Trusted Design

The HookAds Malvertising Campaign

概要

Not long ago we wrote about a new piece of malware called 'Trick Bot' which we caught in a malvertising attack via a high trafficked adult website. In the meantime, we uncovered another malvertising campaign that started at least in mid-August, and which leverages decoy adult portals to spread malware. Internally, we call it the HookAds campaign based on a string found within the delivery URL. What's interesting in this specific attack chain is the use of adult sites injected with new rogue ad domains that change quite frequently. However, upstream traffic to those adult sites also shows a pattern of malvertising via the usual suspects. In this post, we take a look at the distribution channel and the rogue infrastructure behind HookAds.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Kimsuky

Score: 60.54
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1114 - Email Collection
  • T1213.006 - Databases
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1583.005 - Botnet
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1684 - Social Engineering
  • T1683.001 - Written Content
  • T1552.003 - Shell History
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
  • T1055.014 - VDSO Hijacking
  • T1102.003 - One-Way Communication
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1027.014 - Polymorphic Code
  • T1690 - Prevent Command History Logging
  • T1547.002 - Authentication Package
  • T1008 - Fallback Channels
  • T1053.002 - At
MITREへのリンク →

Sea Turtle

Score: 11.97
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1098.007 - Additional Local or Domain Groups
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1137.004 - Outlook Home Page
MITREへのリンク →

Ember Bear

Score: 13.47
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1564.008 - Email Hiding Rules
  • T1005 - Data from Local System
  • T1136.002 - Domain Account
MITREへのリンク →

Indrik Spider

Score: 3.03
Matched TTPs:
  • T1033 - System Owner/User Discovery
MITREへのリンク →

Agrius

Score: 5.01
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1087.004 - Cloud Account
MITREへのリンク →

Contagious Interview

Score: 25.03
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1045 - Software Packing
  • T1552.003 - Shell History
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
  • T1102.003 - One-Way Communication
  • T1690 - Prevent Command History Logging
  • T1547.008 - LSASS Driver
MITREへのリンク →

Sandworm Team

Score: 53.10
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1564.008 - Email Hiding Rules
  • T1114 - Email Collection
  • T1484.002 - Trust Modification
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1583.005 - Botnet
  • T1091 - Replication Through Removable Media
  • T1005 - Data from Local System
  • T1098.007 - Additional Local or Domain Groups
  • T1193 - Spearphishing Attachment
  • T1045 - Software Packing
  • T1049 - System Network Connections Discovery
  • T1087.004 - Cloud Account
  • T1102.003 - One-Way Communication
  • T1187 - Forced Authentication
  • T1573 - Encrypted Channel
  • T1547.002 - Authentication Package
MITREへのリンク →

Star Blizzard

Score: 12.27
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1566.002 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1102.003 - One-Way Communication
MITREへのリンク →

Volt Typhoon

Score: 32.24
Matched TTPs:
  • T1148 - HISTCONTROL
  • T1099 - Timestomp
  • T1685.001 - Disable or Modify Windows Event Log
  • T1114 - Email Collection
  • T1491 - Defacement
  • T1045 - Software Packing
  • T1049 - System Network Connections Discovery
  • T1102.003 - One-Way Communication
  • T1578.001 - Create Snapshot
  • T1569.002 - Service Execution
MITREへのリンク →

APT41

Score: 19.28
Matched TTPs:
  • T1539 - Steal Web Session Cookie
  • T1684 - Social Engineering
  • T1045 - Software Packing
  • T1573 - Encrypted Channel
  • T1002 - Data Compressed
  • T1008 - Fallback Channels
MITREへのリンク →

TA551

Score: 6.88
Matched TTPs:
  • T1539 - Steal Web Session Cookie
  • T1027.014 - Polymorphic Code
MITREへのリンク →

Magic Hound

Score: 29.96
Matched TTPs:
  • T1099 - Timestomp
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1098.007 - Additional Local or Domain Groups
  • T1045 - Software Packing
  • T1608.005 - Link Target
  • T1187 - Forced Authentication
  • T1547.002 - Authentication Package
  • T1578.002 - Create Cloud Instance
  • T1059.012 - Hypervisor CLI
  • T1547.008 - LSASS Driver
  • T1053.002 - At
MITREへのリンク →

HEXANE

Score: 12.26
Matched TTPs:
  • T1099 - Timestomp
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1055.014 - VDSO Hijacking
  • T1547.002 - Authentication Package
MITREへのリンク →

APT29

Score: 12.86
Matched TTPs:
  • T1099 - Timestomp
  • T1543.003 - Windows Service
  • T1608.005 - Link Target
  • T1608.006 - SEO Poisoning
  • T1547.008 - LSASS Driver
MITREへのリンク →

Gamaredon Group

Score: 25.17
Matched TTPs:
  • T1099 - Timestomp
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1684 - Social Engineering
  • T1045 - Software Packing
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
  • T1554 - Compromise Host Software Binary
  • T1055.014 - VDSO Hijacking
  • T1547.002 - Authentication Package
MITREへのリンク →

TA2541

Score: 14.61
Matched TTPs:
  • T1099 - Timestomp
  • T1543.003 - Windows Service
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1684 - Social Engineering
  • T1136.002 - Domain Account
  • T1608.005 - Link Target
MITREへのリンク →

Lotus Blossom

Score: 5.67
Matched TTPs:
  • T1099 - Timestomp
  • T1569.002 - Service Execution
MITREへのリンク →

FIN13

Score: 8.20
Matched TTPs:
  • T1099 - Timestomp
  • T1552.003 - Shell History
  • T1569.002 - Service Execution
MITREへのリンク →

HAFNIUM

Score: 16.76
Matched TTPs:
  • T1099 - Timestomp
  • T1027.008 - Stripped Payloads
  • T1059 - Command and Scripting Interpreter
  • T1049 - System Network Connections Discovery
  • T1608.005 - Link Target
MITREへのリンク →

Turla

Score: 26.77
Matched TTPs:
  • T1099 - Timestomp
  • T1543.003 - Windows Service
  • T1684 - Social Engineering
  • T1045 - Software Packing
  • T1136.002 - Domain Account
  • T1608.005 - Link Target
  • T1218.001 - Compiled HTML File
  • T1547.002 - Authentication Package
  • T1059.012 - Hypervisor CLI
  • T1578.001 - Create Snapshot
  • T1569.002 - Service Execution
MITREへのリンク →

FIN8

Score: 4.19
Matched TTPs:
  • T1099 - Timestomp
  • T1543.003 - Windows Service
MITREへのリンク →

APT28

Score: 16.81
Matched TTPs:
  • T1685.001 - Disable or Modify Windows Event Log
  • T1566.002 - Spearphishing Link
  • T1583.005 - Botnet
  • T1098.007 - Additional Local or Domain Groups
  • T1608.005 - Link Target
  • T1547.002 - Authentication Package
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

ZIRCONIUM

Score: 22.15
Matched TTPs:
  • T1685.001 - Disable or Modify Windows Event Log
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1098.007 - Additional Local or Domain Groups
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
  • T1547.002 - Authentication Package
  • T1608.006 - SEO Poisoning
  • T1578.001 - Create Snapshot
MITREへのリンク →

Leviathan

Score: 24.96
Matched TTPs:
  • T1685.001 - Disable or Modify Windows Event Log
  • T1484.002 - Trust Modification
  • T1543.003 - Windows Service
  • T1098.007 - Additional Local or Domain Groups
  • T1087.004 - Cloud Account
  • T1554 - Compromise Host Software Binary
  • T1055.014 - VDSO Hijacking
  • T1027.014 - Polymorphic Code
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Mustard Tempest

Score: 20.58
Matched TTPs:
  • T1682 - Query Public AI Services
  • T1543.003 - Windows Service
  • T1115 - Clipboard Data
  • T1091 - Replication Through Removable Media
  • T1059.012 - Hypervisor CLI
  • T1543.002 - Systemd Service
  • T1053.002 - At
MITREへのリンク →

Silent Librarian

Score: 7.26
Matched TTPs:
  • T1114 - Email Collection
  • T1566.002 - Spearphishing Link
  • T1098.007 - Additional Local or Domain Groups
MITREへのリンク →

EXOTIC LILY

Score: 14.59
Matched TTPs:
  • T1114 - Email Collection
  • T1543.003 - Windows Service
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1690 - Prevent Command History Logging
  • T1547.008 - LSASS Driver
MITREへのリンク →

TA578

Score: 5.30
Matched TTPs:
  • T1114 - Email Collection
  • T1608.005 - Link Target
MITREへのリンク →

MuddyWater

Score: 7.83
Matched TTPs:
  • T1543.003 - Windows Service
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
  • T1547.002 - Authentication Package
MITREへのリンク →

LuminousMoth

Score: 10.89
Matched TTPs:
  • T1543.003 - Windows Service
  • T1115 - Clipboard Data
  • T1091 - Replication Through Removable Media
  • T1136.002 - Domain Account
  • T1087.004 - Cloud Account
MITREへのリンク →

Confucius

Score: 5.43
Matched TTPs:
  • T1543.003 - Windows Service
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
MITREへのリンク →

Sidewinder

Score: 6.50
Matched TTPs:
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1578.001 - Create Snapshot
MITREへのリンク →

Elderwood

Score: 3.21
Matched TTPs:
  • T1543.003 - Windows Service
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Machete

Score: 3.21
Matched TTPs:
  • T1543.003 - Windows Service
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

FIN7

Score: 17.90
Matched TTPs:
  • T1543.003 - Windows Service
  • T1115 - Clipboard Data
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1608.005 - Link Target
  • T1573 - Encrypted Channel
  • T1547.002 - Authentication Package
  • T1578.001 - Create Snapshot
MITREへのリンク →

Transparent Tribe

Score: 11.05
Matched TTPs:
  • T1543.003 - Windows Service
  • T1115 - Clipboard Data
  • T1098.007 - Additional Local or Domain Groups
  • T1059.012 - Hypervisor CLI
  • T1053.002 - At
MITREへのリンク →

Mustang Panda

Score: 23.34
Matched TTPs:
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1569.001 - Launchctl
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
  • T1102.003 - One-Way Communication
  • T1055.005 - Thread Local Storage
MITREへのリンク →

APT32

Score: 21.39
Matched TTPs:
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1115 - Clipboard Data
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1684 - Social Engineering
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
  • T1027.014 - Polymorphic Code
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

APT3

Score: 7.04
Matched TTPs:
  • T1543.003 - Windows Service
  • T1087.004 - Cloud Account
  • T1578.002 - Create Cloud Instance
MITREへのリンク →

APT1

Score: 8.71
Matched TTPs:
  • T1543.003 - Windows Service
  • T1098.007 - Additional Local or Domain Groups
  • T1136.002 - Domain Account
  • T1053.002 - At
MITREへのリンク →

Lazarus Group

Score: 23.29
Matched TTPs:
  • T1543.003 - Windows Service
  • T1098.007 - Additional Local or Domain Groups
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
  • T1547.002 - Authentication Package
  • T1059.012 - Hypervisor CLI
  • T1055.005 - Thread Local Storage
  • T1578.001 - Create Snapshot
  • T1547.008 - LSASS Driver
  • T1569.002 - Service Execution
MITREへのリンク →

APT33

Score: 4.48
Matched TTPs:
  • T1543.003 - Windows Service
  • T1583.005 - Botnet
MITREへのリンク →

OilRig

Score: 11.31
Matched TTPs:
  • T1543.003 - Windows Service
  • T1091 - Replication Through Removable Media
  • T1005 - Data from Local System
  • T1098.007 - Additional Local or Domain Groups
  • T1547.008 - LSASS Driver
MITREへのリンク →

Windshift

Score: 5.74
Matched TTPs:
  • T1543.003 - Windows Service
  • T1059.012 - Hypervisor CLI
  • T1547.008 - LSASS Driver
MITREへのリンク →

Cobalt Group

Score: 9.58
Matched TTPs:
  • T1543.003 - Windows Service
  • T1684 - Social Engineering
  • T1027.014 - Polymorphic Code
  • T1573 - Encrypted Channel
MITREへのリンク →

Earth Lusca

Score: 17.14
Matched TTPs:
  • T1543.003 - Windows Service
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1045 - Software Packing
  • T1136.002 - Domain Account
  • T1608.005 - Link Target
  • T1218.001 - Compiled HTML File
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Storm-1811

Score: 9.11
Matched TTPs:
  • T1543.003 - Windows Service
  • T1098.007 - Additional Local or Domain Groups
  • T1578.002 - Create Cloud Instance
  • T1547.008 - LSASS Driver
MITREへのリンク →

Wizard Spider

Score: 5.88
Matched TTPs:
  • T1543.003 - Windows Service
  • T1684 - Social Engineering
  • T1087.004 - Cloud Account
MITREへのリンク →

Patchwork

Score: 8.96
Matched TTPs:
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1059.012 - Hypervisor CLI
  • T1008 - Fallback Channels
MITREへのリンク →

TA505

Score: 7.40
Matched TTPs:
  • T1543.003 - Windows Service
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1136.002 - Domain Account
MITREへのリンク →

LazyScripter

Score: 9.41
Matched TTPs:
  • T1543.003 - Windows Service
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1136.002 - Domain Account
  • T1608.005 - Link Target
MITREへのリンク →

APT42

Score: 4.94
Matched TTPs:
  • T1543.003 - Windows Service
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
MITREへのリンク →

APT39

Score: 8.75
Matched TTPs:
  • T1543.003 - Windows Service
  • T1087.004 - Cloud Account
  • T1547.002 - Authentication Package
  • T1569.002 - Service Execution
MITREへのリンク →

Scattered Spider

Score: 20.69
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1098.007 - Additional Local or Domain Groups
  • T1491 - Defacement
  • T1045 - Software Packing
  • T1136.002 - Domain Account
  • T1552.003 - Shell History
  • T1087.004 - Cloud Account
  • T1557.002 - ARP Cache Poisoning
MITREへのリンク →

Moonstone Sleet

Score: 14.69
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1491 - Defacement
  • T1573 - Encrypted Channel
  • T1547.008 - LSASS Driver
MITREへのリンク →

CURIUM

Score: 19.49
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1115 - Clipboard Data
  • T1098.007 - Additional Local or Domain Groups
  • T1087.004 - Cloud Account
  • T1218.001 - Compiled HTML File
  • T1059.012 - Hypervisor CLI
  • T1578.001 - Create Snapshot
  • T1547.008 - LSASS Driver
MITREへのリンク →

Dragonfly

Score: 19.17
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1115 - Clipboard Data
  • T1098.007 - Additional Local or Domain Groups
  • T1193 - Spearphishing Attachment
  • T1573 - Encrypted Channel
  • T1578.002 - Create Cloud Instance
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

APT5

Score: 6.30
Matched TTPs:
  • T1027.008 - Stripped Payloads
  • T1684 - Social Engineering
MITREへのリンク →

Ke3chang

Score: 5.82
Matched TTPs:
  • T1027.008 - Stripped Payloads
  • T1087.004 - Cloud Account
MITREへのリンク →

Threat Group-3390

Score: 11.22
Matched TTPs:
  • T1115 - Clipboard Data
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1573 - Encrypted Channel
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Velvet Ant

Score: 8.42
Matched TTPs:
  • T1583.005 - Botnet
  • T1684 - Social Engineering
  • T1569.002 - Service Execution
MITREへのリンク →

Salt Typhoon

Score: 3.03
Matched TTPs:
  • T1583.005 - Botnet
MITREへのリンク →

UNC3886

Score: 8.08
Matched TTPs:
  • T1583.005 - Botnet
  • T1136.002 - Domain Account
  • T1578.001 - Create Snapshot
MITREへのリンク →

DarkVishnya

Score: 3.03
Matched TTPs:
  • T1583.005 - Botnet
MITREへのリンク →

TeamTNT

Score: 3.49
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
MITREへのリンク →

SideCopy

Score: 5.26
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1053.002 - At
MITREへのリンク →

BlackByte

Score: 6.40
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1684 - Social Engineering
  • T1087.004 - Cloud Account
MITREへのリンク →

BITTER

Score: 3.49
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
MITREへのリンク →

Saint Bear

Score: 3.99
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1608.005 - Link Target
MITREへのリンク →

IndigoZebra

Score: 3.53
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1608.005 - Link Target
MITREへのリンク →

APT38

Score: 9.03
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1684 - Social Engineering
  • T1491 - Defacement
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Winter Vivern

Score: 13.42
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1548 - Abuse Elevation Control Mechanism
  • T1087.004 - Cloud Account
  • T1218.001 - Compiled HTML File
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

MoustachedBouncer

Score: 6.88
Matched TTPs:
  • T1055.003 - Thread Execution Hijacking
  • T1045 - Software Packing
MITREへのリンク →

APT37

Score: 6.62
Matched TTPs:
  • T1684 - Social Engineering
  • T1547.002 - Authentication Package
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

PLATINUM

Score: 4.22
Matched TTPs:
  • T1684 - Social Engineering
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Fox Kitten

Score: 5.63
Matched TTPs:
  • T1491 - Defacement
  • T1045 - Software Packing
MITREへのリンク →

Chimera

Score: 7.85
Matched TTPs:
  • T1491 - Defacement
  • T1087.004 - Cloud Account
  • T1578.001 - Create Snapshot
MITREへのリンク →

LAPSUS$

Score: 16.91
Matched TTPs:
  • T1193 - Spearphishing Attachment
  • T1045 - Software Packing
  • T1136.002 - Domain Account
  • T1137.004 - Outlook Home Page
  • T1557.002 - ARP Cache Poisoning
MITREへのリンク →

Blue Mockingbird

Score: 5.09
Matched TTPs:
  • T1045 - Software Packing
  • T1027.014 - Polymorphic Code
MITREへのリンク →

Cinnamon Tempest

Score: 4.86
Matched TTPs:
  • T1045 - Software Packing
  • T1552.003 - Shell History
MITREへのリンク →

Windigo

Score: 4.11
Matched TTPs:
  • T1045 - Software Packing
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

POLONIUM

Score: 6.75
Matched TTPs:
  • T1045 - Software Packing
  • T1608.005 - Link Target
  • T1547.002 - Authentication Package
MITREへのリンク →

Andariel

Score: 8.07
Matched TTPs:
  • T1136.002 - Domain Account
  • T1187 - Forced Authentication
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Axiom

Score: 8.67
Matched TTPs:
  • T1049 - System Network Connections Discovery
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

INC Ransom

Score: 5.81
Matched TTPs:
  • T1552.003 - Shell History
  • T1562.013 - Disable or Modify Network Device Firewall
MITREへのリンク →

Storm-0501

Score: 5.27
Matched TTPs:
  • T1552.003 - Shell History
  • T1027.014 - Polymorphic Code
MITREへのリンク →

AppleJeus

Score: 5.81
Matched TTPs:
  • T1552.003 - Shell History
  • T1562.013 - Disable or Modify Network Device Firewall
MITREへのリンク →

Medusa Group

Score: 9.07
Matched TTPs:
  • T1552.003 - Shell History
  • T1608.005 - Link Target
  • T1598 - Phishing for Information
MITREへのリンク →

Higaisa

Score: 7.49
Matched TTPs:
  • T1087.004 - Cloud Account
  • T1578.001 - Create Snapshot
  • T1569.002 - Service Execution
MITREへのリンク →

GOLD SOUTHFIELD

Score: 6.21
Matched TTPs:
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1573 - Encrypted Channel
MITREへのリンク →

APT19

Score: 4.51
Matched TTPs:
  • T1027.014 - Polymorphic Code
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Daggerfly

Score: 4.69
Matched TTPs:
  • T1573 - Encrypted Channel
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Volatile Cedar

Score: 4.13
Matched TTPs:
  • T1002 - Data Compressed
MITREへのリンク →

RTM

Score: 5.05
Matched TTPs:
  • T1059.012 - Hypervisor CLI
  • T1008 - Fallback Channels
MITREへのリンク →

Darkhotel

Score: 4.36
Matched TTPs:
  • T1059.012 - Hypervisor CLI
  • T1578.001 - Create Snapshot
MITREへのリンク →

Dark Caracal

Score: 4.29
Matched TTPs:
  • T1059.012 - Hypervisor CLI
  • T1547.008 - LSASS Driver
MITREへのリンク →

BRONZE BUTLER

Score: 7.64
Matched TTPs:
  • T1059.012 - Hypervisor CLI
  • T1578.001 - Create Snapshot
  • T1008 - Fallback Channels
MITREへのリンク →

Rocke

Score: 3.29
Matched TTPs:
  • T1008 - Fallback Channels
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.78
Matched TTPs:
  • T1114 - Email Collection
  • T1008 - Fallback Channels
  • T1684 - Social Engineering
  • T1608.005 - Link Target
  • T1102.003 - One-Way Communication
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1098.007 - Additional Local or Domain Groups
  • T1543.003 - Windows Service
  • T1683.001 - Written Content
  • T1033 - System Owner/User Discovery
  • T1552.003 - Shell History
  • T1053.002 - At
  • T1027.014 - Polymorphic Code
  • T1547.002 - Authentication Package
  • T1690 - Prevent Command History Logging
  • T1566.002 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1213.006 - Databases
  • T1055.014 - VDSO Hijacking
  • T1583.005 - Botnet
  • T1087.004 - Cloud Account
MITREへのリンク →

Sandworm Team

Score: 0.72
Matched TTPs:
  • T1114 - Email Collection
  • T1098.007 - Additional Local or Domain Groups
  • T1049 - System Network Connections Discovery
  • T1033 - System Owner/User Discovery
  • T1566.002 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1005 - Data from Local System
  • T1573 - Encrypted Channel
  • T1543.003 - Windows Service
  • T1193 - Spearphishing Attachment
  • T1484.002 - Trust Modification
  • T1564.008 - Email Hiding Rules
  • T1583.005 - Botnet
  • T1087.004 - Cloud Account
  • T1102.003 - One-Way Communication
  • T1547.002 - Authentication Package
  • T1045 - Software Packing
  • T1187 - Forced Authentication
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る