Trusted Design

Veil-Framework Infects Victims of Targeted OWA Phishing Attack

概要

Proofpoint researchers recently observed a novel targeted phishing attack that combined Outlook Web Access (OWA) credential phishing with a malicious document download. In May we also observed an Office 365 credential phishing attack leading to iSpy Keylogger [1], but the combination of OWA with this infection chain takes a different approach. While it is not clear whether the primary goal of the attack was delivering the malicious payload or capturing the targets' OWA credentials, this attack uses an OWA phish to additionally pushes a malicious document with a Veil-Framework payload capable of downloading further malware.

Created: 2026-02-23

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Contagious Interview

Score: 26.10
Matched TTPs:
  • T1588.007 - Artificial Intelligence
  • T1071.003 - Mail Protocols
  • T1585.002 - Email Accounts
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1656 - Impersonation
  • T1204.004 - Malicious Copy and Paste
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Scattered Spider

Score: 34.29
Matched TTPs:
  • T1564.008 - Email Hiding Rules
  • T1598.003 - Spearphishing Link
  • T1598.004 - Spearphishing Voice
  • T1588.001 - Malware
  • T1657 - Financial Theft
  • T1204 - User Execution
  • T1621 - Multi-Factor Authentication Request Generation
  • T1656 - Impersonation
  • T1598 - Phishing for Information
  • T1556.009 - Conditional Access Policies
MITREへのリンク →

FIN4

Score: 14.61
Matched TTPs:
  • T1564.008 - Email Hiding Rules
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1056.002 - GUI Input Capture
  • T1114.002 - Remote Email Collection
  • T1204.001 - Malicious Link
MITREへのリンク →

Volt Typhoon

Score: 6.14
Matched TTPs:
  • T1584.008 - Network Devices
  • T1589.002 - Email Addresses
MITREへのリンク →

APT28

Score: 41.31
Matched TTPs:
  • T1584.008 - Network Devices
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1071.003 - Mail Protocols
  • T1583.006 - Web Services
  • T1114.002 - Remote Email Collection
  • T1589.001 - Credentials
  • T1203 - Exploitation for Client Execution
  • T1598 - Phishing for Information
  • T1189 - Drive-by Compromise
  • T1221 - Template Injection
  • T1137.002 - Office Test
  • T1204.001 - Malicious Link
  • T1669 - Wi-Fi Networks
MITREへのリンク →

ZIRCONIUM

Score: 14.34
Matched TTPs:
  • T1584.008 - Network Devices
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1583.006 - Web Services
  • T1598 - Phishing for Information
  • T1204.001 - Malicious Link
MITREへのリンク →

Leviathan

Score: 29.45
Matched TTPs:
  • T1584.008 - Network Devices
  • T1586.001 - Social Media Accounts
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1585.002 - Email Accounts
  • T1534 - Internal Spearphishing
  • T1218.010 - Regsvr32
  • T1589.001 - Credentials
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Mustard Tempest

Score: 16.68
Matched TTPs:
  • T1583.008 - Malvertising
  • T1566.002 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1189 - Drive-by Compromise
  • T1608.006 - SEO Poisoning
  • T1204.001 - Malicious Link
MITREへのリンク →

Sandworm Team

Score: 24.27
Matched TTPs:
  • T1586.001 - Social Media Accounts
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1195 - Supply Chain Compromise
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1589.003 - Employee Names
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

BlackTech

Score: 5.17
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

MuddyWater

Score: 7.19
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

LuminousMoth

Score: 12.14
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1588.001 - Malware
  • T1608.005 - Link Target
  • T1204.001 - Malicious Link
MITREへのリンク →

Confucius

Score: 10.34
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1221 - Template Injection
  • T1204.001 - Malicious Link
MITREへのリンク →

Mofang

Score: 3.68
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1204.001 - Malicious Link
MITREへのリンク →

Kimsuky

Score: 46.74
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1071.003 - Mail Protocols
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1589.003 - Employee Names
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1534 - Internal Spearphishing
  • T1566 - Phishing
  • T1114.002 - Remote Email Collection
  • T1218.010 - Regsvr32
  • T1656 - Impersonation
  • T1598 - Phishing for Information
  • T1204.001 - Malicious Link
  • T1078.003 - Local Accounts
MITREへのリンク →

Sidewinder

Score: 11.25
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1598.002 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Elderwood

Score: 6.94
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Machete

Score: 5.45
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN7

Score: 15.24
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.004 - Drive-by Target
  • T1608.005 - Link Target
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
  • T1078.003 - Local Accounts
MITREへのリンク →

Transparent Tribe

Score: 9.97
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.004 - Drive-by Target
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Mustang Panda

Score: 22.58
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1585.002 - Email Accounts
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1001.003 - Protocol or Service Impersonation
  • T1027.007 - Dynamic API Resolution
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN8

Score: 3.68
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1204.001 - Malicious Link
MITREへのリンク →

APT32

Score: 25.67
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.004 - Drive-by Target
  • T1071.003 - Mail Protocols
  • T1589.002 - Email Addresses
  • T1583.006 - Web Services
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
  • T1078.003 - Local Accounts
MITREへのリンク →

APT3

Score: 4.30
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

APT1

Score: 9.73
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1585.002 - Email Accounts
  • T1588.001 - Malware
  • T1114.002 - Remote Email Collection
MITREへのリンク →

Lazarus Group

Score: 22.90
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1001.003 - Protocol or Service Impersonation
  • T1189 - Drive-by Compromise
  • T1027.007 - Dynamic API Resolution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT33

Score: 5.17
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

EXOTIC LILY

Score: 12.51
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Molerats

Score: 3.68
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1204.001 - Malicious Link
MITREへのリンク →

Magic Hound

Score: 25.15
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1586.002 - Email Accounts
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1583.006 - Web Services
  • T1114.002 - Remote Email Collection
  • T1589.001 - Credentials
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

OilRig

Score: 22.37
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1195 - Supply Chain Compromise
  • T1203 - Exploitation for Client Execution
  • T1137.004 - Outlook Home Page
  • T1555.004 - Windows Credential Manager
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Windshift

Score: 7.97
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Cobalt Group

Score: 7.92
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

APT29

Score: 21.55
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1583.006 - Web Services
  • T1621 - Multi-Factor Authentication Request Generation
  • T1114.002 - Remote Email Collection
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
  • T1078.003 - Local Accounts
MITREへのリンク →

TA2541

Score: 8.15
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

Earth Lusca

Score: 12.66
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

RedCurl

Score: 7.81
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1056.002 - GUI Input Capture
  • T1204.001 - Malicious Link
MITREへのリンク →

Storm-1811

Score: 16.08
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.004 - Spearphishing Voice
  • T1667 - Email Bombing
  • T1656 - Impersonation
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Turla

Score: 22.24
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1071.003 - Mail Protocols
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1584.006 - Web Services
  • T1555.004 - Windows Credential Manager
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
  • T1078.003 - Local Accounts
MITREへのリンク →

Wizard Spider

Score: 9.59
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1585.002 - Email Accounts
  • T1555.004 - Windows Credential Manager
  • T1204.001 - Malicious Link
MITREへのリンク →

TA577

Score: 5.47
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1586.002 - Email Accounts
  • T1204.001 - Malicious Link
MITREへのリンク →

Patchwork

Score: 9.40
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

TA505

Score: 6.14
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1588.001 - Malware
  • T1204.001 - Malicious Link
MITREへのリンク →

LazyScripter

Score: 8.15
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

APT42

Score: 6.77
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1585.002 - Email Accounts
  • T1656 - Impersonation
MITREへのリンク →

APT39

Score: 3.68
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1204.001 - Malicious Link
MITREへのリンク →

Silent Librarian

Score: 14.96
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1589.003 - Employee Names
  • T1608.005 - Link Target
MITREへのリンク →

Star Blizzard

Score: 19.11
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1585.002 - Email Accounts
  • T1598.002 - Spearphishing Attachment
  • T1114.002 - Remote Email Collection
  • T1550.004 - Web Session Cookie
MITREへのリンク →

Moonstone Sleet

Score: 14.11
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1598 - Phishing for Information
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

CURIUM

Score: 16.56
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.004 - Drive-by Target
  • T1585.002 - Email Accounts
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Dragonfly

Score: 23.20
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.004 - Drive-by Target
  • T1598.002 - Spearphishing Attachment
  • T1114.002 - Remote Email Collection
  • T1187 - Forced Authentication
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1221 - Template Injection
MITREへのリンク →

Saint Bear

Score: 11.30
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1589.002 - Email Addresses
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1656 - Impersonation
  • T1204.001 - Malicious Link
MITREへのリンク →

Tropic Trooper

Score: 8.19
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1221 - Template Injection
  • T1078.003 - Local Accounts
MITREへのリンク →

FIN6

Score: 3.40
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

BRONZE BUTLER

Score: 4.13
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

WIRTE

Score: 3.62
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1218.010 - Regsvr32
MITREへのリンク →

Threat Group-3390

Score: 7.17
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.004 - Drive-by Target
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Gamaredon Group

Score: 11.02
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1583.006 - Web Services
  • T1534 - Internal Spearphishing
  • T1221 - Template Injection
  • T1204.001 - Malicious Link
MITREへのリンク →

Darkhotel

Score: 4.13
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Inception

Score: 8.27
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
  • T1221 - Template Injection
MITREへのリンク →

Ajax Security Team

Score: 3.40
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

TA551

Score: 6.14
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1589.002 - Email Addresses
  • T1218.010 - Regsvr32
MITREへのリンク →

APT41

Score: 5.40
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1656 - Impersonation
MITREへのリンク →

Winter Vivern

Score: 12.16
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1056.003 - Web Portal Capture
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Higaisa

Score: 6.21
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1001.003 - Protocol or Service Impersonation
MITREへのリンク →

APT19

Score: 5.39
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1218.010 - Regsvr32
  • T1189 - Drive-by Compromise
MITREへのリンク →

Malteiro

Score: 3.40
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1657 - Financial Theft
MITREへのリンク →

SideCopy

Score: 4.50
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1598.002 - Spearphishing Attachment
MITREへのリンク →

Andariel

Score: 6.59
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1588.001 - Malware
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

APT37

Score: 4.13
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

IndigoZebra

Score: 5.55
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1583.006 - Web Services
MITREへのリンク →

APT38

Score: 4.00
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

DarkHydrus

Score: 8.16
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1187 - Forced Authentication
  • T1221 - Template Injection
MITREへのリンク →

HEXANE

Score: 11.10
Matched TTPs:
  • T1586.002 - Email Accounts
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1534 - Internal Spearphishing
MITREへのリンク →

LAPSUS$

Score: 26.23
Matched TTPs:
  • T1586.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1598.004 - Spearphishing Voice
  • T1588.001 - Malware
  • T1204 - User Execution
  • T1621 - Multi-Factor Authentication Request Generation
  • T1589.001 - Credentials
  • T1656 - Impersonation
MITREへのリンク →

Ember Bear

Score: 7.80
Matched TTPs:
  • T1195 - Supply Chain Compromise
  • T1588.001 - Malware
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

MoustachedBouncer

Score: 4.54
Matched TTPs:
  • T1659 - Content Injection
MITREへのリンク →

SilverTerrier

Score: 5.81
Matched TTPs:
  • T1071.003 - Mail Protocols
  • T1657 - Financial Theft
MITREへのリンク →

Medusa Group

Score: 11.36
Matched TTPs:
  • T1585.002 - Email Accounts
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1218.014 - MMC
MITREへのリンク →

HAFNIUM

Score: 9.87
Matched TTPs:
  • T1589.002 - Email Addresses
  • T1583.006 - Web Services
  • T1114.002 - Remote Email Collection
  • T1078.003 - Local Accounts
MITREへのリンク →

UNC3886

Score: 3.95
Matched TTPs:
  • T1588.001 - Malware
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

INC Ransom

Score: 5.81
Matched TTPs:
  • T1657 - Financial Theft
  • T1566 - Phishing
MITREへのリンク →

FIN13

Score: 7.06
Matched TTPs:
  • T1657 - Financial Theft
  • T1556 - Modify Authentication Process
MITREへのリンク →

Storm-0501

Score: 9.40
Matched TTPs:
  • T1657 - Financial Theft
  • T1218.010 - Regsvr32
  • T1556.009 - Conditional Access Policies
MITREへのリンク →

AppleJeus

Score: 5.81
Matched TTPs:
  • T1657 - Financial Theft
  • T1566 - Phishing
MITREへのリンク →

Play

Score: 5.19
Matched TTPs:
  • T1657 - Financial Theft
  • T1078.003 - Local Accounts
MITREへのリンク →

TA578

Score: 3.37
Matched TTPs:
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

Sea Turtle

Score: 7.44
Matched TTPs:
  • T1566 - Phishing
  • T1203 - Exploitation for Client Execution
  • T1078.003 - Local Accounts
MITREへのリンク →

Axiom

Score: 6.54
Matched TTPs:
  • T1566 - Phishing
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

GOLD SOUTHFIELD

Score: 3.29
Matched TTPs:
  • T1566 - Phishing
MITREへのリンク →

Chimera

Score: 6.11
Matched TTPs:
  • T1114.002 - Remote Email Collection
  • T1589.001 - Credentials
MITREへのリンク →

Leafminer

Score: 4.43
Matched TTPs:
  • T1114.002 - Remote Email Collection
  • T1189 - Drive-by Compromise
MITREへのリンク →

Stealth Falcon

Score: 3.62
Matched TTPs:
  • T1555.004 - Windows Credential Manager
MITREへのリンク →

Dark Caracal

Score: 4.29
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Daggerfly

Score: 3.13
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

PROMETHIUM

Score: 4.43
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1078.003 - Local Accounts
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.76
Matched TTPs:
  • T1071.003 - Mail Protocols
  • T1566.002 - Spearphishing Link
  • T1589.002 - Email Addresses
  • T1114.002 - Remote Email Collection
  • T1204.001 - Malicious Link
  • T1586.002 - Email Accounts
  • T1534 - Internal Spearphishing
  • T1585.002 - Email Accounts
  • T1589.003 - Employee Names
  • T1218.010 - Regsvr32
  • T1656 - Impersonation
  • T1566.001 - Spearphishing Attachment
  • T1583.006 - Web Services
  • T1598 - Phishing for Information
  • T1657 - Financial Theft
  • T1078.003 - Local Accounts
  • T1598.003 - Spearphishing Link
  • T1566 - Phishing
MITREへのリンク →

APT28

Score: 0.71
Matched TTPs:
  • T1071.003 - Mail Protocols
  • T1114.002 - Remote Email Collection
  • T1204.001 - Malicious Link
  • T1586.002 - Email Accounts
  • T1203 - Exploitation for Client Execution
  • T1137.002 - Office Test
  • T1669 - Wi-Fi Networks
  • T1189 - Drive-by Compromise
  • T1589.001 - Credentials
  • T1566.001 - Spearphishing Attachment
  • T1583.006 - Web Services
  • T1598 - Phishing for Information
  • T1584.008 - Network Devices
  • T1221 - Template Injection
  • T1598.003 - Spearphishing Link
MITREへのリンク →

Scattered Spider

Score: 0.62
Matched TTPs:
  • T1598.004 - Spearphishing Voice
  • T1204 - User Execution
  • T1556.009 - Conditional Access Policies
  • T1621 - Multi-Factor Authentication Request Generation
  • T1656 - Impersonation
  • T1588.001 - Malware
  • T1564.008 - Email Hiding Rules
  • T1657 - Financial Theft
  • T1598.003 - Spearphishing Link
  • T1598 - Phishing for Information
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る