Trusted Design

ZeuS banking Trojan distributed via MSG attachments

概要

Spam campaign using .MSG file attachments to deliver the Zbot Trojan has been discovered. The .MSG file format is used to store Exchange and Outlook message files and is not a popular option among actors. Once successful infection occurs, the Zbot Trojan connects to two domains and downloads a configuration file. The Trojan intercepts network traffic to steal banking credentials and network information.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

Attack on Zygote: a new twist in the evolution of mobile threats (score: 0.64)
ZeusVM: Bits and Pieces (score: 0.63)
Zusy malware on Metadefender.com (score: 0.62)
Android Trojan GM Bot is evolving and targeting more than 50 banks worldwide (score: 0.61)
New banking trojan 'Slave' hitting Polish Banks (score: 0.61)

このPulseに関連する脅威アクター (事実ベース)

Lazarus Group

Score: 11.40

Matched TTPs:

T1132.001 - Standard Encoding
T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups
T1569.002 - Service Execution

MITREへのリンク →

TA577

Score: 5.29

Matched TTPs:

T1132.001 - Standard Encoding
T1543.003 - Windows Service

MITREへのリンク →

Moonstone Sleet

Score: 7.03

Matched TTPs:

T1132.001 - Standard Encoding
T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

Kimsuky

Score: 20.53

Matched TTPs:

T1053.007 - Container Orchestration Job
T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups
T1204.003 - Malicious Image
T1526 - Cloud Service Discovery
T1053.002 - At
T1490 - Inhibit System Recovery

MITREへのリンク →

Mustang Panda

Score: 15.76

Matched TTPs:

T1053.007 - Container Orchestration Job
T1013 - Port Monitors
T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups
T1526 - Cloud Service Discovery

MITREへのリンク →

APT41

Score: 4.16

Matched TTPs:

T1560.003 - Archive via Custom Method
T1598.003 - Spearphishing Link

MITREへのリンク →

Scattered Spider

Score: 4.80

Matched TTPs:

T1560.003 - Archive via Custom Method
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

TA505

Score: 7.91

Matched TTPs:

T1560.003 - Archive via Custom Method
T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

Volt Typhoon

Score: 10.06

Matched TTPs:

T1560.003 - Archive via Custom Method
T1013 - Port Monitors
T1569.002 - Service Execution

MITREへのリンク →

APT3

Score: 4.73

Matched TTPs:

T1560.003 - Archive via Custom Method
T1543.003 - Windows Service

MITREへのリンク →

FIN13

Score: 6.21

Matched TTPs:

T1560.003 - Archive via Custom Method
T1569.002 - Service Execution

MITREへのリンク →

BlackByte

Score: 3.84

Matched TTPs:

T1013 - Port Monitors

MITREへのリンク →

Machete

Score: 3.11

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link

MITREへのリンク →

Elderwood

Score: 3.11

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link

MITREへのリンク →

Transparent Tribe

Score: 7.91

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups
T1053.002 - At

MITREへのリンク →

Dragonfly

Score: 9.47

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups
T1657 - Financial Theft
T1204.003 - Malicious Image

MITREへのリンク →

CURIUM

Score: 3.18

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

Tropic Trooper

Score: 4.33

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1490 - Inhibit System Recovery

MITREへのリンク →

RedCurl

Score: 3.11

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link

MITREへのリンク →

menuPass

Score: 3.18

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

FIN8

Score: 6.26

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link
T1526 - Cloud Service Discovery

MITREへのリンク →

Threat Group-3390

Score: 9.48

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups
T1526 - Cloud Service Discovery
T1546.017 - Udev Rules

MITREへのリンク →

BITTER

Score: 3.18

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

Ferocious Kitten

Score: 3.18

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

LazyScripter

Score: 4.63

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

PROMETHIUM

Score: 3.45

Matched TTPs:

T1087.002 - Domain Account
T1490 - Inhibit System Recovery

MITREへのリンク →

APT39

Score: 6.04

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link
T1569.002 - Service Execution

MITREへのリンク →

Star Blizzard

Score: 9.47

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups
T1657 - Financial Theft
T1204.003 - Malicious Image

MITREへのリンク →

Higaisa

Score: 7.74

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1569.002 - Service Execution
T1546.017 - Udev Rules

MITREへのリンク →

Wizard Spider

Score: 9.88

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link
T1556.009 - Conditional Access Policies
T1526 - Cloud Service Discovery

MITREへのリンク →

OilRig

Score: 15.94

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups
T1592.002 - Software
T1556.009 - Conditional Access Policies
T1526 - Cloud Service Discovery

MITREへのリンク →

Sandworm Team

Score: 4.63

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

Magic Hound

Score: 9.70

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1098.007 - Additional Local or Domain Groups
T1204.003 - Malicious Image
T1053.002 - At

MITREへのリンク →

FIN4

Score: 5.78

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link
T1204.003 - Malicious Image

MITREへのリンク →

Cobalt Group

Score: 3.11

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link

MITREへのリンク →

Storm-1811

Score: 3.75

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

EXOTIC LILY

Score: 4.63

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

Patchwork

Score: 3.11

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link

MITREへのリンク →

FIN7

Score: 7.29

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups
T1490 - Inhibit System Recovery

MITREへのリンク →

APT28

Score: 10.38

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups
T1204.003 - Malicious Image
T1546.007 - Netsh Helper DLL

MITREへのリンク →

TA2541

Score: 7.78

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups
T1546.017 - Udev Rules

MITREへのリンク →

Earth Lusca

Score: 3.75

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

SideCopy

Score: 8.57

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1657 - Financial Theft
T1053.002 - At

MITREへのリンク →

Mofang

Score: 6.26

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link
T1546.017 - Udev Rules

MITREへのリンク →

Leviathan

Score: 7.78

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups
T1546.017 - Udev Rules

MITREへのリンク →

BRONZE BUTLER

Score: 5.51

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1592.004 - Client Configurations

MITREへのリンク →

APT38

Score: 3.18

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

MuddyWater

Score: 3.11

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link

MITREへのリンク →

Molerats

Score: 6.26

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link
T1546.017 - Udev Rules

MITREへのリンク →

Gamaredon Group

Score: 6.33

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups
T1546.017 - Udev Rules

MITREへのリンク →

APT32

Score: 11.14

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups
T1592.004 - Client Configurations
T1490 - Inhibit System Recovery

MITREへのリンク →

IndigoZebra

Score: 3.18

Matched TTPs:

T1087.002 - Domain Account
T1598.003 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

APT33

Score: 3.11

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link

MITREへのリンク →

Sidewinder

Score: 6.73

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link
T1657 - Financial Theft

MITREへのリンク →

APT29

Score: 12.29

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link
T1592.004 - Client Configurations
T1204.003 - Malicious Image
T1490 - Inhibit System Recovery

MITREへのリンク →

Confucius

Score: 3.11

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link

MITREへのリンク →

BlackTech

Score: 6.26

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link
T1526 - Cloud Service Discovery

MITREへのリンク →

Windshift

Score: 3.11

Matched TTPs:

T1087.002 - Domain Account
T1543.003 - Windows Service
T1598.003 - Spearphishing Link

MITREへのリンク →

Mustard Tempest

Score: 4.73

Matched TTPs:

T1543.003 - Windows Service
T1053.002 - At

MITREへのリンク →

APT1

Score: 9.79

Matched TTPs:

T1543.003 - Windows Service
T1598.003 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups
T1204.003 - Malicious Image
T1053.002 - At

MITREへのリンク →

Turla

Score: 10.66

Matched TTPs:

T1543.003 - Windows Service
T1556.009 - Conditional Access Policies
T1569.002 - Service Execution
T1490 - Inhibit System Recovery

MITREへのリンク →

Sea Turtle

Score: 4.18

Matched TTPs:

T1098.007 - Additional Local or Domain Groups
T1490 - Inhibit System Recovery

MITREへのリンク →

HAFNIUM

Score: 5.33

Matched TTPs:

T1204.003 - Malicious Image
T1490 - Inhibit System Recovery

MITREへのリンク →

Stealth Falcon

Score: 3.62

Matched TTPs:

T1556.009 - Conditional Access Policies

MITREへのリンク →

Axiom

Score: 4.54

Matched TTPs:

T1160 - Launch Daemon

MITREへのリンク →

Velvet Ant

Score: 5.59

Matched TTPs:

T1569.002 - Service Execution
T1490 - Inhibit System Recovery

MITREへのリンク →

Medusa Group

Score: 4.54

Matched TTPs:

T1094 - Custom Command and Control Protocol

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.79

Matched TTPs:

T1098.007 - Additional Local or Domain Groups
T1526 - Cloud Service Discovery
T1204.003 - Malicious Image
T1490 - Inhibit System Recovery
T1053.002 - At
T1543.003 - Windows Service
T1053.007 - Container Orchestration Job
T1087.002 - Domain Account
T1598.003 - Spearphishing Link

MITREへのリンク →

Mustang Panda

Score: 0.63

Matched TTPs:

T1098.007 - Additional Local or Domain Groups
T1526 - Cloud Service Discovery
T1013 - Port Monitors
T1543.003 - Windows Service
T1053.007 - Container Orchestration Job
T1087.002 - Domain Account
T1598.003 - Spearphishing Link

MITREへのリンク →

OilRig

Score: 0.61

Matched TTPs:

T1556.009 - Conditional Access Policies
T1098.007 - Additional Local or Domain Groups
T1526 - Cloud Service Discovery
T1592.002 - Software
T1543.003 - Windows Service
T1087.002 - Domain Account
T1598.003 - Spearphishing Link

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る