TA17-117A Intrusions Affecting Multiple Victims Across Multiple Sectors
概要
US-CERT IR-ALERT-MED-17-093-0, TA17-117A
The National Cybersecurity and Communications Integration Center (NCCIC) has become aware
of an emerging sophisticated campaign, occurring since at least May 2016, that uses multiple
malware implants. Initial victims have been identified in several sectors, including information
technology, energy, healthcare and public health, communications, and critical manufacturing.
According to preliminary analysis, threat actors appear to be leveraging stolen administrative
credentials (local and domain) and certificates, along with placing sophisticated malware
implants on critical systems. Some of the campaign victims have been IT service providers,
where credential compromises could potentially be leveraged to access customer environments.
Depending on the defensive mitigations in place, the threat actor could possibly gain full access
to networks and data in a way that appears legitimate to existing monitoring tools.
Created: 2026-02-23
Indicators
Indicatorsは見つかっていない。
類似Pulses
このPulseに関連する脅威アクター (事実ベース)
Score: 86.92
Matched TTPs:
- T1583 - Acquire Infrastructure
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1007 - System Service Discovery
- T1040 - Network Sniffing
- T1082 - System Information Discovery
- T1586.002 - Email Accounts
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1596 - Search Open Technical Databases
- T1112 - Modify Registry
- T1657 - Financial Theft
- T1583.006 - Web Services
- T1591 - Gather Victim Org Information
- T1534 - Internal Spearphishing
- T1593 - Search Open Websites/Domains
- T1588.002 - Tool
- T1566 - Phishing
- T1562.001 - Disable or Modify Tools
- T1593.001 - Social Media
- T1102.002 - Bidirectional Communication
- T1012 - Query Registry
- T1656 - Impersonation
- T1518.001 - Security Software Discovery
- T1598 - Phishing for Information
- T1070.004 - File Deletion
- T1111 - Multi-Factor Authentication Interception
- T1105 - Ingress Tool Transfer
- T1587 - Develop Capabilities
- T1588.005 - Exploits
- T1102.001 - Dead Drop Resolver
- T1584.001 - Domains
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 21.10
Matched TTPs:
- T1583 - Acquire Infrastructure
- T1190 - Exploit Public-Facing Application
- T1199 - Trusted Relationship
- T1588.002 - Tool
- T1566 - Phishing
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
- T1584.002 - DNS Server
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 38.38
Matched TTPs:
- T1583 - Acquire Infrastructure
- T1491.002 - External Defacement
- T1195 - Supply Chain Compromise
- T1190 - Exploit Public-Facing Application
- T1021 - Remote Services
- T1595.002 - Vulnerability Scanning
- T1112 - Modify Registry
- T1078.001 - Default Accounts
- T1588.001 - Malware
- T1210 - Exploitation of Remote Services
- T1562.001 - Disable or Modify Tools
- T1203 - Exploitation for Client Execution
- T1070.004 - File Deletion
- T1588.005 - Exploits
MITREへのリンク →
Score: 28.53
Matched TTPs:
- T1583 - Acquire Infrastructure
- T1587.001 - Malware
- T1007 - System Service Discovery
- T1112 - Modify Registry
- T1590 - Gather Victim Network Information
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1012 - Query Registry
- T1078.002 - Domain Accounts
- T1136 - Create Account
- T1584.004 - Server
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 8.59
Matched TTPs:
- T1583 - Acquire Infrastructure
- T1190 - Exploit Public-Facing Application
- T1562.001 - Disable or Modify Tools
- T1078.002 - Domain Accounts
MITREへのリンク →
Score: 59.98
Matched TTPs:
- T1583 - Acquire Infrastructure
- T1588.007 - Artificial Intelligence
- T1587.001 - Malware
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1589 - Gather Victim Identity Information
- T1681 - Search Threat Vendor Data
- T1593.003 - Code Repositories
- T1497 - Virtualization/Sandbox Evasion
- T1657 - Financial Theft
- T1583.006 - Web Services
- T1593 - Search Open Websites/Domains
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1593.001 - Social Media
- T1656 - Impersonation
- T1070.004 - File Deletion
- T1204.004 - Malicious Copy and Paste
- T1587 - Develop Capabilities
- T1566.003 - Spearphishing via Service
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 65.30
Matched TTPs:
- T1583 - Acquire Infrastructure
- T1491.002 - External Defacement
- T1587.001 - Malware
- T1586.001 - Social Media Accounts
- T1598.003 - Spearphishing Link
- T1040 - Network Sniffing
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1195 - Supply Chain Compromise
- T1190 - Exploit Public-Facing Application
- T1595.002 - Vulnerability Scanning
- T1591.002 - Business Relationships
- T1584.005 - Botnet
- T1199 - Trusted Relationship
- T1593 - Search Open Websites/Domains
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1592.002 - Software
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
- T1078.002 - Domain Accounts
- T1499 - Endpoint Denial of Service
- T1070.004 - File Deletion
- T1584.004 - Server
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 22.24
Matched TTPs:
- T1583 - Acquire Infrastructure
- T1598.003 - Spearphishing Link
- T1586.002 - Email Accounts
- T1608.001 - Upload Malware
- T1589 - Gather Victim Identity Information
- T1598.002 - Spearphishing Attachment
- T1593 - Search Open Websites/Domains
- T1588.002 - Tool
- T1078 - Valid Accounts
MITREへのリンク →
Score: 63.64
Matched TTPs:
- T1597.002 - Purchase Technical Data
- T1586.002 - Email Accounts
- T1589 - Gather Victim Identity Information
- T1598.004 - Spearphishing Voice
- T1591.002 - Business Relationships
- T1593.003 - Code Repositories
- T1588.001 - Malware
- T1621 - Multi-Factor Authentication Request Generation
- T1552.008 - Chat Messages
- T1199 - Trusted Relationship
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1531 - Account Access Removal
- T1589.001 - Credentials
- T1584.002 - DNS Server
- T1656 - Impersonation
- T1591.004 - Identify Roles
- T1111 - Multi-Factor Authentication Interception
- T1213.005 - Messaging Applications
MITREへのリンク →
Score: 64.65
Matched TTPs:
- T1584.008 - Network Devices
- T1497.001 - System Checks
- T1007 - System Service Discovery
- T1590.004 - Network Topology
- T1584.003 - Virtual Private Server
- T1190 - Exploit Public-Facing Application
- T1589 - Gather Victim Identity Information
- T1112 - Modify Registry
- T1590.006 - Network Security Appliances
- T1584.005 - Botnet
- T1591 - Gather Victim Org Information
- T1590 - Gather Victim Network Information
- T1593 - Search Open Websites/Domains
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1012 - Query Registry
- T1078.002 - Domain Accounts
- T1591.004 - Identify Roles
- T1070.004 - File Deletion
- T1584.004 - Server
- T1518 - Software Discovery
- T1105 - Ingress Tool Transfer
- T1596.005 - Scan Databases
MITREへのリンク →
Score: 59.17
Matched TTPs:
- T1584.008 - Network Devices
- T1598.003 - Spearphishing Link
- T1040 - Network Sniffing
- T1586.002 - Email Accounts
- T1190 - Exploit Public-Facing Application
- T1557.004 - Evil Twin
- T1595.002 - Vulnerability Scanning
- T1596 - Search Open Technical Databases
- T1583.006 - Web Services
- T1591 - Gather Victim Org Information
- T1210 - Exploitation of Remote Services
- T1199 - Trusted Relationship
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1589.001 - Credentials
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
- T1598 - Phishing for Information
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1669 - Wi-Fi Networks
- T1211 - Exploitation for Defense Evasion
MITREへのリンク →
Score: 18.15
Matched TTPs:
- T1584.008 - Network Devices
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1583.006 - Web Services
- T1102.002 - Bidirectional Communication
- T1012 - Query Registry
- T1598 - Phishing for Information
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 32.20
Matched TTPs:
- T1584.008 - Network Devices
- T1586.001 - Social Media Accounts
- T1586.002 - Email Accounts
- T1190 - Exploit Public-Facing Application
- T1595.002 - Vulnerability Scanning
- T1102.003 - One-Way Communication
- T1534 - Internal Spearphishing
- T1078 - Valid Accounts
- T1589.001 - Credentials
- T1203 - Exploitation for Client Execution
- T1584.004 - Server
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 11.78
Matched TTPs:
- T1583.008 - Malvertising
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1105 - Ingress Tool Transfer
- T1584.001 - Domains
MITREへのリンク →
Score: 23.85
Matched TTPs:
- T1587.001 - Malware
- T1590.004 - Network Topology
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1589 - Gather Victim Identity Information
- T1078.001 - Default Accounts
- T1657 - Financial Theft
- T1588.002 - Tool
- T1105 - Ingress Tool Transfer
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 21.60
Matched TTPs:
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1591 - Gather Victim Org Information
- T1598 - Phishing for Information
- T1105 - Ingress Tool Transfer
- T1587 - Develop Capabilities
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 51.56
Matched TTPs:
- T1587.001 - Malware
- T1082 - System Information Discovery
- T1070 - Indicator Removal
- T1583.006 - Web Services
- T1491.001 - Internal Defacement
- T1591 - Gather Victim Org Information
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
- T1001.003 - Protocol or Service Impersonation
- T1012 - Query Registry
- T1070.004 - File Deletion
- T1584.004 - Server
- T1105 - Ingress Tool Transfer
- T1027.007 - Dynamic API Resolution
- T1008 - Fallback Channels
- T1566.003 - Spearphishing via Service
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
- T1529 - System Shutdown/Reboot
MITREへのリンク →
Score: 45.10
Matched TTPs:
- T1587.001 - Malware
- T1497.001 - System Checks
- T1007 - System Service Discovery
- T1082 - System Information Discovery
- T1586.002 - Email Accounts
- T1608.001 - Upload Malware
- T1195 - Supply Chain Compromise
- T1112 - Modify Registry
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
- T1573.002 - Asymmetric Cryptography
- T1012 - Query Registry
- T1078.002 - Domain Accounts
- T1555.004 - Windows Credential Manager
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1008 - Fallback Channels
- T1566.003 - Spearphishing via Service
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 30.89
Matched TTPs:
- T1587.001 - Malware
- T1040 - Network Sniffing
- T1190 - Exploit Public-Facing Application
- T1078.001 - Default Accounts
- T1681 - Search Threat Vendor Data
- T1588.001 - Malware
- T1212 - Exploitation for Credential Access
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
- T1070.004 - File Deletion
- T1008 - Fallback Channels
MITREへのリンク →
Score: 9.98
Matched TTPs:
- T1587.001 - Malware
- T1608.001 - Upload Malware
- T1112 - Modify Registry
- T1588.001 - Malware
- T1588.002 - Tool
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 22.42
Matched TTPs:
- T1587.001 - Malware
- T1040 - Network Sniffing
- T1590.004 - Network Topology
- T1190 - Exploit Public-Facing Application
- T1602.002 - Network Device Configuration Dump
- T1588.002 - Tool
- T1136 - Create Account
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 37.62
Matched TTPs:
- T1587.001 - Malware
- T1586.003 - Cloud Accounts
- T1586.002 - Email Accounts
- T1190 - Exploit Public-Facing Application
- T1595.002 - Vulnerability Scanning
- T1649 - Steal or Forge Authentication Certificates
- T1583.006 - Web Services
- T1621 - Multi-Factor Authentication Request Generation
- T1199 - Trusted Relationship
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1566.003 - Spearphishing via Service
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 20.37
Matched TTPs:
- T1587.001 - Malware
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1657 - Financial Theft
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1078.002 - Domain Accounts
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 4.44
Matched TTPs:
- T1587.001 - Malware
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 20.68
Matched TTPs:
- T1587.001 - Malware
- T1082 - System Information Discovery
- T1102 - Web Service
- T1199 - Trusted Relationship
- T1056.002 - GUI Input Capture
- T1573.002 - Asymmetric Cryptography
- T1537 - Transfer Data to Cloud Account
- T1070.004 - File Deletion
MITREへのリンク →
Score: 6.40
Matched TTPs:
- T1587.001 - Malware
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1588.002 - Tool
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 41.48
Matched TTPs:
- T1587.001 - Malware
- T1007 - System Service Discovery
- T1082 - System Information Discovery
- T1584.003 - Virtual Private Server
- T1112 - Modify Registry
- T1588.001 - Malware
- T1102 - Web Service
- T1583.006 - Web Services
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1584.006 - Web Services
- T1102.002 - Bidirectional Communication
- T1012 - Query Registry
- T1518.001 - Security Software Discovery
- T1555.004 - Windows Credential Manager
- T1584.004 - Server
- T1105 - Ingress Tool Transfer
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 14.19
Matched TTPs:
- T1587.001 - Malware
- T1583.005 - Botnet
- T1007 - System Service Discovery
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 57.96
Matched TTPs:
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1586.002 - Email Accounts
- T1608.001 - Upload Malware
- T1176.002 - IDE Extensions
- T1070 - Indicator Removal
- T1102 - Web Service
- T1608 - Stage Capabilities
- T1583.006 - Web Services
- T1593 - Search Open Websites/Domains
- T1678 - Delay Execution
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
- T1001.003 - Protocol or Service Impersonation
- T1070.004 - File Deletion
- T1518 - Software Discovery
- T1622 - Debugger Evasion
- T1105 - Ingress Tool Transfer
- T1027.007 - Dynamic API Resolution
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 18.77
Matched TTPs:
- T1587.001 - Malware
- T1007 - System Service Discovery
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1595.002 - Vulnerability Scanning
- T1102 - Web Service
- T1562.001 - Disable or Modify Tools
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 34.10
Matched TTPs:
- T1587.001 - Malware
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1583.006 - Web Services
- T1497.002 - User Activity Based Checks
- T1591 - Gather Victim Org Information
- T1210 - Exploitation of Remote Services
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1102.002 - Bidirectional Communication
- T1591.004 - Identify Roles
- T1105 - Ingress Tool Transfer
- T1008 - Fallback Channels
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 47.23
Matched TTPs:
- T1484.002 - Trust Modification
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1589 - Gather Victim Identity Information
- T1598.004 - Spearphishing Voice
- T1588.001 - Malware
- T1657 - Financial Theft
- T1621 - Multi-Factor Authentication Request Generation
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1656 - Impersonation
- T1598 - Phishing for Information
- T1136 - Create Account
- T1538 - Cloud Service Dashboard
- T1105 - Ingress Tool Transfer
- T1213.005 - Messaging Applications
MITREへのリンク →
Score: 18.00
Matched TTPs:
- T1484.002 - Trust Modification
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1482 - Domain Trust Discovery
- T1657 - Financial Theft
- T1518.001 - Security Software Discovery
- T1537 - Transfer Data to Cloud Account
MITREへのリンク →
Score: 5.60
Matched TTPs:
- T1497.001 - System Checks
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 16.79
Matched TTPs:
- T1497.001 - System Checks
- T1082 - System Information Discovery
- T1497 - Virtualization/Sandbox Evasion
- T1497.002 - User Activity Based Checks
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 35.92
Matched TTPs:
- T1497.001 - System Checks
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1112 - Modify Registry
- T1102 - Web Service
- T1583.006 - Web Services
- T1491.001 - Internal Defacement
- T1102.003 - One-Way Communication
- T1534 - Internal Spearphishing
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1102.002 - Bidirectional Communication
- T1012 - Query Registry
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 14.20
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1598.002 - Spearphishing Attachment
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1518 - Software Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 4.73
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1588.002 - Tool
- T1078 - Valid Accounts
MITREへのリンク →
Score: 27.08
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1589 - Gather Victim Identity Information
- T1112 - Modify Registry
- T1102 - Web Service
- T1583.006 - Web Services
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
- T1012 - Query Registry
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 58.59
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1562 - Impair Defenses
- T1586.002 - Email Accounts
- T1190 - Exploit Public-Facing Application
- T1589 - Gather Victim Identity Information
- T1595.002 - Vulnerability Scanning
- T1112 - Modify Registry
- T1078.001 - Default Accounts
- T1482 - Domain Trust Discovery
- T1583.006 - Web Services
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1592.002 - Software
- T1589.001 - Credentials
- T1102.002 - Bidirectional Communication
- T1078.002 - Domain Accounts
- T1036.010 - Masquerade Account Name
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1591.001 - Determine Physical Locations
- T1566.003 - Spearphishing via Service
- T1584.001 - Domains
MITREへのリンク →
Score: 9.81
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1584.006 - Web Services
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 33.18
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1190 - Exploit Public-Facing Application
- T1595.002 - Vulnerability Scanning
- T1112 - Modify Registry
- T1591.002 - Business Relationships
- T1598.002 - Spearphishing Attachment
- T1210 - Exploitation of Remote Services
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
- T1012 - Query Registry
- T1036.010 - Masquerade Account Name
- T1070.004 - File Deletion
- T1584.004 - Server
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 15.18
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1082 - System Information Discovery
- T1112 - Modify Registry
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 29.37
Matched TTPs:
- T1583.005 - Botnet
- T1190 - Exploit Public-Facing Application
- T1593.003 - Code Repositories
- T1592.004 - Client Configurations
- T1584.005 - Botnet
- T1583.006 - Web Services
- T1590 - Gather Victim Network Information
- T1199 - Trusted Relationship
- T1105 - Ingress Tool Transfer
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 16.74
Matched TTPs:
- T1583.005 - Botnet
- T1190 - Exploit Public-Facing Application
- T1562.006 - Indicator Blocking
- T1070 - Indicator Removal
- T1078.002 - Domain Accounts
- T1070.004 - File Deletion
MITREへのリンク →
Score: 14.85
Matched TTPs:
- T1007 - System Service Discovery
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1203 - Exploitation for Client Execution
- T1070.004 - File Deletion
- T1518 - Software Discovery
- T1105 - Ingress Tool Transfer
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 23.44
Matched TTPs:
- T1007 - System Service Discovery
- T1082 - System Information Discovery
- T1021 - Remote Services
- T1595.002 - Vulnerability Scanning
- T1112 - Modify Registry
- T1588.001 - Malware
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078.002 - Domain Accounts
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 30.54
Matched TTPs:
- T1007 - System Service Discovery
- T1482 - Domain Trust Discovery
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1110.004 - Credential Stuffing
- T1589.001 - Credentials
- T1012 - Query Registry
- T1078.002 - Domain Accounts
- T1556.001 - Domain Controller Authentication
- T1070.004 - File Deletion
- T1111 - Multi-Factor Authentication Interception
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 27.84
Matched TTPs:
- T1007 - System Service Discovery
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1595.002 - Vulnerability Scanning
- T1112 - Modify Registry
- T1482 - Domain Trust Discovery
- T1588.001 - Malware
- T1583.006 - Web Services
- T1210 - Exploitation of Remote Services
- T1588.002 - Tool
- T1584.006 - Web Services
- T1584.004 - Server
MITREへのリンク →
Score: 5.22
Matched TTPs:
- T1007 - System Service Discovery
- T1082 - System Information Discovery
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 9.12
Matched TTPs:
- T1007 - System Service Discovery
- T1588.001 - Malware
- T1588.002 - Tool
- T1584.001 - Domains
MITREへのリンク →
Score: 14.38
Matched TTPs:
- T1040 - Network Sniffing
- T1562.001 - Disable or Modify Tools
- T1573.002 - Asymmetric Cryptography
- T1078.003 - Local Accounts
- T1211 - Exploitation for Defense Evasion
MITREへのリンク →
Score: 10.32
Matched TTPs:
- T1040 - Network Sniffing
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
- T1105 - Ingress Tool Transfer
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 8.42
Matched TTPs:
- T1040 - Network Sniffing
- T1588.002 - Tool
- T1200 - Hardware Additions
MITREへのリンク →
Score: 3.95
Matched TTPs:
- T1082 - System Information Discovery
- T1518 - Software Discovery
MITREへのリンク →
Score: 29.18
Matched TTPs:
- T1082 - System Information Discovery
- T1562 - Impair Defenses
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1112 - Modify Registry
- T1482 - Domain Trust Discovery
- T1491.001 - Internal Defacement
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1012 - Query Registry
- T1078.002 - Domain Accounts
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 37.41
Matched TTPs:
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1595.002 - Vulnerability Scanning
- T1112 - Modify Registry
- T1562.006 - Indicator Blocking
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
- T1012 - Query Registry
- T1656 - Impersonation
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1596.005 - Scan Databases
- T1480.001 - Environmental Keying
- T1008 - Fallback Channels
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 9.89
Matched TTPs:
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1112 - Modify Registry
- T1588.002 - Tool
- T1574.012 - COR_PROFILER
MITREへのリンク →
Score: 22.79
Matched TTPs:
- T1082 - System Information Discovery
- T1586.002 - Email Accounts
- T1608.001 - Upload Malware
- T1589 - Gather Victim Identity Information
- T1534 - Internal Spearphishing
- T1588.002 - Tool
- T1102.002 - Bidirectional Communication
- T1591.004 - Identify Roles
- T1518 - Software Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 15.72
Matched TTPs:
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1588.001 - Malware
- T1583.006 - Web Services
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1573.002 - Asymmetric Cryptography
- T1518.001 - Security Software Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 14.34
Matched TTPs:
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1102 - Web Service
- T1562.001 - Disable or Modify Tools
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 9.50
Matched TTPs:
- T1082 - System Information Discovery
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
- T1105 - Ingress Tool Transfer
- T1529 - System Shutdown/Reboot
MITREへのリンク →
Score: 8.82
Matched TTPs:
- T1082 - System Information Discovery
- T1102 - Web Service
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
- T1518 - Software Discovery
MITREへのリンク →
Score: 6.54
Matched TTPs:
- T1082 - System Information Discovery
- T1203 - Exploitation for Client Execution
- T1001.003 - Protocol or Service Impersonation
MITREへのリンク →
Score: 5.63
Matched TTPs:
- T1082 - System Information Discovery
- T1657 - Financial Theft
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 13.36
Matched TTPs:
- T1082 - System Information Discovery
- T1112 - Modify Registry
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1529 - System Shutdown/Reboot
MITREへのリンク →
Score: 19.39
Matched TTPs:
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1583.006 - Web Services
- T1210 - Exploitation of Remote Services
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1518 - Software Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 10.77
Matched TTPs:
- T1082 - System Information Discovery
- T1203 - Exploitation for Client Execution
- T1078.002 - Domain Accounts
- T1036.010 - Masquerade Account Name
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 7.05
Matched TTPs:
- T1082 - System Information Discovery
- T1012 - Query Registry
- T1584.004 - Server
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 23.30
Matched TTPs:
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1112 - Modify Registry
- T1070 - Indicator Removal
- T1102 - Web Service
- T1588.002 - Tool
- T1573.002 - Asymmetric Cryptography
- T1656 - Impersonation
- T1518.001 - Security Software Discovery
- T1111 - Multi-Factor Authentication Interception
MITREへのリンク →
Score: 15.51
Matched TTPs:
- T1082 - System Information Discovery
- T1608.001 - Upload Malware
- T1598.002 - Spearphishing Attachment
- T1518.001 - Security Software Discovery
- T1518 - Software Discovery
- T1105 - Ingress Tool Transfer
- T1584.001 - Domains
MITREへのリンク →
Score: 3.88
Matched TTPs:
- T1082 - System Information Discovery
- T1112 - Modify Registry
- T1588.002 - Tool
MITREへのリンク →
Score: 4.79
Matched TTPs:
- T1082 - System Information Discovery
- T1078 - Valid Accounts
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 20.31
Matched TTPs:
- T1082 - System Information Discovery
- T1112 - Modify Registry
- T1482 - Domain Trust Discovery
- T1102 - Web Service
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1573.002 - Asymmetric Cryptography
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 14.91
Matched TTPs:
- T1082 - System Information Discovery
- T1203 - Exploitation for Client Execution
- T1573.002 - Asymmetric Cryptography
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1518 - Software Discovery
- T1105 - Ingress Tool Transfer
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 14.20
Matched TTPs:
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1595.002 - Vulnerability Scanning
- T1056.003 - Web Portal Capture
- T1584.006 - Web Services
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 26.41
Matched TTPs:
- T1082 - System Information Discovery
- T1021 - Remote Services
- T1112 - Modify Registry
- T1210 - Exploitation of Remote Services
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1078.002 - Domain Accounts
- T1518.001 - Security Software Discovery
- T1555.004 - Windows Credential Manager
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 9.15
Matched TTPs:
- T1082 - System Information Discovery
- T1518.001 - Security Software Discovery
- T1518 - Software Discovery
- T1105 - Ingress Tool Transfer
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 32.21
Matched TTPs:
- T1082 - System Information Discovery
- T1190 - Exploit Public-Facing Application
- T1608.002 - Upload Tool
- T1112 - Modify Registry
- T1657 - Financial Theft
- T1583.006 - Web Services
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1573.002 - Asymmetric Cryptography
- T1518.001 - Security Software Discovery
- T1650 - Acquire Access
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1529 - System Shutdown/Reboot
MITREへのリンク →
Score: 7.06
Matched TTPs:
- T1082 - System Information Discovery
- T1012 - Query Registry
- T1555.004 - Windows Credential Manager
MITREへのリンク →
Score: 6.30
Matched TTPs:
- T1586.002 - Email Accounts
- T1583.006 - Web Services
- T1588.002 - Tool
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 9.74
Matched TTPs:
- T1608.001 - Upload Malware
- T1588.001 - Malware
- T1102 - Web Service
- T1583.006 - Web Services
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 23.06
Matched TTPs:
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1608.002 - Upload Tool
- T1112 - Modify Registry
- T1210 - Exploitation of Remote Services
- T1199 - Trusted Relationship
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
- T1012 - Query Registry
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 11.97
Matched TTPs:
- T1608.001 - Upload Malware
- T1112 - Modify Registry
- T1588.001 - Malware
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078.002 - Domain Accounts
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 5.09
Matched TTPs:
- T1608.001 - Upload Malware
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 15.98
Matched TTPs:
- T1608.001 - Upload Malware
- T1112 - Modify Registry
- T1497 - Virtualization/Sandbox Evasion
- T1583.006 - Web Services
- T1562.001 - Disable or Modify Tools
- T1203 - Exploitation for Client Execution
- T1656 - Impersonation
MITREへのリンク →
Score: 16.90
Matched TTPs:
- T1608.001 - Upload Malware
- T1102 - Web Service
- T1597 - Search Closed Sources
- T1593.001 - Social Media
- T1203 - Exploitation for Client Execution
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 5.55
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1588.001 - Malware
- T1588.002 - Tool
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 7.50
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1199 - Trusted Relationship
- T1566 - Phishing
MITREへのリンク →
Score: 3.81
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 15.02
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1102 - Web Service
- T1210 - Exploitation of Remote Services
- T1078 - Valid Accounts
- T1012 - Query Registry
- T1105 - Ingress Tool Transfer
- T1213.005 - Messaging Applications
MITREへのリンク →
Score: 9.33
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1657 - Financial Theft
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1078.002 - Domain Accounts
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 11.39
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1210 - Exploitation of Remote Services
- T1199 - Trusted Relationship
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 8.18
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1078.002 - Domain Accounts
- T1518.001 - Security Software Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 4.52
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 4.84
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1595.002 - Vulnerability Scanning
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 17.35
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1657 - Financial Theft
- T1588.002 - Tool
- T1566 - Phishing
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1537 - Transfer Data to Cloud Account
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 11.29
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1584.005 - Botnet
- T1566 - Phishing
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 10.53
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1102.002 - Bidirectional Communication
- T1012 - Query Registry
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 4.54
Matched TTPs:
- T1659 - Content Injection
MITREへのリンク →
Score: 6.26
Matched TTPs:
- T1112 - Modify Registry
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 7.84
Matched TTPs:
- T1112 - Modify Registry
- T1482 - Domain Trust Discovery
- T1588.002 - Tool
- T1012 - Query Registry
MITREへのリンク →
Score: 5.25
Matched TTPs:
- T1112 - Modify Registry
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 12.81
Matched TTPs:
- T1482 - Domain Trust Discovery
- T1657 - Financial Theft
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1531 - Account Access Removal
MITREへのリンク →
Score: 18.27
Matched TTPs:
- T1482 - Domain Trust Discovery
- T1588.002 - Tool
- T1566.004 - Spearphishing Voice
- T1656 - Impersonation
- T1036.010 - Masquerade Account Name
- T1105 - Ingress Tool Transfer
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 5.47
Matched TTPs:
- T1588.001 - Malware
- T1588.002 - Tool
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 8.57
Matched TTPs:
- T1588.001 - Malware
- T1592.002 - Software
- T1203 - Exploitation for Client Execution
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 8.67
Matched TTPs:
- T1542.002 - Component Firmware
- T1480.001 - Environmental Keying
MITREへのリンク →
Score: 15.99
Matched TTPs:
- T1102 - Web Service
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1573.002 - Asymmetric Cryptography
- T1070.004 - File Deletion
- T1566.003 - Spearphishing via Service
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 5.81
Matched TTPs:
- T1657 - Financial Theft
- T1566 - Phishing
MITREへのリンク →
Score: 4.28
Matched TTPs:
- T1583.006 - Web Services
- T1203 - Exploitation for Client Execution
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 9.43
Matched TTPs:
- T1583.006 - Web Services
- T1199 - Trusted Relationship
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1102.002 - Bidirectional Communication
MITREへのリンク →
Score: 5.02
Matched TTPs:
- T1210 - Exploitation of Remote Services
- T1203 - Exploitation for Client Execution
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 5.56
Matched TTPs:
- T1056.002 - GUI Input Capture
- T1078 - Valid Accounts
MITREへのリンク →
Score: 9.15
Matched TTPs:
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
- T1573.002 - Asymmetric Cryptography
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 3.65
Matched TTPs:
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1070.004 - File Deletion
MITREへのリンク →
Score: 3.60
Matched TTPs:
- T1588.002 - Tool
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 6.32
Matched TTPs:
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1070.004 - File Deletion
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 4.67
Matched TTPs:
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1102.002 - Bidirectional Communication
MITREへのリンク →
Score: 3.89
Matched TTPs:
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 4.77
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
MITREへのリンク →
Score: 4.78
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1584.001 - Domains
MITREへのリンク →
Score: 4.19
Matched TTPs:
- T1078.002 - Domain Accounts
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 3.30
Matched TTPs:
- T1105 - Ingress Tool Transfer
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
このPulseに関連する脅威アクター (推論ベース)
Score: 0.82
Matched TTPs:
- T1588.002 - Tool
- T1596 - Search Open Technical Databases
- T1608.001 - Upload Malware
- T1082 - System Information Discovery
- T1111 - Multi-Factor Authentication Interception
- T1586.002 - Email Accounts
- T1657 - Financial Theft
- T1102.001 - Dead Drop Resolver
- T1518.001 - Security Software Discovery
- T1102.002 - Bidirectional Communication
- T1112 - Modify Registry
- T1588.005 - Exploits
- T1012 - Query Registry
- T1078.003 - Local Accounts
- T1562.001 - Disable or Modify Tools
- T1190 - Exploit Public-Facing Application
- T1593 - Search Open Websites/Domains
- T1070.004 - File Deletion
- T1598.003 - Spearphishing Link
- T1040 - Network Sniffing
- T1105 - Ingress Tool Transfer
- T1598 - Phishing for Information
- T1534 - Internal Spearphishing
- T1591 - Gather Victim Org Information
- T1583.006 - Web Services
- T1583 - Acquire Infrastructure
- T1584.001 - Domains
- T1593.001 - Social Media
- T1587 - Develop Capabilities
- T1007 - System Service Discovery
- T1587.001 - Malware
- T1656 - Impersonation
- T1566 - Phishing
MITREへのリンク →
Score: 0.67
Matched TTPs:
- T1588.002 - Tool
- T1195 - Supply Chain Compromise
- T1608.001 - Upload Malware
- T1082 - System Information Discovery
- T1586.001 - Social Media Accounts
- T1491.002 - External Defacement
- T1102.002 - Bidirectional Communication
- T1499 - Endpoint Denial of Service
- T1199 - Trusted Relationship
- T1190 - Exploit Public-Facing Application
- T1078.002 - Domain Accounts
- T1593 - Search Open Websites/Domains
- T1070.004 - File Deletion
- T1598.003 - Spearphishing Link
- T1203 - Exploitation for Client Execution
- T1040 - Network Sniffing
- T1584.005 - Botnet
- T1105 - Ingress Tool Transfer
- T1591.002 - Business Relationships
- T1595.002 - Vulnerability Scanning
- T1583 - Acquire Infrastructure
- T1584.004 - Server
- T1587.001 - Malware
- T1592.002 - Software
- T1078 - Valid Accounts
MITREへのリンク →
Score: 0.66
Matched TTPs:
- T1588.002 - Tool
- T1213.005 - Messaging Applications
- T1621 - Multi-Factor Authentication Request Generation
- T1588.001 - Malware
- T1111 - Multi-Factor Authentication Interception
- T1586.002 - Email Accounts
- T1598.004 - Spearphishing Voice
- T1199 - Trusted Relationship
- T1593.003 - Code Repositories
- T1591.004 - Identify Roles
- T1584.002 - DNS Server
- T1591.002 - Business Relationships
- T1552.008 - Chat Messages
- T1531 - Account Access Removal
- T1589 - Gather Victim Identity Information
- T1589.001 - Credentials
- T1597.002 - Purchase Technical Data
- T1656 - Impersonation
- T1078 - Valid Accounts
MITREへのリンク →
Score: 0.65
Matched TTPs:
- T1588.002 - Tool
- T1590.004 - Network Topology
- T1112 - Modify Registry
- T1584.003 - Virtual Private Server
- T1012 - Query Registry
- T1497.001 - System Checks
- T1190 - Exploit Public-Facing Application
- T1591.004 - Identify Roles
- T1078.002 - Domain Accounts
- T1593 - Search Open Websites/Domains
- T1070.004 - File Deletion
- T1518 - Software Discovery
- T1584.005 - Botnet
- T1105 - Ingress Tool Transfer
- T1591 - Gather Victim Org Information
- T1584.008 - Network Devices
- T1590 - Gather Victim Network Information
- T1596.005 - Scan Databases
- T1589 - Gather Victim Identity Information
- T1590.006 - Network Security Appliances
- T1584.004 - Server
- T1007 - System Service Discovery
- T1078 - Valid Accounts
MITREへのリンク →
Score: 0.62
Matched TTPs:
- T1588.002 - Tool
- T1596 - Search Open Technical Databases
- T1586.002 - Email Accounts
- T1102.002 - Bidirectional Communication
- T1199 - Trusted Relationship
- T1190 - Exploit Public-Facing Application
- T1070.004 - File Deletion
- T1211 - Exploitation for Defense Evasion
- T1598.003 - Spearphishing Link
- T1203 - Exploitation for Client Execution
- T1040 - Network Sniffing
- T1105 - Ingress Tool Transfer
- T1598 - Phishing for Information
- T1595.002 - Vulnerability Scanning
- T1591 - Gather Victim Org Information
- T1557.004 - Evil Twin
- T1584.008 - Network Devices
- T1583.006 - Web Services
- T1669 - Wi-Fi Networks
- T1210 - Exploitation of Remote Services
- T1589.001 - Credentials
- T1078 - Valid Accounts
MITREへのリンク →
Score: 0.61
Matched TTPs:
- T1588.002 - Tool
- T1591.001 - Determine Physical Locations
- T1482 - Domain Trust Discovery
- T1082 - System Information Discovery
- T1566.003 - Spearphishing via Service
- T1586.002 - Email Accounts
- T1102.002 - Bidirectional Communication
- T1112 - Modify Registry
- T1562.001 - Disable or Modify Tools
- T1190 - Exploit Public-Facing Application
- T1078.002 - Domain Accounts
- T1078.001 - Default Accounts
- T1070.004 - File Deletion
- T1598.003 - Spearphishing Link
- T1105 - Ingress Tool Transfer
- T1595.002 - Vulnerability Scanning
- T1583.006 - Web Services
- T1589 - Gather Victim Identity Information
- T1584.001 - Domains
- T1562 - Impair Defenses
- T1589.001 - Credentials
- T1036.010 - Masquerade Account Name
- T1592.002 - Software
MITREへのリンク →
Score: 0.60
Matched TTPs:
- T1588.002 - Tool
- T1681 - Search Threat Vendor Data
- T1204.004 - Malicious Copy and Paste
- T1608.001 - Upload Malware
- T1082 - System Information Discovery
- T1566.003 - Spearphishing via Service
- T1657 - Financial Theft
- T1593.003 - Code Repositories
- T1562.001 - Disable or Modify Tools
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
- T1593 - Search Open Websites/Domains
- T1070.004 - File Deletion
- T1588.007 - Artificial Intelligence
- T1583.006 - Web Services
- T1583 - Acquire Infrastructure
- T1497 - Virtualization/Sandbox Evasion
- T1589 - Gather Victim Identity Information
- T1593.001 - Social Media
- T1587 - Develop Capabilities
- T1587.001 - Malware
- T1656 - Impersonation
MITREへのリンク →
Score: 0.58
Matched TTPs:
- T1588.002 - Tool
- T1622 - Debugger Evasion
- T1001.003 - Protocol or Service Impersonation
- T1027.007 - Dynamic API Resolution
- T1070 - Indicator Removal
- T1608.001 - Upload Malware
- T1082 - System Information Discovery
- T1586.002 - Email Accounts
- T1176.002 - IDE Extensions
- T1608 - Stage Capabilities
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
- T1593 - Search Open Websites/Domains
- T1678 - Delay Execution
- T1070.004 - File Deletion
- T1598.003 - Spearphishing Link
- T1203 - Exploitation for Client Execution
- T1518 - Software Discovery
- T1105 - Ingress Tool Transfer
- T1583.006 - Web Services
- T1102 - Web Service
- T1587.001 - Malware
MITREへのリンク →
Score: 0.55
Matched TTPs:
- T1588.002 - Tool
- T1001.003 - Protocol or Service Impersonation
- T1027.007 - Dynamic API Resolution
- T1070 - Indicator Removal
- T1082 - System Information Discovery
- T1566.003 - Spearphishing via Service
- T1102.002 - Bidirectional Communication
- T1012 - Query Registry
- T1562.001 - Disable or Modify Tools
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
- T1070.004 - File Deletion
- T1203 - Exploitation for Client Execution
- T1105 - Ingress Tool Transfer
- T1529 - System Shutdown/Reboot
- T1591 - Gather Victim Org Information
- T1491.001 - Internal Defacement
- T1583.006 - Web Services
- T1584.004 - Server
- T1587.001 - Malware
- T1008 - Fallback Channels
- T1078 - Valid Accounts
MITREへのリンク →
Related CVEs
このPulseに見つかったCVEはありません。
Pulse – 脅威アクター グラフ
← Pulse一覧に戻る
Trusted Design