Trusted Design

Phishing Email Serving W97M/Dropper.cu via Office Doc with Macro

概要

A phishing email containing an embedded link that ultimately takes the victim to URL hxxp://emsanhdieu.vn/logs/download.php?id=aXRsb3BlekBicHByLmNvbQ0= which initiates a download of a rigged Office Doc. The Doc file contains malicious Macro design to infect a Windows host with a Dropper.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

Phishing - Ransomware - VBA Macro (score: 0.72)
Spam Delivering Malicious Word Document (score: 0.71)
Evoltin POS Malware Attacks via Macro (score: 0.71)
Attack on Critical Infrastructure Leverages Template Injection (score: 0.70)
W97M/Downloader: Macro-enabled Microsoft Word Trojan (score: 0.70)

このPulseに関連する脅威アクター (事実ベース)

Cobalt Group

Score: 8.71

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

FIN7

Score: 11.06

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1608.005 - Link Target
T1204.001 - Malicious Link

MITREへのリンク →

MuddyWater

Score: 13.25

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1137.001 - Office Template Macros
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

Sidewinder

Score: 14.79

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1598.002 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

APT28

Score: 20.85

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1204.002 - Malicious File
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1598 - Phishing for Information
T1221 - Template Injection
T1137.002 - Office Test
T1204.001 - Malicious Link

MITREへのリンク →

APT37

Score: 5.90

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution

MITREへのリンク →

Gallmaker

Score: 4.41

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment

MITREへのリンク →

Leviathan

Score: 11.86

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link
T1027.015 - Compression

MITREへのリンク →

BITTER

Score: 5.90

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution

MITREへのリンク →

TA505

Score: 7.22

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link

MITREへのリンク →

Patchwork

Score: 11.17

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

APT12

Score: 3.16

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution

MITREへのリンク →

Kimsuky

Score: 13.65

Matched TTPs:

T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1566 - Phishing
T1598 - Phishing for Information
T1204.001 - Malicious Link

MITREへのリンク →

Machete

Score: 4.47

Matched TTPs:

T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link

MITREへのリンク →

Elderwood

Score: 5.96

Matched TTPs:

T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

Transparent Tribe

Score: 5.96

Matched TTPs:

T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

Dragonfly

Score: 12.39

Matched TTPs:

T1204.002 - Malicious File
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1598.002 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1221 - Template Injection

MITREへのリンク →

Contagious Interview

Score: 6.69

Matched TTPs:

T1204.002 - Malicious File
T1204.004 - Malicious Copy and Paste
T1204.001 - Malicious Link

MITREへのリンク →

CURIUM

Score: 4.12

Matched TTPs:

T1204.002 - Malicious File
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment

MITREへのリンク →

Tropic Trooper

Score: 6.31

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1221 - Template Injection

MITREへのリンク →

RedCurl

Score: 4.47

Matched TTPs:

T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link

MITREへのリンク →

DarkHydrus

Score: 4.81

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1221 - Template Injection

MITREへのリンク →

FIN8

Score: 4.47

Matched TTPs:

T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link

MITREへのリンク →

Threat Group-3390

Score: 6.31

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1027.015 - Compression

MITREへのリンク →

LazyScripter

Score: 4.47

Matched TTPs:

T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link

MITREへのリンク →

APT39

Score: 4.47

Matched TTPs:

T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link

MITREへのリンク →

Star Blizzard

Score: 7.74

Matched TTPs:

T1204.002 - Malicious File
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1598.002 - Spearphishing Attachment

MITREへのリンク →

Higaisa

Score: 6.31

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1027.015 - Compression

MITREへのリンク →

Wizard Spider

Score: 4.47

Matched TTPs:

T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link

MITREへのリンク →

OilRig

Score: 10.50

Matched TTPs:

T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1137.004 - Outlook Home Page
T1204.001 - Malicious Link

MITREへのリンク →

Sandworm Team

Score: 8.42

Matched TTPs:

T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

Magic Hound

Score: 6.05

Matched TTPs:

T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1204.001 - Malicious Link

MITREへのリンク →

FIN4

Score: 4.47

Matched TTPs:

T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link

MITREへのリンク →

Inception

Score: 6.31

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1221 - Template Injection

MITREへのリンク →

EXOTIC LILY

Score: 5.96

Matched TTPs:

T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

Saint Bear

Score: 4.52

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

Lazarus Group

Score: 4.60

Matched TTPs:

T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution

MITREへのリンク →

TA459

Score: 3.16

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution

MITREへのリンク →

Moonstone Sleet

Score: 7.56

Matched TTPs:

T1204.002 - Malicious File
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1598 - Phishing for Information

MITREへのリンク →

TA2541

Score: 7.62

Matched TTPs:

T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link
T1027.015 - Compression

MITREへのリンク →

Earth Lusca

Score: 3.60

Matched TTPs:

T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1204.001 - Malicious Link

MITREへのリンク →

SideCopy

Score: 5.28

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1598.002 - Spearphishing Attachment

MITREへのリンク →

Mofang

Score: 7.62

Matched TTPs:

T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link
T1027.015 - Compression

MITREへのリンク →

Tonto Team

Score: 3.16

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution

MITREへのリンク →

Andariel

Score: 3.16

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution

MITREへのリンク →

BRONZE BUTLER

Score: 3.16

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution

MITREへのリンク →

APT38

Score: 3.02

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link

MITREへのリンク →

Mustang Panda

Score: 8.42

Matched TTPs:

T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

Molerats

Score: 7.62

Matched TTPs:

T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link
T1027.015 - Compression

MITREへのリンク →

admin@338

Score: 3.16

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution

MITREへのリンク →

Gamaredon Group

Score: 9.33

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1221 - Template Injection
T1204.001 - Malicious Link
T1027.015 - Compression

MITREへのリンク →

Darkhotel

Score: 3.16

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution

MITREへのリンク →

APT32

Score: 8.42

Matched TTPs:

T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

The White Company

Score: 3.16

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution

MITREへのリンク →

APT33

Score: 5.96

Matched TTPs:

T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

APT29

Score: 10.50

Matched TTPs:

T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1090.004 - Domain Fronting
T1204.001 - Malicious Link

MITREへのリンク →

Confucius

Score: 9.11

Matched TTPs:

T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1221 - Template Injection
T1204.001 - Malicious Link

MITREへのリンク →

BlackTech

Score: 5.96

Matched TTPs:

T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

Windshift

Score: 4.47

Matched TTPs:

T1204.002 - Malicious File
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link

MITREへのリンク →

LuminousMoth

Score: 6.65

Matched TTPs:

T1566.002 - Spearphishing Link
T1608.005 - Link Target
T1204.001 - Malicious Link

MITREへのリンク →

APT3

Score: 4.30

Matched TTPs:

T1566.002 - Spearphishing Link
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

ZIRCONIUM

Score: 8.70

Matched TTPs:

T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1598 - Phishing for Information
T1204.001 - Malicious Link

MITREへのリンク →

Scattered Spider

Score: 10.03

Matched TTPs:

T1598.003 - Spearphishing Link
T1204 - User Execution
T1598 - Phishing for Information

MITREへのリンク →

Silent Librarian

Score: 6.30

Matched TTPs:

T1598.003 - Spearphishing Link
T1608.005 - Link Target

MITREへのリンク →

LAPSUS$

Score: 4.13

Matched TTPs:

T1204 - User Execution

MITREへのリンク →

INC Ransom

Score: 3.29

Matched TTPs:

T1566 - Phishing

MITREへのリンク →

Sea Turtle

Score: 4.78

Matched TTPs:

T1566 - Phishing
T1203 - Exploitation for Client Execution

MITREへのリンク →

Axiom

Score: 4.78

Matched TTPs:

T1566 - Phishing
T1203 - Exploitation for Client Execution

MITREへのリンク →

AppleJeus

Score: 3.29

Matched TTPs:

T1566 - Phishing

MITREへのリンク →

GOLD SOUTHFIELD

Score: 3.29

Matched TTPs:

T1566 - Phishing

MITREへのリンク →

Medusa Group

Score: 4.54

Matched TTPs:

T1218.014 - MMC

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

APT28

Score: 0.81

Matched TTPs:

T1204.001 - Malicious Link
T1566.001 - Spearphishing Attachment
T1204.002 - Malicious File
T1221 - Template Injection
T1203 - Exploitation for Client Execution
T1137.002 - Office Test
T1559.002 - Dynamic Data Exchange
T1598 - Phishing for Information
T1598.003 - Spearphishing Link

MITREへのリンク →

Sidewinder

Score: 0.57

Matched TTPs:

T1204.001 - Malicious Link
T1566.001 - Spearphishing Attachment
T1204.002 - Malicious File
T1203 - Exploitation for Client Execution
T1559.002 - Dynamic Data Exchange
T1598.002 - Spearphishing Attachment
T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る