Trusted Design

TA17-117A: Intrusions Affecting Multiple Victims Across Multiple Sectors

概要

The National Cybersecurity and Communications Integration Center (NCCIC) has become aware of an emerging sophisticated campaign, occurring since at least May 2016, that uses multiple malware implants. Initial victims have been identified in several sectors, including information technology, energy, healthcare and public health, communications, and critical manufacturing. According to preliminary analysis, threat actors appear to be leveraging stolen administrative credentials (local and domain) and certificates, along with placing sophisticated malware implants on critical systems. Some of the campaign victims have been IT service providers, where credential compromises could potentially be leveraged to access customer environments. Depending on the defensive mitigations in place, the threat actor could possibly gain full access to networks and data in a way that appears legitimate to existing monitoring tools.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Kimsuky

Score: 80.39
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1007 - System Service Discovery
  • T1040 - Network Sniffing
  • T1082 - System Information Discovery
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1112 - Modify Registry
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1534 - Internal Spearphishing
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1566 - Phishing
  • T1562.001 - Disable or Modify Tools
  • T1593.001 - Social Media
  • T1012 - Query Registry
  • T1656 - Impersonation
  • T1518.001 - Security Software Discovery
  • T1598 - Phishing for Information
  • T1070.004 - File Deletion
  • T1111 - Multi-Factor Authentication Interception
  • T1105 - Ingress Tool Transfer
  • T1587 - Develop Capabilities
  • T1588.005 - Exploits
  • T1102.001 - Dead Drop Resolver
  • T1584.001 - Domains
  • T1078.003 - Local Accounts
MITREへのリンク →

Sea Turtle

Score: 15.47
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1190 - Exploit Public-Facing Application
  • T1199 - Trusted Relationship
  • T1588.002 - Tool
  • T1566 - Phishing
  • T1078 - Valid Accounts
  • T1078.003 - Local Accounts
MITREへのリンク →

Ember Bear

Score: 37.13
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1491.002 - External Defacement
  • T1003.004 - LSA Secrets
  • T1195 - Supply Chain Compromise
  • T1190 - Exploit Public-Facing Application
  • T1021 - Remote Services
  • T1112 - Modify Registry
  • T1078.001 - Default Accounts
  • T1588.001 - Malware
  • T1210 - Exploitation of Remote Services
  • T1562.001 - Disable or Modify Tools
  • T1070.004 - File Deletion
  • T1588.005 - Exploits
MITREへのリンク →

Indrik Spider

Score: 24.68
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1587.001 - Malware
  • T1007 - System Service Discovery
  • T1112 - Modify Registry
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1012 - Query Registry
  • T1078.002 - Domain Accounts
  • T1136 - Create Account
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Agrius

Score: 8.59
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1190 - Exploit Public-Facing Application
  • T1562.001 - Disable or Modify Tools
  • T1078.002 - Domain Accounts
MITREへのリンク →

Contagious Interview

Score: 59.98
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1588.007 - Artificial Intelligence
  • T1587.001 - Malware
  • T1082 - System Information Discovery
  • T1608.001 - Upload Malware
  • T1589 - Gather Victim Identity Information
  • T1681 - Search Threat Vendor Data
  • T1593.003 - Code Repositories
  • T1497 - Virtualization/Sandbox Evasion
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1593.001 - Social Media
  • T1656 - Impersonation
  • T1070.004 - File Deletion
  • T1204.004 - Malicious Copy and Paste
  • T1587 - Develop Capabilities
  • T1566.003 - Spearphishing via Service
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Sandworm Team

Score: 58.81
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1491.002 - External Defacement
  • T1587.001 - Malware
  • T1586.001 - Social Media Accounts
  • T1598.003 - Spearphishing Link
  • T1040 - Network Sniffing
  • T1082 - System Information Discovery
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1190 - Exploit Public-Facing Application
  • T1591.002 - Business Relationships
  • T1584.005 - Botnet
  • T1199 - Trusted Relationship
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1592.002 - Software
  • T1078.002 - Domain Accounts
  • T1499 - Endpoint Denial of Service
  • T1070.004 - File Deletion
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Star Blizzard

Score: 22.24
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1598.003 - Spearphishing Link
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1589 - Gather Victim Identity Information
  • T1598.002 - Spearphishing Attachment
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1078 - Valid Accounts
MITREへのリンク →

LAPSUS$

Score: 55.66
Matched TTPs:
  • T1597.002 - Purchase Technical Data
  • T1586.002 - Email Accounts
  • T1589 - Gather Victim Identity Information
  • T1598.004 - Spearphishing Voice
  • T1591.002 - Business Relationships
  • T1593.003 - Code Repositories
  • T1588.001 - Malware
  • T1552.008 - Chat Messages
  • T1199 - Trusted Relationship
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1531 - Account Access Removal
  • T1589.001 - Credentials
  • T1656 - Impersonation
  • T1591.004 - Identify Roles
  • T1111 - Multi-Factor Authentication Interception
  • T1213.005 - Messaging Applications
MITREへのリンク →

Volt Typhoon

Score: 52.83
Matched TTPs:
  • T1584.008 - Network Devices
  • T1497.001 - System Checks
  • T1007 - System Service Discovery
  • T1190 - Exploit Public-Facing Application
  • T1589 - Gather Victim Identity Information
  • T1112 - Modify Registry
  • T1590.006 - Network Security Appliances
  • T1584.005 - Botnet
  • T1591 - Gather Victim Org Information
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1012 - Query Registry
  • T1078.002 - Domain Accounts
  • T1591.004 - Identify Roles
  • T1070.004 - File Deletion
  • T1584.004 - Server
  • T1518 - Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1596.005 - Scan Databases
MITREへのリンク →

APT28

Score: 48.56
Matched TTPs:
  • T1584.008 - Network Devices
  • T1598.003 - Spearphishing Link
  • T1040 - Network Sniffing
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1557.004 - Evil Twin
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1210 - Exploitation of Remote Services
  • T1199 - Trusted Relationship
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1589.001 - Credentials
  • T1598 - Phishing for Information
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
  • T1669 - Wi-Fi Networks
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

ZIRCONIUM

Score: 15.75
Matched TTPs:
  • T1584.008 - Network Devices
  • T1598.003 - Spearphishing Link
  • T1082 - System Information Discovery
  • T1583.006 - Web Services
  • T1012 - Query Registry
  • T1598 - Phishing for Information
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Leviathan

Score: 23.99
Matched TTPs:
  • T1584.008 - Network Devices
  • T1586.001 - Social Media Accounts
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1534 - Internal Spearphishing
  • T1078 - Valid Accounts
  • T1589.001 - Credentials
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Mustard Tempest

Score: 11.78
Matched TTPs:
  • T1583.008 - Malvertising
  • T1082 - System Information Discovery
  • T1608.001 - Upload Malware
  • T1105 - Ingress Tool Transfer
  • T1584.001 - Domains
MITREへのリンク →

MuddyWater

Score: 18.34
Matched TTPs:
  • T1003.004 - LSA Secrets
  • T1082 - System Information Discovery
  • T1190 - Exploit Public-Facing Application
  • T1583.006 - Web Services
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1518.001 - Security Software Discovery
  • T1518 - Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Threat Group-3390

Score: 24.40
Matched TTPs:
  • T1003.004 - LSA Secrets
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1608.002 - Upload Tool
  • T1112 - Modify Registry
  • T1210 - Exploitation of Remote Services
  • T1199 - Trusted Relationship
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1012 - Query Registry
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

OilRig

Score: 46.44
Matched TTPs:
  • T1003.004 - LSA Secrets
  • T1587.001 - Malware
  • T1497.001 - System Checks
  • T1007 - System Service Discovery
  • T1082 - System Information Discovery
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1112 - Modify Registry
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1573.002 - Asymmetric Cryptography
  • T1012 - Query Registry
  • T1078.002 - Domain Accounts
  • T1555.004 - Windows Credential Manager
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
  • T1008 - Fallback Channels
  • T1566.003 - Spearphishing via Service
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Leafminer

Score: 3.68
Matched TTPs:
  • T1003.004 - LSA Secrets
  • T1588.002 - Tool
MITREへのリンク →

APT33

Score: 11.66
Matched TTPs:
  • T1003.004 - LSA Secrets
  • T1040 - Network Sniffing
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1105 - Ingress Tool Transfer
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

APT29

Score: 32.52
Matched TTPs:
  • T1003.004 - LSA Secrets
  • T1587.001 - Malware
  • T1586.003 - Cloud Accounts
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1649 - Steal or Forge Authentication Certificates
  • T1583.006 - Web Services
  • T1199 - Trusted Relationship
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
  • T1078.003 - Local Accounts
MITREへのリンク →

menuPass

Score: 14.23
Matched TTPs:
  • T1003.004 - LSA Secrets
  • T1190 - Exploit Public-Facing Application
  • T1210 - Exploitation of Remote Services
  • T1199 - Trusted Relationship
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Dragonfly

Score: 31.93
Matched TTPs:
  • T1003.004 - LSA Secrets
  • T1598.003 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1112 - Modify Registry
  • T1591.002 - Business Relationships
  • T1598.002 - Spearphishing Attachment
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1012 - Query Registry
  • T1036.010 - Masquerade Account Name
  • T1070.004 - File Deletion
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Ke3chang

Score: 17.02
Matched TTPs:
  • T1003.004 - LSA Secrets
  • T1587.001 - Malware
  • T1583.005 - Botnet
  • T1007 - System Service Discovery
  • T1082 - System Information Discovery
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

FIN13

Score: 23.85
Matched TTPs:
  • T1587.001 - Malware
  • T1082 - System Information Discovery
  • T1190 - Exploit Public-Facing Application
  • T1589 - Gather Victim Identity Information
  • T1078.001 - Default Accounts
  • T1087 - Account Discovery
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
  • T1556 - Modify Authentication Process
MITREへのリンク →

Moonstone Sleet

Score: 21.60
Matched TTPs:
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1082 - System Information Discovery
  • T1608.001 - Upload Malware
  • T1591 - Gather Victim Org Information
  • T1598 - Phishing for Information
  • T1105 - Ingress Tool Transfer
  • T1587 - Develop Capabilities
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Lazarus Group

Score: 47.67
Matched TTPs:
  • T1587.001 - Malware
  • T1082 - System Information Discovery
  • T1070 - Indicator Removal
  • T1583.006 - Web Services
  • T1491.001 - Internal Defacement
  • T1591 - Gather Victim Org Information
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1001.003 - Protocol or Service Impersonation
  • T1012 - Query Registry
  • T1070.004 - File Deletion
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
  • T1027.007 - Dynamic API Resolution
  • T1008 - Fallback Channels
  • T1566.003 - Spearphishing via Service
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

UNC3886

Score: 29.39
Matched TTPs:
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1190 - Exploit Public-Facing Application
  • T1078.001 - Default Accounts
  • T1681 - Search Threat Vendor Data
  • T1588.001 - Malware
  • T1212 - Exploitation for Credential Access
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1070.004 - File Deletion
  • T1008 - Fallback Channels
MITREへのリンク →

LuminousMoth

Score: 9.98
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1112 - Modify Registry
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Salt Typhoon

Score: 18.58
Matched TTPs:
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1190 - Exploit Public-Facing Application
  • T1602.002 - Network Device Configuration Dump
  • T1588.002 - Tool
  • T1136 - Create Account
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Play

Score: 20.37
Matched TTPs:
  • T1587.001 - Malware
  • T1082 - System Information Discovery
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1078.002 - Domain Accounts
  • T1518.001 - Security Software Discovery
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
  • T1078.003 - Local Accounts
MITREへのリンク →

RedCurl

Score: 20.68
Matched TTPs:
  • T1587.001 - Malware
  • T1082 - System Information Discovery
  • T1102 - Web Service
  • T1199 - Trusted Relationship
  • T1056.002 - GUI Input Capture
  • T1573.002 - Asymmetric Cryptography
  • T1537 - Transfer Data to Cloud Account
  • T1070.004 - File Deletion
MITREへのリンク →

Moses Staff

Score: 6.40
Matched TTPs:
  • T1587.001 - Malware
  • T1082 - System Information Discovery
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Turla

Score: 34.95
Matched TTPs:
  • T1587.001 - Malware
  • T1007 - System Service Discovery
  • T1082 - System Information Discovery
  • T1112 - Modify Registry
  • T1588.001 - Malware
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1584.006 - Web Services
  • T1012 - Query Registry
  • T1518.001 - Security Software Discovery
  • T1555.004 - Windows Credential Manager
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
  • T1078.003 - Local Accounts
MITREへのリンク →

Mustang Panda

Score: 56.47
Matched TTPs:
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1082 - System Information Discovery
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1176.002 - IDE Extensions
  • T1070 - Indicator Removal
  • T1102 - Web Service
  • T1608 - Stage Capabilities
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1678 - Delay Execution
  • T1588.002 - Tool
  • T1001.003 - Protocol or Service Impersonation
  • T1070.004 - File Deletion
  • T1518 - Software Discovery
  • T1622 - Debugger Evasion
  • T1105 - Ingress Tool Transfer
  • T1027.007 - Dynamic API Resolution
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

TeamTNT

Score: 16.17
Matched TTPs:
  • T1587.001 - Malware
  • T1007 - System Service Discovery
  • T1082 - System Information Discovery
  • T1608.001 - Upload Malware
  • T1102 - Web Service
  • T1562.001 - Disable or Modify Tools
  • T1518.001 - Security Software Discovery
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

FIN7

Score: 31.70
Matched TTPs:
  • T1587.001 - Malware
  • T1082 - System Information Discovery
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1583.006 - Web Services
  • T1497.002 - User Activity Based Checks
  • T1591 - Gather Victim Org Information
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1591.004 - Identify Roles
  • T1105 - Ingress Tool Transfer
  • T1008 - Fallback Channels
  • T1078.003 - Local Accounts
MITREへのリンク →

Evilnum

Score: 5.60
Matched TTPs:
  • T1497.001 - System Checks
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Darkhotel

Score: 15.30
Matched TTPs:
  • T1497.001 - System Checks
  • T1082 - System Information Discovery
  • T1497 - Virtualization/Sandbox Evasion
  • T1497.002 - User Activity Based Checks
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Gamaredon Group

Score: 29.39
Matched TTPs:
  • T1497.001 - System Checks
  • T1082 - System Information Discovery
  • T1608.001 - Upload Malware
  • T1112 - Modify Registry
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1491.001 - Internal Defacement
  • T1534 - Internal Spearphishing
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1012 - Query Registry
  • T1518.001 - Security Software Discovery
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Sidewinder

Score: 12.71
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1082 - System Information Discovery
  • T1598.002 - Spearphishing Attachment
  • T1518.001 - Security Software Discovery
  • T1518 - Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Scattered Spider

Score: 43.10
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1082 - System Information Discovery
  • T1589 - Gather Victim Identity Information
  • T1598.004 - Spearphishing Voice
  • T1087 - Account Discovery
  • T1588.001 - Malware
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1656 - Impersonation
  • T1598 - Phishing for Information
  • T1136 - Create Account
  • T1538 - Cloud Service Dashboard
  • T1105 - Ingress Tool Transfer
  • T1213.005 - Messaging Applications
MITREへのリンク →

Silent Librarian

Score: 4.73
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1588.002 - Tool
  • T1078 - Valid Accounts
MITREへのリンク →

APT32

Score: 25.59
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1082 - System Information Discovery
  • T1608.001 - Upload Malware
  • T1589 - Gather Victim Identity Information
  • T1112 - Modify Registry
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1012 - Query Registry
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
  • T1078.003 - Local Accounts
MITREへのリンク →

Magic Hound

Score: 50.67
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1082 - System Information Discovery
  • T1562 - Impair Defenses
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1589 - Gather Victim Identity Information
  • T1112 - Modify Registry
  • T1078.001 - Default Accounts
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1592.002 - Software
  • T1589.001 - Credentials
  • T1078.002 - Domain Accounts
  • T1036.010 - Masquerade Account Name
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
  • T1591.001 - Determine Physical Locations
  • T1566.003 - Spearphishing via Service
  • T1584.001 - Domains
MITREへのリンク →

CURIUM

Score: 9.81
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1082 - System Information Discovery
  • T1584.006 - Web Services
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Patchwork

Score: 13.69
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1082 - System Information Discovery
  • T1112 - Modify Registry
  • T1588.002 - Tool
  • T1518.001 - Security Software Discovery
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

HAFNIUM

Score: 25.52
Matched TTPs:
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1593.003 - Code Repositories
  • T1592.004 - Client Configurations
  • T1584.005 - Botnet
  • T1583.006 - Web Services
  • T1199 - Trusted Relationship
  • T1105 - Ingress Tool Transfer
  • T1078.003 - Local Accounts
MITREへのリンク →

APT5

Score: 16.74
Matched TTPs:
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1562.006 - Indicator Blocking
  • T1070 - Indicator Removal
  • T1078.002 - Domain Accounts
  • T1070.004 - File Deletion
MITREへのリンク →

BRONZE BUTLER

Score: 13.36
Matched TTPs:
  • T1007 - System Service Discovery
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1070.004 - File Deletion
  • T1518 - Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Aquatic Panda

Score: 24.70
Matched TTPs:
  • T1007 - System Service Discovery
  • T1082 - System Information Discovery
  • T1021 - Remote Services
  • T1112 - Modify Registry
  • T1087 - Account Discovery
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078.002 - Domain Accounts
  • T1518.001 - Security Software Discovery
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Chimera

Score: 27.61
Matched TTPs:
  • T1007 - System Service Discovery
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1110.004 - Credential Stuffing
  • T1589.001 - Credentials
  • T1012 - Query Registry
  • T1078.002 - Domain Accounts
  • T1556.001 - Domain Controller Authentication
  • T1070.004 - File Deletion
  • T1111 - Multi-Factor Authentication Interception
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Earth Lusca

Score: 22.32
Matched TTPs:
  • T1007 - System Service Discovery
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1112 - Modify Registry
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1584.006 - Web Services
  • T1584.004 - Server
MITREへのリンク →

admin@338

Score: 3.73
Matched TTPs:
  • T1007 - System Service Discovery
  • T1082 - System Information Discovery
MITREへのリンク →

APT1

Score: 9.12
Matched TTPs:
  • T1007 - System Service Discovery
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1584.001 - Domains
MITREへのリンク →

Velvet Ant

Score: 14.38
Matched TTPs:
  • T1040 - Network Sniffing
  • T1562.001 - Disable or Modify Tools
  • T1573.002 - Asymmetric Cryptography
  • T1078.003 - Local Accounts
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

DarkVishnya

Score: 8.42
Matched TTPs:
  • T1040 - Network Sniffing
  • T1588.002 - Tool
  • T1200 - Hardware Additions
MITREへのリンク →

Windigo

Score: 3.95
Matched TTPs:
  • T1082 - System Information Discovery
  • T1518 - Software Discovery
MITREへのリンク →

BlackByte

Score: 26.26
Matched TTPs:
  • T1082 - System Information Discovery
  • T1562 - Impair Defenses
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1112 - Modify Registry
  • T1491.001 - Internal Defacement
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1012 - Query Registry
  • T1078.002 - Domain Accounts
  • T1518.001 - Security Software Discovery
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT41

Score: 33.33
Matched TTPs:
  • T1082 - System Information Discovery
  • T1190 - Exploit Public-Facing Application
  • T1112 - Modify Registry
  • T1562.006 - Indicator Blocking
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1012 - Query Registry
  • T1656 - Impersonation
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
  • T1596.005 - Scan Databases
  • T1480.001 - Environmental Keying
  • T1008 - Fallback Channels
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Blue Mockingbird

Score: 9.89
Matched TTPs:
  • T1082 - System Information Discovery
  • T1190 - Exploit Public-Facing Application
  • T1112 - Modify Registry
  • T1588.002 - Tool
  • T1574.012 - COR_PROFILER
MITREへのリンク →

HEXANE

Score: 20.39
Matched TTPs:
  • T1082 - System Information Discovery
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1589 - Gather Victim Identity Information
  • T1534 - Internal Spearphishing
  • T1588.002 - Tool
  • T1591.004 - Identify Roles
  • T1518 - Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

TA2541

Score: 15.72
Matched TTPs:
  • T1082 - System Information Discovery
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1573.002 - Asymmetric Cryptography
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Rocke

Score: 14.34
Matched TTPs:
  • T1082 - System Information Discovery
  • T1190 - Exploit Public-Facing Application
  • T1102 - Web Service
  • T1562.001 - Disable or Modify Tools
  • T1518.001 - Security Software Discovery
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

APT37

Score: 5.60
Matched TTPs:
  • T1082 - System Information Discovery
  • T1105 - Ingress Tool Transfer
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Inception

Score: 7.32
Matched TTPs:
  • T1082 - System Information Discovery
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1518 - Software Discovery
MITREへのリンク →

Higaisa

Score: 5.05
Matched TTPs:
  • T1082 - System Information Discovery
  • T1001.003 - Protocol or Service Impersonation
MITREへのリンク →

Malteiro

Score: 5.63
Matched TTPs:
  • T1082 - System Information Discovery
  • T1657 - Financial Theft
  • T1518.001 - Security Software Discovery
MITREへのリンク →

APT38

Score: 13.36
Matched TTPs:
  • T1082 - System Information Discovery
  • T1112 - Modify Registry
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1518.001 - Security Software Discovery
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

APT3

Score: 9.27
Matched TTPs:
  • T1082 - System Information Discovery
  • T1078.002 - Domain Accounts
  • T1036.010 - Masquerade Account Name
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Daggerfly

Score: 7.05
Matched TTPs:
  • T1082 - System Information Discovery
  • T1012 - Query Registry
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Storm-0501

Score: 10.94
Matched TTPs:
  • T1082 - System Information Discovery
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1518.001 - Security Software Discovery
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

APT42

Score: 23.30
Matched TTPs:
  • T1082 - System Information Discovery
  • T1608.001 - Upload Malware
  • T1112 - Modify Registry
  • T1070 - Indicator Removal
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1573.002 - Asymmetric Cryptography
  • T1656 - Impersonation
  • T1518.001 - Security Software Discovery
  • T1111 - Multi-Factor Authentication Interception
MITREへのリンク →

SideCopy

Score: 15.51
Matched TTPs:
  • T1082 - System Information Discovery
  • T1608.001 - Upload Malware
  • T1598.002 - Spearphishing Attachment
  • T1518.001 - Security Software Discovery
  • T1518 - Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1584.001 - Domains
MITREへのリンク →

APT19

Score: 3.88
Matched TTPs:
  • T1082 - System Information Discovery
  • T1112 - Modify Registry
  • T1588.002 - Tool
MITREへのリンク →

APT18

Score: 4.79
Matched TTPs:
  • T1082 - System Information Discovery
  • T1078 - Valid Accounts
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

FIN8

Score: 17.38
Matched TTPs:
  • T1082 - System Information Discovery
  • T1112 - Modify Registry
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1573.002 - Asymmetric Cryptography
  • T1518.001 - Security Software Discovery
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Tropic Trooper

Score: 13.42
Matched TTPs:
  • T1082 - System Information Discovery
  • T1573.002 - Asymmetric Cryptography
  • T1518.001 - Security Software Discovery
  • T1070.004 - File Deletion
  • T1518 - Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1078.003 - Local Accounts
MITREへのリンク →

Winter Vivern

Score: 11.61
Matched TTPs:
  • T1082 - System Information Discovery
  • T1190 - Exploit Public-Facing Application
  • T1056.003 - Web Portal Capture
  • T1584.006 - Web Services
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Wizard Spider

Score: 26.41
Matched TTPs:
  • T1082 - System Information Discovery
  • T1021 - Remote Services
  • T1112 - Modify Registry
  • T1210 - Exploitation of Remote Services
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1078.002 - Domain Accounts
  • T1518.001 - Security Software Discovery
  • T1555.004 - Windows Credential Manager
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Windshift

Score: 9.15
Matched TTPs:
  • T1082 - System Information Discovery
  • T1518.001 - Security Software Discovery
  • T1518 - Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Medusa Group

Score: 32.21
Matched TTPs:
  • T1082 - System Information Discovery
  • T1190 - Exploit Public-Facing Application
  • T1608.002 - Upload Tool
  • T1112 - Modify Registry
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1573.002 - Asymmetric Cryptography
  • T1518.001 - Security Software Discovery
  • T1650 - Acquire Access
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Stealth Falcon

Score: 7.06
Matched TTPs:
  • T1082 - System Information Discovery
  • T1012 - Query Registry
  • T1555.004 - Windows Credential Manager
MITREへのリンク →

IndigoZebra

Score: 6.30
Matched TTPs:
  • T1586.002 - Email Accounts
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

LazyScripter

Score: 9.74
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

TA505

Score: 11.97
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1112 - Modify Registry
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078.002 - Domain Accounts
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

BITTER

Score: 3.60
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Saint Bear

Score: 14.49
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1112 - Modify Registry
  • T1497 - Virtualization/Sandbox Evasion
  • T1583.006 - Web Services
  • T1562.001 - Disable or Modify Tools
  • T1656 - Impersonation
MITREへのリンク →

EXOTIC LILY

Score: 10.86
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1102 - Web Service
  • T1593.001 - Social Media
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

BackdoorDiplomacy

Score: 5.55
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

GOLD SOUTHFIELD

Score: 7.50
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1199 - Trusted Relationship
  • T1566 - Phishing
MITREへのリンク →

Fox Kitten

Score: 15.02
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1102 - Web Service
  • T1210 - Exploitation of Remote Services
  • T1078 - Valid Accounts
  • T1012 - Query Registry
  • T1105 - Ingress Tool Transfer
  • T1213.005 - Messaging Applications
MITREへのリンク →

Cinnamon Tempest

Score: 9.33
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1078.002 - Domain Accounts
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

ToddyCat

Score: 8.18
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1078.002 - Domain Accounts
  • T1518.001 - Security Software Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

GALLIUM

Score: 4.52
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

INC Ransom

Score: 17.35
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1566 - Phishing
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1537 - Transfer Data to Cloud Account
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Axiom

Score: 9.80
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1584.005 - Botnet
  • T1566 - Phishing
  • T1078 - Valid Accounts
MITREへのリンク →

APT39

Score: 8.14
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1012 - Query Registry
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

MoustachedBouncer

Score: 4.54
Matched TTPs:
  • T1659 - Content Injection
MITREへのリンク →

Silence

Score: 6.26
Matched TTPs:
  • T1112 - Modify Registry
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Lotus Blossom

Score: 4.91
Matched TTPs:
  • T1112 - Modify Registry
  • T1588.002 - Tool
  • T1012 - Query Registry
MITREへのリンク →

Gorgon Group

Score: 5.25
Matched TTPs:
  • T1112 - Modify Registry
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Metador

Score: 5.47
Matched TTPs:
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Andariel

Score: 7.08
Matched TTPs:
  • T1588.001 - Malware
  • T1592.002 - Software
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Equation

Score: 8.67
Matched TTPs:
  • T1542.002 - Component Firmware
  • T1480.001 - Environmental Keying
MITREへのリンク →

FIN6

Score: 15.99
Matched TTPs:
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1573.002 - Asymmetric Cryptography
  • T1070.004 - File Deletion
  • T1566.003 - Spearphishing via Service
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

AppleJeus

Score: 5.81
Matched TTPs:
  • T1657 - Financial Theft
  • T1566 - Phishing
MITREへのリンク →

Akira

Score: 9.88
Matched TTPs:
  • T1657 - Financial Theft
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1531 - Account Access Removal
MITREへのリンク →

POLONIUM

Score: 7.03
Matched TTPs:
  • T1583.006 - Web Services
  • T1199 - Trusted Relationship
  • T1588.002 - Tool
  • T1078 - Valid Accounts
MITREへのリンク →

Tonto Team

Score: 3.52
Matched TTPs:
  • T1210 - Exploitation of Remote Services
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

FIN4

Score: 5.56
Matched TTPs:
  • T1056.002 - GUI Input Capture
  • T1078 - Valid Accounts
MITREへのリンク →

Storm-1811

Score: 15.34
Matched TTPs:
  • T1588.002 - Tool
  • T1566.004 - Spearphishing Voice
  • T1656 - Impersonation
  • T1036.010 - Masquerade Account Name
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Cobalt Group

Score: 7.65
Matched TTPs:
  • T1588.002 - Tool
  • T1573.002 - Asymmetric Cryptography
  • T1518.001 - Security Software Discovery
  • T1070.004 - File Deletion
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

FIN5

Score: 3.65
Matched TTPs:
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1070.004 - File Deletion
MITREへのリンク →

Thrip

Score: 3.60
Matched TTPs:
  • T1588.002 - Tool
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

FIN10

Score: 6.32
Matched TTPs:
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1070.004 - File Deletion
  • T1078.003 - Local Accounts
MITREへのリンク →

Naikon

Score: 4.19
Matched TTPs:
  • T1078.002 - Domain Accounts
  • T1518.001 - Security Software Discovery
MITREへのリンク →

The White Company

Score: 3.28
Matched TTPs:
  • T1518.001 - Security Software Discovery
  • T1070.004 - File Deletion
MITREへのリンク →

Ajax Security Team

Score: 3.30
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

RTM

Score: 3.29
Matched TTPs:
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Transparent Tribe

Score: 3.29
Matched TTPs:
  • T1584.001 - Domains
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.81
Matched TTPs:
  • T1040 - Network Sniffing
  • T1012 - Query Registry
  • T1082 - System Information Discovery
  • T1656 - Impersonation
  • T1518.001 - Security Software Discovery
  • T1657 - Financial Theft
  • T1593 - Search Open Websites/Domains
  • T1584.001 - Domains
  • T1102.001 - Dead Drop Resolver
  • T1583 - Acquire Infrastructure
  • T1078.003 - Local Accounts
  • T1007 - System Service Discovery
  • T1112 - Modify Registry
  • T1587.001 - Malware
  • T1583.006 - Web Services
  • T1105 - Ingress Tool Transfer
  • T1562.001 - Disable or Modify Tools
  • T1608.001 - Upload Malware
  • T1111 - Multi-Factor Authentication Interception
  • T1587 - Develop Capabilities
  • T1566 - Phishing
  • T1591 - Gather Victim Org Information
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1070.004 - File Deletion
  • T1588.002 - Tool
  • T1534 - Internal Spearphishing
  • T1598 - Phishing for Information
  • T1598.003 - Spearphishing Link
  • T1593.001 - Social Media
  • T1588.005 - Exploits
MITREへのリンク →

Sandworm Team

Score: 0.65
Matched TTPs:
  • T1040 - Network Sniffing
  • T1082 - System Information Discovery
  • T1593 - Search Open Websites/Domains
  • T1195 - Supply Chain Compromise
  • T1583 - Acquire Infrastructure
  • T1592.002 - Software
  • T1199 - Trusted Relationship
  • T1584.004 - Server
  • T1587.001 - Malware
  • T1078.002 - Domain Accounts
  • T1499 - Endpoint Denial of Service
  • T1584.005 - Botnet
  • T1105 - Ingress Tool Transfer
  • T1608.001 - Upload Malware
  • T1591.002 - Business Relationships
  • T1586.001 - Social Media Accounts
  • T1491.002 - External Defacement
  • T1078 - Valid Accounts
  • T1190 - Exploit Public-Facing Application
  • T1070.004 - File Deletion
  • T1588.002 - Tool
  • T1598.003 - Spearphishing Link
MITREへのリンク →

Contagious Interview

Score: 0.64
Matched TTPs:
  • T1593.003 - Code Repositories
  • T1082 - System Information Discovery
  • T1656 - Impersonation
  • T1657 - Financial Theft
  • T1566.003 - Spearphishing via Service
  • T1593 - Search Open Websites/Domains
  • T1583 - Acquire Infrastructure
  • T1497 - Virtualization/Sandbox Evasion
  • T1681 - Search Threat Vendor Data
  • T1587.001 - Malware
  • T1583.006 - Web Services
  • T1562.001 - Disable or Modify Tools
  • T1608.001 - Upload Malware
  • T1587 - Develop Capabilities
  • T1070.004 - File Deletion
  • T1588.002 - Tool
  • T1588.007 - Artificial Intelligence
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
  • T1589 - Gather Victim Identity Information
  • T1204.004 - Malicious Copy and Paste
  • T1593.001 - Social Media
MITREへのリンク →

LAPSUS$

Score: 0.63
Matched TTPs:
  • T1593.003 - Code Repositories
  • T1598.004 - Spearphishing Voice
  • T1591.004 - Identify Roles
  • T1588.002 - Tool
  • T1588.001 - Malware
  • T1591.002 - Business Relationships
  • T1589 - Gather Victim Identity Information
  • T1111 - Multi-Factor Authentication Interception
  • T1199 - Trusted Relationship
  • T1597.002 - Purchase Technical Data
  • T1531 - Account Access Removal
  • T1656 - Impersonation
  • T1078 - Valid Accounts
  • T1213.005 - Messaging Applications
  • T1552.008 - Chat Messages
  • T1586.002 - Email Accounts
  • T1589.001 - Credentials
MITREへのリンク →

Mustang Panda

Score: 0.61
Matched TTPs:
  • T1176.002 - IDE Extensions
  • T1070 - Indicator Removal
  • T1102 - Web Service
  • T1082 - System Information Discovery
  • T1593 - Search Open Websites/Domains
  • T1518 - Software Discovery
  • T1608 - Stage Capabilities
  • T1678 - Delay Execution
  • T1027.007 - Dynamic API Resolution
  • T1622 - Debugger Evasion
  • T1587.001 - Malware
  • T1583.006 - Web Services
  • T1105 - Ingress Tool Transfer
  • T1608.001 - Upload Malware
  • T1586.002 - Email Accounts
  • T1070.004 - File Deletion
  • T1588.002 - Tool
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
  • T1598.003 - Spearphishing Link
  • T1001.003 - Protocol or Service Impersonation
MITREへのリンク →

Volt Typhoon

Score: 0.58
Matched TTPs:
  • T1591.004 - Identify Roles
  • T1596.005 - Scan Databases
  • T1012 - Query Registry
  • T1593 - Search Open Websites/Domains
  • T1518 - Software Discovery
  • T1497.001 - System Checks
  • T1584.004 - Server
  • T1007 - System Service Discovery
  • T1112 - Modify Registry
  • T1078.002 - Domain Accounts
  • T1584.005 - Botnet
  • T1105 - Ingress Tool Transfer
  • T1078 - Valid Accounts
  • T1591 - Gather Victim Org Information
  • T1584.008 - Network Devices
  • T1190 - Exploit Public-Facing Application
  • T1070.004 - File Deletion
  • T1588.002 - Tool
  • T1589 - Gather Victim Identity Information
  • T1590.006 - Network Security Appliances
MITREへのリンク →

Magic Hound

Score: 0.56
Matched TTPs:
  • T1591.001 - Determine Physical Locations
  • T1082 - System Information Discovery
  • T1566.003 - Spearphishing via Service
  • T1584.001 - Domains
  • T1078.001 - Default Accounts
  • T1036.010 - Masquerade Account Name
  • T1592.002 - Software
  • T1562 - Impair Defenses
  • T1112 - Modify Registry
  • T1078.002 - Domain Accounts
  • T1583.006 - Web Services
  • T1105 - Ingress Tool Transfer
  • T1562.001 - Disable or Modify Tools
  • T1586.002 - Email Accounts
  • T1589.001 - Credentials
  • T1190 - Exploit Public-Facing Application
  • T1070.004 - File Deletion
  • T1588.002 - Tool
  • T1589 - Gather Victim Identity Information
  • T1598.003 - Spearphishing Link
MITREへのリンク →

APT28

Score: 0.56
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1557.004 - Evil Twin
  • T1669 - Wi-Fi Networks
  • T1070.004 - File Deletion
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
  • T1591 - Gather Victim Org Information
  • T1598 - Phishing for Information
  • T1040 - Network Sniffing
  • T1211 - Exploitation for Defense Evasion
  • T1598.003 - Spearphishing Link
  • T1210 - Exploitation of Remote Services
  • T1199 - Trusted Relationship
  • T1078 - Valid Accounts
  • T1586.002 - Email Accounts
  • T1584.008 - Network Devices
  • T1589.001 - Credentials
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る