Pulse Detail-

Targeted Threat Leads to Keylogger via Fake Silverlight Update

概要

Proofpoint researchers recently discovered a small email-based campaign attacking a major financial services provider. This attack was notable for a few reasons: The attack was very narrow in scope - a small number of malicious emails appear to have been sent to users in a single organization The emails included a Microsoft Word attachment that used an embedded object rather than macros to avoid detection; the embedded object was also highly obfuscated The payload was an unidentified keylogger hardcoded to send logs from infected computers to two Gmail addresses. While the use of embedded objects instead of macros is not new, malicious macros remain the vector of choice for most threat actors at this time. However, we expect that this technique will become more popular in 2017.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

Veil-Framework Infects Victims of Targeted OWA Phishing Attack (score: 0.59)
Hawkeye Keylogger – Reborn v8: An in-depth campaign analysis (score: 0.59)
New Attacks Linked to C0d0s0 Group (score: 0.59)
Enterprises Hit by BARTALEX Macro Malware (score: 0.58)
Cloudflare[.]Solutions Keylogger on Thousands of Infected WordPress Sites (score: 0.58)

このPulseに関連する脅威アクター (事実ベース)

Lazarus Group

Score: 26.85

Matched TTPs:

T1027.009 - Embedded Payloads
T1587.001 - Malware
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1585.002 - Email Accounts
T1583.006 - Web Services
T1588.002 - Tool
T1102.002 - Bidirectional Communication
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1564.001 - Hidden Files and Directories
T1124 - System Time Discovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

TA577

Score: 9.32

Matched TTPs:

T1027.009 - Embedded Payloads
T1566.002 - Spearphishing Link
T1586.002 - Email Accounts
T1204.001 - Malicious Link

MITREへのリンク →

Moonstone Sleet

Score: 17.52

Matched TTPs:

T1027.009 - Embedded Payloads
T1587.001 - Malware
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1585.002 - Email Accounts
T1598 - Phishing for Information
T1566.003 - Spearphishing via Service

MITREへのリンク →

Contagious Interview

Score: 33.18

Matched TTPs:

T1588.007 - Artificial Intelligence
T1587.001 - Malware
T1071.003 - Mail Protocols
T1681 - Search Threat Vendor Data
T1585.002 - Email Accounts
T1657 - Financial Theft
T1583.006 - Web Services
T1588.002 - Tool
T1656 - Impersonation
T1204.004 - Malicious Copy and Paste
T1204.001 - Malicious Link
T1566.003 - Spearphishing via Service

MITREへのリンク →

Scattered Spider

Score: 39.30

Matched TTPs:

T1564.008 - Email Hiding Rules
T1069 - Permission Groups Discovery
T1114 - Email Collection
T1598.003 - Spearphishing Link
T1070.008 - Clear Mailbox Data
T1598.004 - Spearphishing Voice
T1087 - Account Discovery
T1657 - Financial Theft
T1588.002 - Tool
T1656 - Impersonation
T1598 - Phishing for Information
T1213.005 - Messaging Applications

MITREへのリンク →

FIN4

Score: 10.48

Matched TTPs:

T1564.008 - Email Hiding Rules
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1114.002 - Remote Email Collection
T1204.001 - Malicious Link

MITREへのリンク →

Ember Bear

Score: 14.56

Matched TTPs:

T1491.002 - External Defacement
T1114 - Email Collection
T1195 - Supply Chain Compromise
T1190 - Exploit Public-Facing Application
T1203 - Exploitation for Client Execution

MITREへのリンク →

Sandworm Team

Score: 24.71

Matched TTPs:

T1491.002 - External Defacement
T1587.001 - Malware
T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1195 - Supply Chain Compromise
T1190 - Exploit Public-Facing Application
T1585.002 - Email Accounts
T1588.002 - Tool
T1102.002 - Bidirectional Communication
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

Volt Typhoon

Score: 11.82

Matched TTPs:

T1584.008 - Network Devices
T1069 - Permission Groups Discovery
T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1124 - System Time Discovery

MITREへのリンク →

APT28

Score: 61.09

Matched TTPs:

T1584.008 - Network Devices
T1559.002 - Dynamic Data Exchange
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1190 - Exploit Public-Facing Application
T1557.004 - Evil Twin
T1071.003 - Mail Protocols
T1583.006 - Web Services
T1588.002 - Tool
T1114.002 - Remote Email Collection
T1546.015 - Component Object Model Hijacking
T1589.001 - Credentials
T1102.002 - Bidirectional Communication
T1203 - Exploitation for Client Execution
T1598 - Phishing for Information
T1189 - Drive-by Compromise
T1498 - Network Denial of Service
T1564.001 - Hidden Files and Directories
T1204.001 - Malicious Link
T1550.001 - Application Access Token
T1211 - Exploitation for Defense Evasion

MITREへのリンク →

ZIRCONIUM

Score: 19.33

Matched TTPs:

T1584.008 - Network Devices
T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1583.006 - Web Services
T1102.002 - Bidirectional Communication
T1598 - Phishing for Information
T1204.001 - Malicious Link
T1124 - System Time Discovery

MITREへのリンク →

Leviathan

Score: 33.67

Matched TTPs:

T1584.008 - Network Devices
T1559.002 - Dynamic Data Exchange
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1190 - Exploit Public-Facing Application
T1585.002 - Email Accounts
T1102.003 - One-Way Communication
T1534 - Internal Spearphishing
T1218.010 - Regsvr32
T1589.001 - Credentials
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1204.001 - Malicious Link

MITREへのリンク →

Mustard Tempest

Score: 13.65

Matched TTPs:

T1583.008 - Malvertising
T1566.002 - Spearphishing Link
T1189 - Drive-by Compromise
T1608.006 - SEO Poisoning
T1204.001 - Malicious Link

MITREへのリンク →

APT41

Score: 14.29

Matched TTPs:

T1069 - Permission Groups Discovery
T1566.001 - Spearphishing Attachment
T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1656 - Impersonation
T1102.001 - Dead Drop Resolver

MITREへのリンク →

TA505

Score: 10.56

Matched TTPs:

T1069 - Permission Groups Discovery
T1559.002 - Dynamic Data Exchange
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1588.002 - Tool
T1204.001 - Malicious Link

MITREへのリンク →

APT3

Score: 7.59

Matched TTPs:

T1069 - Permission Groups Discovery
T1566.002 - Spearphishing Link
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

FIN13

Score: 21.27

Matched TTPs:

T1069 - Permission Groups Discovery
T1587.001 - Malware
T1190 - Exploit Public-Facing Application
T1087 - Account Discovery
T1657 - Financial Theft
T1588.002 - Tool
T1564.001 - Hidden Files and Directories
T1556 - Modify Authentication Process

MITREへのリンク →

Silent Librarian

Score: 9.22

Matched TTPs:

T1114 - Email Collection
T1598.003 - Spearphishing Link
T1585.002 - Email Accounts
T1588.002 - Tool

MITREへのリンク →

Magic Hound

Score: 30.96

Matched TTPs:

T1114 - Email Collection
T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1586.002 - Email Accounts
T1190 - Exploit Public-Facing Application
T1585.002 - Email Accounts
T1583.006 - Web Services
T1588.002 - Tool
T1114.002 - Remote Email Collection
T1589.001 - Credentials
T1102.002 - Bidirectional Communication
T1189 - Drive-by Compromise
T1204.001 - Malicious Link
T1566.003 - Spearphishing via Service

MITREへのリンク →

Kimsuky

Score: 47.80

Matched TTPs:

T1587.001 - Malware
T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1190 - Exploit Public-Facing Application
T1071.003 - Mail Protocols
T1585.002 - Email Accounts
T1657 - Financial Theft
T1583.006 - Web Services
T1534 - Internal Spearphishing
T1588.002 - Tool
T1566 - Phishing
T1114.002 - Remote Email Collection
T1218.010 - Regsvr32
T1102.002 - Bidirectional Communication
T1656 - Impersonation
T1598 - Phishing for Information
T1204.001 - Malicious Link
T1102.001 - Dead Drop Resolver

MITREへのリンク →

Indrik Spider

Score: 4.38

Matched TTPs:

T1587.001 - Malware
T1585.002 - Email Accounts

MITREへのリンク →

OilRig

Score: 17.15

Matched TTPs:

T1587.001 - Malware
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1195 - Supply Chain Compromise
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link
T1566.003 - Spearphishing via Service

MITREへのリンク →

UNC3886

Score: 11.78

Matched TTPs:

T1587.001 - Malware
T1190 - Exploit Public-Facing Application
T1681 - Search Threat Vendor Data
T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

LuminousMoth

Score: 8.42

Matched TTPs:

T1587.001 - Malware
T1566.002 - Spearphishing Link
T1588.002 - Tool
T1564.001 - Hidden Files and Directories
T1204.001 - Malicious Link

MITREへのリンク →

Salt Typhoon

Score: 4.41

Matched TTPs:

T1587.001 - Malware
T1190 - Exploit Public-Facing Application
T1588.002 - Tool

MITREへのリンク →

APT29

Score: 28.53

Matched TTPs:

T1587.001 - Malware
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.003 - Cloud Accounts
T1586.002 - Email Accounts
T1190 - Exploit Public-Facing Application
T1583.006 - Web Services
T1588.002 - Tool
T1114.002 - Remote Email Collection
T1203 - Exploitation for Client Execution
T1562.008 - Disable or Modify Cloud Logs
T1204.001 - Malicious Link
T1566.003 - Spearphishing via Service

MITREへのリンク →

Play

Score: 6.94

Matched TTPs:

T1587.001 - Malware
T1190 - Exploit Public-Facing Application
T1657 - Financial Theft
T1588.002 - Tool

MITREへのリンク →

Aoqin Dragon

Score: 4.44

Matched TTPs:

T1587.001 - Malware
T1588.002 - Tool
T1203 - Exploitation for Client Execution

MITREへのリンク →

RedCurl

Score: 14.81

Matched TTPs:

T1587.001 - Malware
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1102 - Web Service
T1537 - Transfer Data to Cloud Account
T1564.001 - Hidden Files and Directories
T1204.001 - Malicious Link

MITREへのリンク →

Moses Staff

Score: 4.41

Matched TTPs:

T1587.001 - Malware
T1190 - Exploit Public-Facing Application
T1588.002 - Tool

MITREへのリンク →

Turla

Score: 23.95

Matched TTPs:

T1587.001 - Malware
T1566.002 - Spearphishing Link
T1071.003 - Mail Protocols
T1102 - Web Service
T1583.006 - Web Services
T1588.002 - Tool
T1584.006 - Web Services
T1102.002 - Bidirectional Communication
T1189 - Drive-by Compromise
T1204.001 - Malicious Link
T1124 - System Time Discovery

MITREへのリンク →

Ke3chang

Score: 10.93

Matched TTPs:

T1587.001 - Malware
T1583.005 - Botnet
T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1114.002 - Remote Email Collection

MITREへのリンク →

Mustang Panda

Score: 22.73

Matched TTPs:

T1587.001 - Malware
T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1585.002 - Email Accounts
T1102 - Web Service
T1583.006 - Web Services
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1564.001 - Hidden Files and Directories
T1204.001 - Malicious Link

MITREへのリンク →

TeamTNT

Score: 4.62

Matched TTPs:

T1587.001 - Malware
T1102 - Web Service

MITREへのリンク →

FIN7

Score: 25.05

Matched TTPs:

T1587.001 - Malware
T1559.002 - Dynamic Data Exchange
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1190 - Exploit Public-Facing Application
T1674 - Input Injection
T1583.006 - Web Services
T1588.002 - Tool
T1102.002 - Bidirectional Communication
T1564.001 - Hidden Files and Directories
T1204.001 - Malicious Link
T1124 - System Time Discovery

MITREへのリンク →

Cobalt Group

Score: 11.52

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1588.002 - Tool
T1218.010 - Regsvr32
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

MuddyWater

Score: 18.27

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1190 - Exploit Public-Facing Application
T1583.006 - Web Services
T1588.002 - Tool
T1102.002 - Bidirectional Communication
T1203 - Exploitation for Client Execution
T1027.004 - Compile After Delivery
T1204.001 - Malicious Link

MITREへのリンク →

Sidewinder

Score: 16.59

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1598.002 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link
T1124 - System Time Discovery

MITREへのリンク →

APT37

Score: 9.28

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1566.001 - Spearphishing Attachment
T1102.002 - Bidirectional Communication
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

Gallmaker

Score: 3.62

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1566.001 - Spearphishing Attachment

MITREへのリンク →

BITTER

Score: 5.96

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1566.001 - Spearphishing Attachment
T1588.002 - Tool
T1203 - Exploitation for Client Execution

MITREへのリンク →

Patchwork

Score: 16.28

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1204.001 - Malicious Link
T1102.001 - Dead Drop Resolver

MITREへのリンク →

BlackTech

Score: 7.49

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

Confucius

Score: 7.19

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1583.006 - Web Services
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

Mofang

Score: 3.68

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link

MITREへのリンク →

Elderwood

Score: 6.94

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1204.001 - Malicious Link

MITREへのリンク →

Machete

Score: 5.45

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1189 - Drive-by Compromise
T1204.001 - Malicious Link

MITREへのリンク →

Transparent Tribe

Score: 9.61

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1564.001 - Hidden Files and Directories
T1204.001 - Malicious Link

MITREへのリンク →

FIN8

Score: 7.05

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1102 - Web Service
T1588.002 - Tool
T1204.001 - Malicious Link

MITREへのリンク →

APT32

Score: 23.48

Matched TTPs:

T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1071.003 - Mail Protocols
T1102 - Web Service
T1583.006 - Web Services
T1588.002 - Tool
T1218.010 - Regsvr32
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1564.001 - Hidden Files and Directories
T1204.001 - Malicious Link

MITREへのリンク →

APT1

Score: 8.12

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1585.002 - Email Accounts
T1588.002 - Tool
T1114.002 - Remote Email Collection

MITREへのリンク →

APT33

Score: 6.02

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

EXOTIC LILY

Score: 12.51

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1585.002 - Email Accounts
T1102 - Web Service
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link
T1566.003 - Spearphishing via Service

MITREへのリンク →

Molerats

Score: 3.68

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link

MITREへのリンク →

Windshift

Score: 7.97

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1189 - Drive-by Compromise
T1204.001 - Malicious Link
T1566.003 - Spearphishing via Service

MITREへのリンク →

TA2541

Score: 6.54

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1583.006 - Web Services
T1588.002 - Tool
T1204.001 - Malicious Link

MITREへのリンク →

Earth Lusca

Score: 12.53

Matched TTPs:

T1566.002 - Spearphishing Link
T1190 - Exploit Public-Facing Application
T1583.006 - Web Services
T1588.002 - Tool
T1584.006 - Web Services
T1189 - Drive-by Compromise
T1204.001 - Malicious Link

MITREへのリンク →

Storm-1811

Score: 16.93

Matched TTPs:

T1566.002 - Spearphishing Link
T1588.002 - Tool
T1566.004 - Spearphishing Voice
T1667 - Email Bombing
T1656 - Impersonation
T1566.003 - Spearphishing via Service

MITREへのリンク →

Wizard Spider

Score: 6.82

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1585.002 - Email Accounts
T1588.002 - Tool
T1204.001 - Malicious Link

MITREへのリンク →

LazyScripter

Score: 8.22

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1102 - Web Service
T1583.006 - Web Services
T1204.001 - Malicious Link

MITREへのリンク →

APT42

Score: 14.27

Matched TTPs:

T1566.002 - Spearphishing Link
T1070.008 - Clear Mailbox Data
T1585.002 - Email Accounts
T1102 - Web Service
T1588.002 - Tool
T1656 - Impersonation

MITREへのリンク →

APT39

Score: 8.40

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1102.002 - Bidirectional Communication
T1204.001 - Malicious Link

MITREへのリンク →

Star Blizzard

Score: 15.42

Matched TTPs:

T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1585.002 - Email Accounts
T1598.002 - Spearphishing Attachment
T1588.002 - Tool
T1114.002 - Remote Email Collection

MITREへのリンク →

CURIUM

Score: 16.12

Matched TTPs:

T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1585.002 - Email Accounts
T1584.006 - Web Services
T1189 - Drive-by Compromise
T1124 - System Time Discovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

Dragonfly

Score: 15.20

Matched TTPs:

T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1190 - Exploit Public-Facing Application
T1598.002 - Spearphishing Attachment
T1588.002 - Tool
T1114.002 - Remote Email Collection
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

Saint Bear

Score: 8.77

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1583.006 - Web Services
T1203 - Exploitation for Client Execution
T1656 - Impersonation
T1204.001 - Malicious Link

MITREへのリンク →

Tropic Trooper

Score: 5.03

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1564.001 - Hidden Files and Directories

MITREへのリンク →

FIN6

Score: 6.77

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1102 - Web Service
T1588.002 - Tool
T1566.003 - Spearphishing via Service

MITREへのリンク →

BRONZE BUTLER

Score: 10.86

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1124 - System Time Discovery
T1102.001 - Dead Drop Resolver

MITREへのリンク →

WIRTE

Score: 4.47

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1588.002 - Tool
T1218.010 - Regsvr32

MITREへのリンク →

menuPass

Score: 3.19

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1190 - Exploit Public-Facing Application
T1588.002 - Tool

MITREへのリンク →

Threat Group-3390

Score: 6.45

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

Gamaredon Group

Score: 25.93

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1102 - Web Service
T1583.006 - Web Services
T1102.003 - One-Way Communication
T1534 - Internal Spearphishing
T1588.002 - Tool
T1001 - Data Obfuscation
T1102.002 - Bidirectional Communication
T1027.004 - Compile After Delivery
T1204.001 - Malicious Link

MITREへのリンク →

Darkhotel

Score: 6.73

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1124 - System Time Discovery

MITREへのリンク →

Inception

Score: 8.49

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1102 - Web Service
T1588.002 - Tool
T1218.010 - Regsvr32
T1203 - Exploitation for Client Execution

MITREへのリンク →

Ajax Security Team

Score: 3.40

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1566.003 - Spearphishing via Service

MITREへのリンク →

TA551

Score: 3.62

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1218.010 - Regsvr32

MITREへのリンク →

RTM

Score: 5.92

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1189 - Drive-by Compromise
T1102.001 - Dead Drop Resolver

MITREへのリンク →

Winter Vivern

Score: 13.63

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1190 - Exploit Public-Facing Application
T1056.003 - Web Portal Capture
T1584.006 - Web Services
T1189 - Drive-by Compromise
T1204.001 - Malicious Link

MITREへのリンク →

Higaisa

Score: 4.96

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

APT12

Score: 4.77

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1102.002 - Bidirectional Communication
T1203 - Exploitation for Client Execution

MITREへのリンク →

APT19

Score: 6.24

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1588.002 - Tool
T1218.010 - Regsvr32
T1189 - Drive-by Compromise

MITREへのリンク →

Malteiro

Score: 3.40

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1657 - Financial Theft

MITREへのリンク →

SideCopy

Score: 4.50

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1598.002 - Spearphishing Attachment

MITREへのリンク →

Andariel

Score: 4.13

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

IndigoZebra

Score: 6.40

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1583.006 - Web Services
T1588.002 - Tool

MITREへのリンク →

APT38

Score: 9.39

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1588.002 - Tool
T1189 - Drive-by Compromise
T1036.006 - Space after Filename
T1204.001 - Malicious Link

MITREへのリンク →

The White Company

Score: 4.96

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

HAFNIUM

Score: 16.79

Matched TTPs:

T1583.005 - Botnet
T1190 - Exploit Public-Facing Application
T1583.006 - Web Services
T1114.002 - Remote Email Collection
T1564.001 - Hidden Files and Directories
T1550.001 - Application Access Token

MITREへのリンク →

APT5

Score: 5.31

Matched TTPs:

T1583.005 - Botnet
T1190 - Exploit Public-Facing Application

MITREへのリンク →

HEXANE

Score: 11.82

Matched TTPs:

T1586.002 - Email Accounts
T1585.002 - Email Accounts
T1534 - Internal Spearphishing
T1588.002 - Tool
T1102.002 - Bidirectional Communication

MITREへのリンク →

LAPSUS$

Score: 17.97

Matched TTPs:

T1586.002 - Email Accounts
T1598.004 - Spearphishing Voice
T1588.002 - Tool
T1589.001 - Credentials
T1656 - Impersonation
T1213.005 - Messaging Applications

MITREへのリンク →

Rocke

Score: 13.57

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1102 - Web Service
T1027.004 - Compile After Delivery
T1564.001 - Hidden Files and Directories
T1102.001 - Dead Drop Resolver

MITREへのリンク →

GOLD SOUTHFIELD

Score: 4.76

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1566 - Phishing

MITREへのリンク →

Medusa Group

Score: 13.68

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1585.002 - Email Accounts
T1657 - Financial Theft
T1583.006 - Web Services
T1588.002 - Tool
T1218.014 - MMC

MITREへのリンク →

Sea Turtle

Score: 10.72

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1566 - Phishing
T1203 - Exploitation for Client Execution
T1027.004 - Compile After Delivery

MITREへのリンク →

Storm-0501

Score: 10.58

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1657 - Financial Theft
T1218.010 - Regsvr32
T1537 - Transfer Data to Cloud Account

MITREへのリンク →

Fox Kitten

Score: 7.84

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1102 - Web Service
T1213.005 - Messaging Applications

MITREへのリンク →

Cinnamon Tempest

Score: 4.84

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1657 - Financial Theft
T1588.002 - Tool

MITREへのリンク →

ToddyCat

Score: 3.99

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1566.003 - Spearphishing via Service

MITREへのリンク →

Blue Mockingbird

Score: 5.07

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1218.010 - Regsvr32

MITREへのリンク →

INC Ransom

Score: 11.97

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1657 - Financial Theft
T1588.002 - Tool
T1566 - Phishing
T1537 - Transfer Data to Cloud Account

MITREへのリンク →

Axiom

Score: 12.55

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1566 - Phishing
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1001.002 - Steganography

MITREへのリンク →

SilverTerrier

Score: 5.81

Matched TTPs:

T1071.003 - Mail Protocols
T1657 - Financial Theft

MITREへのリンク →

Aquatic Panda

Score: 4.69

Matched TTPs:

T1087 - Account Discovery
T1588.002 - Tool

MITREへのリンク →

AppleJeus

Score: 5.81

Matched TTPs:

T1657 - Financial Theft
T1566 - Phishing

MITREへのリンク →

POLONIUM

Score: 5.26

Matched TTPs:

T1583.006 - Web Services
T1588.002 - Tool
T1102.002 - Bidirectional Communication

MITREへのリンク →

TA578

Score: 3.37

Matched TTPs:

T1583.006 - Web Services
T1204.001 - Malicious Link

MITREへのリンク →

DarkVishnya

Score: 5.39

Matched TTPs:

T1588.002 - Tool
T1200 - Hardware Additions

MITREへのリンク →

Leafminer

Score: 5.28

Matched TTPs:

T1588.002 - Tool
T1114.002 - Remote Email Collection
T1189 - Drive-by Compromise

MITREへのリンク →

Chimera

Score: 9.55

Matched TTPs:

T1588.002 - Tool
T1114.002 - Remote Email Collection
T1589.001 - Credentials
T1124 - System Time Discovery

MITREへのリンク →

Carbanak

Score: 3.25

Matched TTPs:

T1588.002 - Tool
T1102.002 - Bidirectional Communication

MITREへのリンク →

Dark Caracal

Score: 4.29

Matched TTPs:

T1189 - Drive-by Compromise
T1566.003 - Spearphishing via Service

MITREへのリンク →

Daggerfly

Score: 3.13

Matched TTPs:

T1189 - Drive-by Compromise
T1204.001 - Malicious Link

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Velvet Ant

Score: 4.13

Matched TTPs:

T1211 - Exploitation for Defense Evasion

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

APT28

Score: 0.82

Matched TTPs:

T1598.003 - Spearphishing Link
T1564.001 - Hidden Files and Directories
T1498 - Network Denial of Service
T1190 - Exploit Public-Facing Application
T1559.002 - Dynamic Data Exchange
T1583.006 - Web Services
T1589.001 - Credentials
T1203 - Exploitation for Client Execution
T1584.008 - Network Devices
T1546.015 - Component Object Model Hijacking
T1586.002 - Email Accounts
T1189 - Drive-by Compromise
T1211 - Exploitation for Defense Evasion
T1557.004 - Evil Twin
T1598 - Phishing for Information
T1114.002 - Remote Email Collection
T1566.001 - Spearphishing Attachment
T1071.003 - Mail Protocols
T1588.002 - Tool
T1550.001 - Application Access Token
T1204.001 - Malicious Link
T1102.002 - Bidirectional Communication

MITREへのリンク →

Kimsuky

Score: 0.65

Matched TTPs:

T1657 - Financial Theft
T1598.003 - Spearphishing Link
T1566.002 - Spearphishing Link
T1190 - Exploit Public-Facing Application
T1583.006 - Web Services
T1656 - Impersonation
T1566 - Phishing
T1534 - Internal Spearphishing
T1218.010 - Regsvr32
T1102.001 - Dead Drop Resolver
T1586.002 - Email Accounts
T1598 - Phishing for Information
T1587.001 - Malware
T1114.002 - Remote Email Collection
T1566.001 - Spearphishing Attachment
T1071.003 - Mail Protocols
T1585.002 - Email Accounts
T1588.002 - Tool
T1204.001 - Malicious Link
T1102.002 - Bidirectional Communication

MITREへのリンク →

Scattered Spider

Score: 0.57

Matched TTPs:

T1087 - Account Discovery
T1588.002 - Tool
T1657 - Financial Theft
T1656 - Impersonation
T1213.005 - Messaging Applications
T1069 - Permission Groups Discovery
T1598 - Phishing for Information
T1598.004 - Spearphishing Voice
T1598.003 - Spearphishing Link
T1114 - Email Collection
T1564.008 - Email Hiding Rules
T1070.008 - Clear Mailbox Data

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る

Targeted Threat Leads to Keylogger via Fake Silverlight Update

概要

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

Pulse – 脅威アクター グラフ

Pulse – 脅威アクターグラフ