Trusted Design

The HookAds Malvertising Campaign

概要

Not long ago we wrote about a new piece of malware called 'Trick Bot' which we caught in a malvertising attack via a high trafficked adult website. In the meantime, we uncovered another malvertising campaign that started at least in mid-August, and which leverages decoy adult portals to spread malware. Internally, we call it the HookAds campaign based on a string found within the delivery URL. What's interesting in this specific attack chain is the use of adult sites injected with new rogue ad domains that change quite frequently. However, upstream traffic to those adult sites also shows a pattern of malvertising via the usual suspects. In this post, we take a look at the distribution channel and the rogue infrastructure behind HookAds.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Kimsuky

Score: 60.54
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1594 - Search Victim-Owned Websites
  • T1176.001 - Browser Extensions
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1040 - Network Sniffing
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1055 - Process Injection
  • T1593.002 - Search Engines
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1041 - Exfiltration Over C2 Channel
  • T1534 - Internal Spearphishing
  • T1593 - Search Open Websites/Domains
  • T1566 - Phishing
  • T1218.010 - Regsvr32
  • T1593.001 - Social Media
  • T1102.002 - Bidirectional Communication
  • T1102.001 - Dead Drop Resolver
  • T1584.001 - Domains
MITREへのリンク →

Sea Turtle

Score: 11.97
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1583.001 - Domains
  • T1566 - Phishing
  • T1584.002 - DNS Server
MITREへのリンク →

Ember Bear

Score: 13.47
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1491.002 - External Defacement
  • T1195 - Supply Chain Compromise
  • T1588.001 - Malware
MITREへのリンク →

Indrik Spider

Score: 3.03
Matched TTPs:
  • T1583 - Acquire Infrastructure
MITREへのリンク →

Agrius

Score: 5.01
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

Contagious Interview

Score: 25.03
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1090 - Proxy
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1041 - Exfiltration Over C2 Channel
  • T1593 - Search Open Websites/Domains
  • T1593.001 - Social Media
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Sandworm Team

Score: 53.10
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1491.002 - External Defacement
  • T1594 - Search Victim-Owned Websites
  • T1586.001 - Social Media Accounts
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1040 - Network Sniffing
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1583.001 - Domains
  • T1591.002 - Business Relationships
  • T1090 - Proxy
  • T1584.005 - Botnet
  • T1041 - Exfiltration Over C2 Channel
  • T1593 - Search Open Websites/Domains
  • T1592.002 - Software
  • T1195.002 - Compromise Software Supply Chain
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

Star Blizzard

Score: 12.27
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1593 - Search Open Websites/Domains
MITREへのリンク →

Volt Typhoon

Score: 32.24
Matched TTPs:
  • T1592 - Gather Victim Host Information
  • T1016.001 - Internet Connection Discovery
  • T1584.008 - Network Devices
  • T1594 - Search Victim-Owned Websites
  • T1217 - Browser Information Discovery
  • T1090 - Proxy
  • T1584.005 - Botnet
  • T1593 - Search Open Websites/Domains
  • T1124 - System Time Discovery
  • T1090.001 - Internal Proxy
MITREへのリンク →

APT41

Score: 19.28
Matched TTPs:
  • T1568.002 - Domain Generation Algorithms
  • T1055 - Process Injection
  • T1090 - Proxy
  • T1195.002 - Compromise Software Supply Chain
  • T1595.003 - Wordlist Scanning
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

TA551

Score: 6.88
Matched TTPs:
  • T1568.002 - Domain Generation Algorithms
  • T1218.010 - Regsvr32
MITREへのリンク →

Magic Hound

Score: 29.96
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1583.001 - Domains
  • T1090 - Proxy
  • T1583.006 - Web Services
  • T1592.002 - Software
  • T1102.002 - Bidirectional Communication
  • T1036.010 - Masquerade Account Name
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
  • T1584.001 - Domains
MITREへのリンク →

HEXANE

Score: 12.26
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1534 - Internal Spearphishing
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

APT29

Score: 12.86
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1566.002 - Spearphishing Link
  • T1583.006 - Web Services
  • T1665 - Hide Infrastructure
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Gamaredon Group

Score: 25.17
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1055 - Process Injection
  • T1090 - Proxy
  • T1583.006 - Web Services
  • T1041 - Exfiltration Over C2 Channel
  • T1102.003 - One-Way Communication
  • T1534 - Internal Spearphishing
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

TA2541

Score: 14.61
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1055 - Process Injection
  • T1588.001 - Malware
  • T1583.006 - Web Services
MITREへのリンク →

Lotus Blossom

Score: 5.67
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1090.001 - Internal Proxy
MITREへのリンク →

FIN13

Score: 8.20
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1657 - Financial Theft
  • T1090.001 - Internal Proxy
MITREへのリンク →

HAFNIUM

Score: 16.76
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1583.005 - Botnet
  • T1592.004 - Client Configurations
  • T1584.005 - Botnet
  • T1583.006 - Web Services
MITREへのリンク →

Turla

Score: 26.77
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1566.002 - Spearphishing Link
  • T1055 - Process Injection
  • T1090 - Proxy
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1584.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1189 - Drive-by Compromise
  • T1124 - System Time Discovery
  • T1090.001 - Internal Proxy
MITREへのリンク →

FIN8

Score: 4.19
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1566.002 - Spearphishing Link
MITREへのリンク →

APT28

Score: 16.81
Matched TTPs:
  • T1584.008 - Network Devices
  • T1598.003 - Spearphishing Link
  • T1040 - Network Sniffing
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1189 - Drive-by Compromise
MITREへのリンク →

ZIRCONIUM

Score: 22.15
Matched TTPs:
  • T1584.008 - Network Devices
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1041 - Exfiltration Over C2 Channel
  • T1102.002 - Bidirectional Communication
  • T1665 - Hide Infrastructure
  • T1124 - System Time Discovery
MITREへのリンク →

Leviathan

Score: 24.96
Matched TTPs:
  • T1584.008 - Network Devices
  • T1586.001 - Social Media Accounts
  • T1566.002 - Spearphishing Link
  • T1583.001 - Domains
  • T1041 - Exfiltration Over C2 Channel
  • T1102.003 - One-Way Communication
  • T1534 - Internal Spearphishing
  • T1218.010 - Regsvr32
  • T1189 - Drive-by Compromise
MITREへのリンク →

Mustard Tempest

Score: 20.58
Matched TTPs:
  • T1583.008 - Malvertising
  • T1566.002 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1189 - Drive-by Compromise
  • T1608.006 - SEO Poisoning
  • T1584.001 - Domains
MITREへのリンク →

Silent Librarian

Score: 7.26
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1598.003 - Spearphishing Link
  • T1583.001 - Domains
MITREへのリンク →

EXOTIC LILY

Score: 14.59
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1593.001 - Social Media
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

TA578

Score: 5.30
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1583.006 - Web Services
MITREへのリンク →

MuddyWater

Score: 7.83
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1583.006 - Web Services
  • T1041 - Exfiltration Over C2 Channel
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

LuminousMoth

Score: 10.89
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

Confucius

Score: 5.43
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1583.006 - Web Services
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

Sidewinder

Score: 6.50
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1124 - System Time Discovery
MITREへのリンク →

Elderwood

Score: 3.21
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1189 - Drive-by Compromise
MITREへのリンク →

Machete

Score: 3.21
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1189 - Drive-by Compromise
MITREへのリンク →

FIN7

Score: 17.90
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1195.002 - Compromise Software Supply Chain
  • T1102.002 - Bidirectional Communication
  • T1124 - System Time Discovery
MITREへのリンク →

Transparent Tribe

Score: 11.05
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1583.001 - Domains
  • T1189 - Drive-by Compromise
  • T1584.001 - Domains
MITREへのリンク →

Mustang Panda

Score: 23.34
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1608 - Stage Capabilities
  • T1583.006 - Web Services
  • T1041 - Exfiltration Over C2 Channel
  • T1593 - Search Open Websites/Domains
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

APT32

Score: 21.39
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1055 - Process Injection
  • T1583.006 - Web Services
  • T1041 - Exfiltration Over C2 Channel
  • T1218.010 - Regsvr32
  • T1189 - Drive-by Compromise
MITREへのリンク →

APT3

Score: 7.04
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1041 - Exfiltration Over C2 Channel
  • T1036.010 - Masquerade Account Name
MITREへのリンク →

APT1

Score: 8.71
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1583.001 - Domains
  • T1588.001 - Malware
  • T1584.001 - Domains
MITREへのリンク →

Lazarus Group

Score: 23.29
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1041 - Exfiltration Over C2 Channel
  • T1102.002 - Bidirectional Communication
  • T1189 - Drive-by Compromise
  • T1027.007 - Dynamic API Resolution
  • T1124 - System Time Discovery
  • T1566.003 - Spearphishing via Service
  • T1090.001 - Internal Proxy
MITREへのリンク →

APT33

Score: 4.48
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1040 - Network Sniffing
MITREへのリンク →

OilRig

Score: 11.31
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1583.001 - Domains
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Windshift

Score: 5.74
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Cobalt Group

Score: 9.58
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1055 - Process Injection
  • T1218.010 - Regsvr32
  • T1195.002 - Compromise Software Supply Chain
MITREへのリンク →

Earth Lusca

Score: 17.14
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1090 - Proxy
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
MITREへのリンク →

Storm-1811

Score: 9.11
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1583.001 - Domains
  • T1036.010 - Masquerade Account Name
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Wizard Spider

Score: 5.88
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1055 - Process Injection
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

Patchwork

Score: 8.96
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1189 - Drive-by Compromise
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

TA505

Score: 7.40
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1588.001 - Malware
MITREへのリンク →

LazyScripter

Score: 9.41
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1588.001 - Malware
  • T1583.006 - Web Services
MITREへのリンク →

APT42

Score: 4.94
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
MITREへのリンク →

APT39

Score: 8.75
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1041 - Exfiltration Over C2 Channel
  • T1102.002 - Bidirectional Communication
  • T1090.001 - Internal Proxy
MITREへのリンク →

Scattered Spider

Score: 20.69
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1583.001 - Domains
  • T1217 - Browser Information Discovery
  • T1090 - Proxy
  • T1588.001 - Malware
  • T1657 - Financial Theft
  • T1041 - Exfiltration Over C2 Channel
  • T1578.002 - Create Cloud Instance
MITREへのリンク →

Moonstone Sleet

Score: 14.69
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1217 - Browser Information Discovery
  • T1195.002 - Compromise Software Supply Chain
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

CURIUM

Score: 19.49
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1583.001 - Domains
  • T1041 - Exfiltration Over C2 Channel
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1124 - System Time Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Dragonfly

Score: 19.17
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1583.001 - Domains
  • T1591.002 - Business Relationships
  • T1195.002 - Compromise Software Supply Chain
  • T1036.010 - Masquerade Account Name
  • T1189 - Drive-by Compromise
MITREへのリンク →

APT5

Score: 6.30
Matched TTPs:
  • T1583.005 - Botnet
  • T1055 - Process Injection
MITREへのリンク →

Ke3chang

Score: 5.82
Matched TTPs:
  • T1583.005 - Botnet
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

Threat Group-3390

Score: 11.22
Matched TTPs:
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1195.002 - Compromise Software Supply Chain
  • T1189 - Drive-by Compromise
MITREへのリンク →

Velvet Ant

Score: 8.42
Matched TTPs:
  • T1040 - Network Sniffing
  • T1055 - Process Injection
  • T1090.001 - Internal Proxy
MITREへのリンク →

Salt Typhoon

Score: 3.03
Matched TTPs:
  • T1040 - Network Sniffing
MITREへのリンク →

UNC3886

Score: 8.08
Matched TTPs:
  • T1040 - Network Sniffing
  • T1588.001 - Malware
  • T1124 - System Time Discovery
MITREへのリンク →

DarkVishnya

Score: 3.03
Matched TTPs:
  • T1040 - Network Sniffing
MITREへのリンク →

TeamTNT

Score: 3.49
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
MITREへのリンク →

SideCopy

Score: 5.26
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1584.001 - Domains
MITREへのリンク →

BlackByte

Score: 6.40
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1055 - Process Injection
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

BITTER

Score: 3.49
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
MITREへのリンク →

Saint Bear

Score: 3.99
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
MITREへのリンク →

IndigoZebra

Score: 3.53
Matched TTPs:
  • T1583.001 - Domains
  • T1583.006 - Web Services
MITREへのリンク →

APT38

Score: 9.03
Matched TTPs:
  • T1583.001 - Domains
  • T1055 - Process Injection
  • T1217 - Browser Information Discovery
  • T1189 - Drive-by Compromise
MITREへのリンク →

Winter Vivern

Score: 13.42
Matched TTPs:
  • T1583.001 - Domains
  • T1056.003 - Web Portal Capture
  • T1041 - Exfiltration Over C2 Channel
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
MITREへのリンク →

MoustachedBouncer

Score: 6.88
Matched TTPs:
  • T1659 - Content Injection
  • T1090 - Proxy
MITREへのリンク →

APT37

Score: 6.62
Matched TTPs:
  • T1055 - Process Injection
  • T1102.002 - Bidirectional Communication
  • T1189 - Drive-by Compromise
MITREへのリンク →

PLATINUM

Score: 4.22
Matched TTPs:
  • T1055 - Process Injection
  • T1189 - Drive-by Compromise
MITREへのリンク →

Fox Kitten

Score: 5.63
Matched TTPs:
  • T1217 - Browser Information Discovery
  • T1090 - Proxy
MITREへのリンク →

Chimera

Score: 7.85
Matched TTPs:
  • T1217 - Browser Information Discovery
  • T1041 - Exfiltration Over C2 Channel
  • T1124 - System Time Discovery
MITREへのリンク →

LAPSUS$

Score: 16.91
Matched TTPs:
  • T1591.002 - Business Relationships
  • T1090 - Proxy
  • T1588.001 - Malware
  • T1584.002 - DNS Server
  • T1578.002 - Create Cloud Instance
MITREへのリンク →

Blue Mockingbird

Score: 5.09
Matched TTPs:
  • T1090 - Proxy
  • T1218.010 - Regsvr32
MITREへのリンク →

Cinnamon Tempest

Score: 4.86
Matched TTPs:
  • T1090 - Proxy
  • T1657 - Financial Theft
MITREへのリンク →

Windigo

Score: 4.11
Matched TTPs:
  • T1090 - Proxy
  • T1189 - Drive-by Compromise
MITREへのリンク →

POLONIUM

Score: 6.75
Matched TTPs:
  • T1090 - Proxy
  • T1583.006 - Web Services
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

Andariel

Score: 8.07
Matched TTPs:
  • T1588.001 - Malware
  • T1592.002 - Software
  • T1189 - Drive-by Compromise
MITREへのリンク →

Axiom

Score: 8.67
Matched TTPs:
  • T1584.005 - Botnet
  • T1566 - Phishing
  • T1189 - Drive-by Compromise
MITREへのリンク →

INC Ransom

Score: 5.81
Matched TTPs:
  • T1657 - Financial Theft
  • T1566 - Phishing
MITREへのリンク →

Storm-0501

Score: 5.27
Matched TTPs:
  • T1657 - Financial Theft
  • T1218.010 - Regsvr32
MITREへのリンク →

AppleJeus

Score: 5.81
Matched TTPs:
  • T1657 - Financial Theft
  • T1566 - Phishing
MITREへのリンク →

Medusa Group

Score: 9.07
Matched TTPs:
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1650 - Acquire Access
MITREへのリンク →

Higaisa

Score: 7.49
Matched TTPs:
  • T1041 - Exfiltration Over C2 Channel
  • T1124 - System Time Discovery
  • T1090.001 - Internal Proxy
MITREへのリンク →

GOLD SOUTHFIELD

Score: 6.21
Matched TTPs:
  • T1566 - Phishing
  • T1195.002 - Compromise Software Supply Chain
MITREへのリンク →

APT19

Score: 4.51
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1189 - Drive-by Compromise
MITREへのリンク →

Daggerfly

Score: 4.69
Matched TTPs:
  • T1195.002 - Compromise Software Supply Chain
  • T1189 - Drive-by Compromise
MITREへのリンク →

Volatile Cedar

Score: 4.13
Matched TTPs:
  • T1595.003 - Wordlist Scanning
MITREへのリンク →

RTM

Score: 5.05
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Darkhotel

Score: 4.36
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1124 - System Time Discovery
MITREへのリンク →

Dark Caracal

Score: 4.29
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

BRONZE BUTLER

Score: 7.64
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1124 - System Time Discovery
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Rocke

Score: 3.29
Matched TTPs:
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.78
Matched TTPs:
  • T1593.002 - Search Engines
  • T1583.001 - Domains
  • T1041 - Exfiltration Over C2 Channel
  • T1534 - Internal Spearphishing
  • T1594 - Search Victim-Owned Websites
  • T1583.006 - Web Services
  • T1102.001 - Dead Drop Resolver
  • T1566.002 - Spearphishing Link
  • T1566 - Phishing
  • T1608.001 - Upload Malware
  • T1040 - Network Sniffing
  • T1584.001 - Domains
  • T1583 - Acquire Infrastructure
  • T1657 - Financial Theft
  • T1593.001 - Social Media
  • T1102.002 - Bidirectional Communication
  • T1176.001 - Browser Extensions
  • T1055 - Process Injection
  • T1598.003 - Spearphishing Link
  • T1593 - Search Open Websites/Domains
  • T1218.010 - Regsvr32
MITREへのリンク →

Sandworm Team

Score: 0.72
Matched TTPs:
  • T1491.002 - External Defacement
  • T1195 - Supply Chain Compromise
  • T1566.002 - Spearphishing Link
  • T1583.001 - Domains
  • T1608.001 - Upload Malware
  • T1040 - Network Sniffing
  • T1041 - Exfiltration Over C2 Channel
  • T1102.002 - Bidirectional Communication
  • T1090 - Proxy
  • T1592.002 - Software
  • T1195.002 - Compromise Software Supply Chain
  • T1586.001 - Social Media Accounts
  • T1598.003 - Spearphishing Link
  • T1593 - Search Open Websites/Domains
  • T1594 - Search Victim-Owned Websites
  • T1591.002 - Business Relationships
  • T1583 - Acquire Infrastructure
  • T1584.005 - Botnet
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る