.001 - Malware
T1055.001 - Dynamic-link Library Injection

MITREへのリンク →

Scattered Spider

Score: 10.03

Matched TTPs:

T1588.001 - Malware
T1598 - Phishing for Information
T1556.009 - Conditional Access Policies

MITREへのリンク →

Axiom

Score: 9.65

Matched TTPs:

T1584.005 - Botnet
T1203 - Exploitation for Client Execution
T1001.002 - Steganography

MITREへのリンク →

Volt Typhoon

Score: 9.05

Matched TTPs:

T1584.005 - Botnet
T1680 - Local Storage Discovery
T1124 - System Time Discovery

MITREへのリンク →

Rocke

Score: 3.62

Matched TTPs:

T1496.001 - Compute Hijacking

MITREへのリンク →

Blue Mockingbird

Score: 6.02

Matched TTPs:

T1496.001 - Compute Hijacking
T1569.002 - Service Execution

MITREへのリンク →

APT41

Score: 10.95

Matched TTPs:

T1496.001 - Compute Hijacking
T1203 - Exploitation for Client Execution
T1030 - Data Transfer Size Limits
T1569.002 - Service Execution

MITREへのリンク →

APT37

Score: 7.51

Matched TTPs:

T1102.002 - Bidirectional Communication
T1203 - Exploitation for Client Execution
T1529 - System Shutdown/Reboot

MITREへのリンク →

APT12

Score: 3.89

Matched TTPs:

T1102.002 - Bidirectional Communication
T1203 - Exploitation for Client Execution

MITREへのリンク →

APT39

Score: 4.80

Matched TTPs:

T1102.002 - Bidirectional Communication
T1569.002 - Service Execution

MITREへのリンク →

Magic Hound

Score: 4.92

Matched TTPs:

T1102.002 - Bidirectional Communication
T1566.003 - Spearphishing via Service

MITREへのリンク →

APT28

Score: 10.77

Matched TTPs:

T1102.002 - Bidirectional Communication
T1203 - Exploitation for Client Execution
T1030 - Data Transfer Size Limits
T1598 - Phishing for Information

MITREへのリンク →

MuddyWater

Score: 3.89

Matched TTPs:

T1102.002 - Bidirectional Communication
T1203 - Exploitation for Client Execution

MITREへのリンク →

ZIRCONIUM

Score: 8.43

Matched TTPs:

T1102.002 - Bidirectional Communication
T1598 - Phishing for Information
T1124 - System Time Discovery

MITREへのリンク →

Sidewinder

Score: 4.09

Matched TTPs:

T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

The White Company

Score: 4.09

Matched TTPs:

T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

Confucius

Score: 4.33

Matched TTPs:

T1203 - Exploitation for Client Execution
T1680 - Local Storage Discovery

MITREへのリンク →

Patchwork

Score: 4.33

Matched TTPs:

T1203 - Exploitation for Client Execution
T1680 - Local Storage Discovery

MITREへのリンク →

Higaisa

Score: 6.92

Matched TTPs:

T1203 - Exploitation for Client Execution
T1680 - Local Storage Discovery
T1124 - System Time Discovery

MITREへのリンク →

Leviathan

Score: 4.42

Matched TTPs:

T1203 - Exploitation for Client Execution
T1055.001 - Dynamic-link Library Injection

MITREへのリンク →

BRONZE BUTLER

Score: 4.09

Matched TTPs:

T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

Tropic Trooper

Score: 7.26

Matched TTPs:

T1203 - Exploitation for Client Execution
T1680 - Local Storage Discovery
T1055.001 - Dynamic-link Library Injection

MITREへのリンク →

Darkhotel

Score: 4.09

Matched TTPs:

T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

Storm-0501

Score: 4.13

Matched TTPs:

T1556.009 - Conditional Access Policies

MITREへのリンク →

Chimera

Score: 7.82

Matched TTPs:

T1569.002 - Service Execution
T1680 - Local Storage Discovery
T1124 - System Time Discovery

MITREへのリンク →

Medusa Group

Score: 6.02

Matched TTPs:

T1569.002 - Service Execution
T1529 - System Shutdown/Reboot

MITREへのリンク →

FIN6

Score: 4.92

Matched TTPs:

T1569.002 - Service Execution
T1566.003 - Spearphishing via Service

MITREへのリンク →

APT38

Score: 6.02

Matched TTPs:

T1569.002 - Service Execution
T1529 - System Shutdown/Reboot

MITREへのリンク →

Wizard Spider

Score: 5.33

Matched TTPs:

T1569.002 - Service Execution
T1055.001 - Dynamic-link Library Injection

MITREへのリンク →

ToddyCat

Score: 5.36

Matched TTPs:

T1680 - Local Storage Discovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

CURIUM

Score: 5.12

Matched TTPs:

T1124 - System Time Discovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Lazarus Group

Score: 0.76

Matched TTPs:

T1055.001 - Dynamic-link Library Injection
T1587.001 - Malware
T1203 - Exploitation for Client Execution
T1680 - Local Storage Discovery
T1124 - System Time Discovery
T1027.007 - Dynamic API Resolution
T1102.002 - Bidirectional Communication
T1566.003 - Spearphishing via Service
T1529 - System Shutdown/Reboot

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る