Pulse Detail-

The Bondnet Army - GuardiCore

概要

GuardiCore Labs has recently picked up Bondnet, a botnet of thousands of compromised servers of varying power. Managed and controlled remotely, the Bondnet is currently used to mine different cryptocurrencies and is ready to be weaponized immediately for other purposes such as mounting DDoS attacks as shown by the Mirai Botnet. Among the botnet’s victims are high profile global companies, universities, city councils and other public institutions.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

Botnet Army - Bond Spam Campaign (score: 0.70)
The Reaper is finally here and he has come for your IoT Devices Mjolnir Security (score: 0.61)
New Python-Based Crypto-Miner Botnet Flying Under the Radar (score: 0.61)
A New All-in-One Botnet: Proteus (score: 0.59)
A new IoT Botnet is Spreading over HTTP 81 on a Large Scale (score: 0.59)

このPulseに関連する脅威アクター (事実ベース)

Gamaredon Group

Score: 22.85

Matched TTPs:

T1021.005 - VNC
T1091 - Replication Through Removable Media
T1175 - Component Object Model and Distributed COM
T1612 - Build Image on Host
T1608.005 - Link Target
T1056.002 - GUI Input Capture
T1547.002 - Authentication Package
T1506 - Web Session Cookie
T1546.017 - Udev Rules

MITREへのリンク →

FIN7

Score: 26.24

Matched TTPs:

T1021.005 - VNC
T1606.002 - SAML Tokens
T1091 - Replication Through Removable Media
T1140 - Deobfuscate/Decode Files or Information
T1608.005 - Link Target
T1057 - Process Discovery
T1059.001 - PowerShell
T1547.002 - Authentication Package
T1622 - Debugger Evasion
T1027.007 - Dynamic API Resolution
T1578.001 - Create Snapshot

MITREへのリンク →

GCMAN

Score: 3.62

Matched TTPs:

T1021.005 - VNC

MITREへのリンク →

Fox Kitten

Score: 14.35

Matched TTPs:

T1021.005 - VNC
T1140 - Deobfuscate/Decode Files or Information
T1612 - Build Image on Host
T1059.001 - PowerShell
T1565 - Data Manipulation
T1622 - Debugger Evasion

MITREへのリンク →

Kimsuky

Score: 34.53

Matched TTPs:

T1033 - System Owner/User Discovery
T1606.002 - SAML Tokens
T1003.007 - Proc Filesystem
T1091 - Replication Through Removable Media
T1140 - Deobfuscate/Decode Files or Information
T1557.003 - DHCP Spoofing
T1608.005 - Link Target
T1057 - Process Discovery
T1102.003 - One-Way Communication
T1565 - Data Manipulation
T1547.002 - Authentication Package
T1506 - Web Session Cookie
T1622 - Debugger Evasion
T1008 - Fallback Channels

MITREへのリンク →

Sea Turtle

Score: 11.16

Matched TTPs:

T1033 - System Owner/User Discovery
T1140 - Deobfuscate/Decode Files or Information
T1175 - Component Object Model and Distributed COM
T1137.004 - Outlook Home Page

MITREへのリンク →

Ember Bear

Score: 16.65

Matched TTPs:

T1033 - System Owner/User Discovery
T1140 - Deobfuscate/Decode Files or Information
T1175 - Component Object Model and Distributed COM
T1059.001 - PowerShell
T1056.002 - GUI Input Capture
T1519 - Emond

MITREへのリンク →

Indrik Spider

Score: 12.13

Matched TTPs:

T1033 - System Owner/User Discovery
T1606.002 - SAML Tokens
T1003.007 - Proc Filesystem
T1546.016 - Installer Packages
T1622 - Debugger Evasion

MITREへのリンク →

Agrius

Score: 6.15

Matched TTPs:

T1033 - System Owner/User Discovery
T1140 - Deobfuscate/Decode Files or Information
T1622 - Debugger Evasion

MITREへのリンク →

Contagious Interview

Score: 25.93

Matched TTPs:

T1033 - System Owner/User Discovery
T1044 - File System Permissions Weakness
T1606.002 - SAML Tokens
T1091 - Replication Through Removable Media
T1021.006 - Windows Remote Management
T1175 - Component Object Model and Distributed COM
T1608.005 - Link Target
T1102.003 - One-Way Communication
T1565 - Data Manipulation

MITREへのリンク →

Sandworm Team

Score: 30.87

Matched TTPs:

T1033 - System Owner/User Discovery
T1606.002 - SAML Tokens
T1091 - Replication Through Removable Media
T1140 - Deobfuscate/Decode Files or Information
T1557.003 - DHCP Spoofing
T1049 - System Network Connections Discovery
T1102.003 - One-Way Communication
T1565 - Data Manipulation
T1547.002 - Authentication Package
T1075 - Pass the Hash
T1546.016 - Installer Packages

MITREへのリンク →

Star Blizzard

Score: 10.63

Matched TTPs:

T1033 - System Owner/User Discovery
T1091 - Replication Through Removable Media
T1102.003 - One-Way Communication
T1565 - Data Manipulation

MITREへのリンク →

Andariel

Score: 3.84

Matched TTPs:

T1171 - LLMNR/NBT-NS Poisoning and Relay

MITREへのリンク →

Magic Hound

Score: 18.25

Matched TTPs:

T1171 - LLMNR/NBT-NS Poisoning and Relay
T1140 - Deobfuscate/Decode Files or Information
T1608.005 - Link Target
T1565 - Data Manipulation
T1547.002 - Authentication Package
T1622 - Debugger Evasion
T1098.002 - Additional Email Delegate Permissions

MITREへのリンク →

HAFNIUM

Score: 21.85

Matched TTPs:

T1171 - LLMNR/NBT-NS Poisoning and Relay
T1027.008 - Stripped Payloads
T1140 - Deobfuscate/Decode Files or Information
T1059 - Command and Scripting Interpreter
T1175 - Component Object Model and Distributed COM
T1049 - System Network Connections Discovery
T1608.005 - Link Target

MITREへのリンク →

APT41

Score: 21.20

Matched TTPs:

T1539 - Steal Web Session Cookie
T1140 - Deobfuscate/Decode Files or Information
T1002 - Data Compressed
T1622 - Debugger Evasion
T1574.002 - DLL Side-Loading
T1027.007 - Dynamic API Resolution
T1008 - Fallback Channels

MITREへのリンク →

TA551

Score: 4.13

Matched TTPs:

T1539 - Steal Web Session Cookie

MITREへのリンク →

Volt Typhoon

Score: 39.04

Matched TTPs:

T1685.001 - Disable or Modify Windows Event Log
T1003.007 - Proc Filesystem
T1140 - Deobfuscate/Decode Files or Information
T1164 - Re-opened Applications
T1049 - System Network Connections Discovery
T1057 - Process Discovery
T1102.003 - One-Way Communication
T1056.002 - GUI Input Capture
T1546.016 - Installer Packages
T1159 - Launch Agent
T1622 - Debugger Evasion
T1574.002 - DLL Side-Loading
T1578.001 - Create Snapshot

MITREへのリンク →

APT28

Score: 25.34

Matched TTPs:

T1685.001 - Disable or Modify Windows Event Log
T1140 - Deobfuscate/Decode Files or Information
T1175 - Component Object Model and Distributed COM
T1608.005 - Link Target
T1057 - Process Discovery
T1059.001 - PowerShell
T1056.002 - GUI Input Capture
T1547.002 - Authentication Package
T1146 - Clear Command History

MITREへのリンク →

ZIRCONIUM

Score: 13.37

Matched TTPs:

T1685.001 - Disable or Modify Windows Event Log
T1608.005 - Link Target
T1056.002 - GUI Input Capture
T1547.002 - Authentication Package
T1578.001 - Create Snapshot

MITREへのリンク →

Leviathan

Score: 17.81

Matched TTPs:

T1685.001 - Disable or Modify Windows Event Log
T1140 - Deobfuscate/Decode Files or Information
T1056.002 - GUI Input Capture
T1565 - Data Manipulation
T1546.016 - Installer Packages
T1622 - Debugger Evasion
T1546.017 - Udev Rules

MITREへのリンク →

Mustard Tempest

Score: 9.80

Matched TTPs:

T1682 - Query Public AI Services
T1091 - Replication Through Removable Media
T1557.003 - DHCP Spoofing

MITREへのリンク →

FIN13

Score: 5.21

Matched TTPs:

T1606.002 - SAML Tokens
T1140 - Deobfuscate/Decode Files or Information
T1622 - Debugger Evasion

MITREへのリンク →

Moonstone Sleet

Score: 14.62

Matched TTPs:

T1606.002 - SAML Tokens
T1091 - Replication Through Removable Media
T1175 - Component Object Model and Distributed COM
T1057 - Process Discovery
T1565 - Data Manipulation
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Lazarus Group

Score: 23.34

Matched TTPs:

T1606.002 - SAML Tokens
T1608.005 - Link Target
T1057 - Process Discovery
T1565 - Data Manipulation
T1547.002 - Authentication Package
T1546.016 - Installer Packages
T1055.005 - Thread Local Storage
T1622 - Debugger Evasion
T1578.001 - Create Snapshot

MITREへのリンク →

OilRig

Score: 10.99

Matched TTPs:

T1606.002 - SAML Tokens
T1003.007 - Proc Filesystem
T1091 - Replication Through Removable Media
T1128 - Netsh Helper DLL
T1622 - Debugger Evasion

MITREへのリンク →

UNC3886

Score: 10.29

Matched TTPs:

T1606.002 - SAML Tokens
T1140 - Deobfuscate/Decode Files or Information
T1021.006 - Windows Remote Management
T1578.001 - Create Snapshot

MITREへのリンク →

LuminousMoth

Score: 4.07

Matched TTPs:

T1606.002 - SAML Tokens
T1091 - Replication Through Removable Media

MITREへのリンク →

Salt Typhoon

Score: 3.57

Matched TTPs:

T1606.002 - SAML Tokens
T1140 - Deobfuscate/Decode Files or Information

MITREへのリンク →

APT29

Score: 8.32

Matched TTPs:

T1606.002 - SAML Tokens
T1140 - Deobfuscate/Decode Files or Information
T1608.005 - Link Target
T1056.002 - GUI Input Capture

MITREへのリンク →

Play

Score: 5.46

Matched TTPs:

T1606.002 - SAML Tokens
T1140 - Deobfuscate/Decode Files or Information
T1506 - Web Session Cookie

MITREへのリンク →

RedCurl

Score: 7.36

Matched TTPs:

T1606.002 - SAML Tokens
T1612 - Build Image on Host
T1128 - Netsh Helper DLL

MITREへのリンク →

Cleaver

Score: 4.44

Matched TTPs:

T1606.002 - SAML Tokens
T1565 - Data Manipulation

MITREへのリンク →

Moses Staff

Score: 3.57

Matched TTPs:

T1606.002 - SAML Tokens
T1140 - Deobfuscate/Decode Files or Information

MITREへのリンク →

Turla

Score: 22.50

Matched TTPs:

T1606.002 - SAML Tokens
T1003.007 - Proc Filesystem
T1612 - Build Image on Host
T1608.005 - Link Target
T1218.001 - Compiled HTML File
T1547.002 - Authentication Package
T1506 - Web Session Cookie
T1546.016 - Installer Packages
T1578.001 - Create Snapshot

MITREへのリンク →

Ke3chang

Score: 12.33

Matched TTPs:

T1606.002 - SAML Tokens
T1027.008 - Stripped Payloads
T1003.007 - Proc Filesystem
T1140 - Deobfuscate/Decode Files or Information
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Mustang Panda

Score: 23.31

Matched TTPs:

T1606.002 - SAML Tokens
T1091 - Replication Through Removable Media
T1612 - Build Image on Host
T1569.001 - Launchctl
T1608.005 - Link Target
T1102.003 - One-Way Communication
T1159 - Launch Agent
T1055.005 - Thread Local Storage

MITREへのリンク →

TeamTNT

Score: 15.15

Matched TTPs:

T1606.002 - SAML Tokens
T1003.007 - Proc Filesystem
T1091 - Replication Through Removable Media
T1612 - Build Image on Host
T1506 - Web Session Cookie
T1519 - Emond

MITREへのリンク →

APT5

Score: 6.96

Matched TTPs:

T1027.008 - Stripped Payloads
T1140 - Deobfuscate/Decode Files or Information
T1622 - Debugger Evasion

MITREへのリンク →

BRONZE BUTLER

Score: 11.15

Matched TTPs:

T1003.007 - Proc Filesystem
T1159 - Launch Agent
T1578.001 - Create Snapshot
T1008 - Fallback Channels

MITREへのリンク →

Aquatic Panda

Score: 6.07

Matched TTPs:

T1003.007 - Proc Filesystem
T1506 - Web Session Cookie
T1622 - Debugger Evasion

MITREへのリンク →

Chimera

Score: 9.16

Matched TTPs:

T1003.007 - Proc Filesystem
T1622 - Debugger Evasion
T1027.007 - Dynamic API Resolution
T1578.001 - Create Snapshot

MITREへのリンク →

Earth Lusca

Score: 20.46

Matched TTPs:

T1003.007 - Proc Filesystem
T1091 - Replication Through Removable Media
T1140 - Deobfuscate/Decode Files or Information
T1557.003 - DHCP Spoofing
T1608.005 - Link Target
T1059.001 - PowerShell
T1218.001 - Compiled HTML File
T1546.016 - Installer Packages

MITREへのリンク →

APT1

Score: 4.17

Matched TTPs:

T1003.007 - Proc Filesystem
T1622 - Debugger Evasion

MITREへのリンク →

TA2541

Score: 11.78

Matched TTPs:

T1091 - Replication Through Removable Media
T1608.005 - Link Target
T1128 - Netsh Helper DLL
T1506 - Web Session Cookie
T1546.017 - Udev Rules

MITREへのリンク →

LazyScripter

Score: 6.51

Matched TTPs:

T1091 - Replication Through Removable Media
T1612 - Build Image on Host
T1608.005 - Link Target

MITREへのリンク →

Threat Group-3390

Score: 13.47

Matched TTPs:

T1091 - Replication Through Removable Media
T1140 - Deobfuscate/Decode Files or Information
T1218.003 - CMSTP
T1059.001 - PowerShell
T1546.017 - Udev Rules

MITREへのリンク →

SideCopy

Score: 6.62

Matched TTPs:

T1091 - Replication Through Removable Media
T1506 - Web Session Cookie
T1159 - Launch Agent

MITREへのリンク →

BlackByte

Score: 11.91

Matched TTPs:

T1091 - Replication Through Removable Media
T1140 - Deobfuscate/Decode Files or Information
T1175 - Component Object Model and Distributed COM
T1506 - Web Session Cookie
T1622 - Debugger Evasion
T1027.007 - Dynamic API Resolution

MITREへのリンク →

APT32

Score: 11.25

Matched TTPs:

T1091 - Replication Through Removable Media
T1612 - Build Image on Host
T1608.005 - Link Target
T1565 - Data Manipulation
T1027.007 - Dynamic API Resolution

MITREへのリンク →

HEXANE

Score: 11.11

Matched TTPs:

T1091 - Replication Through Removable Media
T1565 - Data Manipulation
T1547.002 - Authentication Package
T1159 - Launch Agent
T1622 - Debugger Evasion

MITREへのリンク →

Saint Bear

Score: 3.99

Matched TTPs:

T1091 - Replication Through Removable Media
T1608.005 - Link Target

MITREへのリンク →

EXOTIC LILY

Score: 6.84

Matched TTPs:

T1091 - Replication Through Removable Media
T1612 - Build Image on Host
T1565 - Data Manipulation

MITREへのリンク →

APT42

Score: 11.66

Matched TTPs:

T1091 - Replication Through Removable Media
T1175 - Component Object Model and Distributed COM
T1612 - Build Image on Host
T1128 - Netsh Helper DLL
T1506 - Web Session Cookie

MITREへのリンク →

Rocke

Score: 9.18

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1612 - Build Image on Host
T1506 - Web Session Cookie
T1008 - Fallback Channels

MITREへのリンク →

Medusa Group

Score: 25.93

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1218.003 - CMSTP
T1608.005 - Link Target
T1056.002 - GUI Input Capture
T1565 - Data Manipulation
T1128 - Netsh Helper DLL
T1506 - Web Session Cookie
T1598 - Phishing for Information
T1622 - Debugger Evasion
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Storm-0501

Score: 3.37

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1506 - Web Session Cookie

MITREへのリンク →

menuPass

Score: 5.86

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1059.001 - PowerShell
T1622 - Debugger Evasion

MITREへのリンク →

ToddyCat

Score: 3.37

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1506 - Web Session Cookie

MITREへのリンク →

Blue Mockingbird

Score: 5.52

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1622 - Debugger Evasion
T1027.007 - Dynamic API Resolution

MITREへのリンク →

GALLIUM

Score: 4.76

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1557.003 - DHCP Spoofing

MITREへのリンク →

Winter Vivern

Score: 12.15

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1548 - Abuse Elevation Control Mechanism
T1175 - Component Object Model and Distributed COM
T1218.001 - Compiled HTML File

MITREへのリンク →

Volatile Cedar

Score: 5.60

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1002 - Data Compressed

MITREへのリンク →

INC Ransom

Score: 5.52

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1622 - Debugger Evasion
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Dragonfly

Score: 11.22

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1175 - Component Object Model and Distributed COM
T1059.001 - PowerShell
T1546.016 - Installer Packages
T1622 - Debugger Evasion

MITREへのリンク →

Axiom

Score: 13.80

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1175 - Component Object Model and Distributed COM
T1049 - System Network Connections Discovery
T1622 - Debugger Evasion
T1160 - Launch Daemon

MITREへのリンク →

MuddyWater

Score: 13.27

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1608.005 - Link Target
T1059.001 - PowerShell
T1547.002 - Authentication Package
T1506 - Web Session Cookie
T1159 - Launch Agent

MITREへのリンク →

APT39

Score: 7.91

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1547.002 - Authentication Package
T1622 - Debugger Evasion
T1027.007 - Dynamic API Resolution

MITREへのリンク →

MoustachedBouncer

Score: 4.54

Matched TTPs:

T1055.003 - Thread Execution Hijacking

MITREへのリンク →

CURIUM

Score: 14.36

Matched TTPs:

T1557.003 - DHCP Spoofing
T1175 - Component Object Model and Distributed COM
T1218.001 - Compiled HTML File
T1565 - Data Manipulation
T1578.001 - Create Snapshot

MITREへのリンク →

LAPSUS$

Score: 6.66

Matched TTPs:

T1175 - Component Object Model and Distributed COM
T1137.004 - Outlook Home Page

MITREへのリンク →

Inception

Score: 8.02

Matched TTPs:

T1612 - Build Image on Host
T1056.002 - GUI Input Capture
T1159 - Launch Agent

MITREへのリンク →

FIN6

Score: 9.31

Matched TTPs:

T1612 - Build Image on Host
T1128 - Netsh Helper DLL
T1622 - Debugger Evasion
T1027.007 - Dynamic API Resolution

MITREへのリンク →

FIN8

Score: 8.82

Matched TTPs:

T1612 - Build Image on Host
T1128 - Netsh Helper DLL
T1506 - Web Session Cookie
T1622 - Debugger Evasion

MITREへのリンク →

POLONIUM

Score: 4.41

Matched TTPs:

T1608.005 - Link Target
T1547.002 - Authentication Package

MITREへのリンク →

Wizard Spider

Score: 8.69

Matched TTPs:

T1059.001 - PowerShell
T1506 - Web Session Cookie
T1622 - Debugger Evasion
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Scattered Spider

Score: 3.99

Matched TTPs:

T1565 - Data Manipulation
T1622 - Debugger Evasion

MITREへのリンク →

Velvet Ant

Score: 5.14

Matched TTPs:

T1128 - Netsh Helper DLL
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Tropic Trooper

Score: 7.39

Matched TTPs:

T1128 - Netsh Helper DLL
T1506 - Web Session Cookie
T1159 - Launch Agent

MITREへのリンク →

Cobalt Group

Score: 6.29

Matched TTPs:

T1128 - Netsh Helper DLL
T1506 - Web Session Cookie
T1622 - Debugger Evasion

MITREへのリンク →

Darkhotel

Score: 4.49

Matched TTPs:

T1506 - Web Session Cookie
T1578.001 - Create Snapshot

MITREへのリンク →

Sidewinder

Score: 7.24

Matched TTPs:

T1506 - Web Session Cookie
T1159 - Launch Agent
T1578.001 - Create Snapshot

MITREへのリンク →

Windshift

Score: 4.65

Matched TTPs:

T1506 - Web Session Cookie
T1159 - Launch Agent

MITREへのリンク →

APT38

Score: 4.30

Matched TTPs:

T1506 - Web Session Cookie
T1027.007 - Dynamic API Resolution

MITREへのリンク →

The White Company

Score: 4.49

Matched TTPs:

T1506 - Web Session Cookie
T1578.001 - Create Snapshot

MITREへのリンク →

Patchwork

Score: 6.83

Matched TTPs:

T1506 - Web Session Cookie
T1622 - Debugger Evasion
T1008 - Fallback Channels

MITREへのリンク →

Silence

Score: 4.05

Matched TTPs:

T1622 - Debugger Evasion
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Higaisa

Score: 5.74

Matched TTPs:

T1578.001 - Create Snapshot
T1546.017 - Udev Rules

MITREへのリンク →

RTM

Score: 3.29

Matched TTPs:

T1008 - Fallback Channels

MITREへのリンク →

Molerats

Score: 3.15

Matched TTPs:

T1546.017 - Udev Rules

MITREへのリンク →

Mofang

Score: 3.15

Matched TTPs:

T1546.017 - Udev Rules

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Volt Typhoon

Score: 0.82

Matched TTPs:

T1057 - Process Discovery
T1578.001 - Create Snapshot
T1049 - System Network Connections Discovery
T1685.001 - Disable or Modify Windows Event Log
T1140 - Deobfuscate/Decode Files or Information
T1164 - Re-opened Applications
T1159 - Launch Agent
T1056.002 - GUI Input Capture
T1546.016 - Installer Packages
T1003.007 - Proc Filesystem
T1102.003 - One-Way Communication
T1574.002 - DLL Side-Loading
T1622 - Debugger Evasion

MITREへのリンク →

Kimsuky

Score: 0.72

Matched TTPs:

T1057 - Process Discovery
T1608.005 - Link Target
T1622 - Debugger Evasion
T1557.003 - DHCP Spoofing
T1140 - Deobfuscate/Decode Files or Information
T1506 - Web Session Cookie
T1547.002 - Authentication Package
T1606.002 - SAML Tokens
T1008 - Fallback Channels
T1565 - Data Manipulation
T1003.007 - Proc Filesystem
T1102.003 - One-Way Communication
T1091 - Replication Through Removable Media
T1033 - System Owner/User Discovery

MITREへのリンク →

Sandworm Team

Score: 0.68

Matched TTPs:

T1075 - Pass the Hash
T1049 - System Network Connections Discovery
T1557.003 - DHCP Spoofing
T1140 - Deobfuscate/Decode Files or Information
T1547.002 - Authentication Package
T1606.002 - SAML Tokens
T1546.016 - Installer Packages
T1565 - Data Manipulation
T1102.003 - One-Way Communication
T1091 - Replication Through Removable Media
T1033 - System Owner/User Discovery

MITREへのリンク →

FIN7

Score: 0.62

Matched TTPs:

T1057 - Process Discovery
T1027.007 - Dynamic API Resolution
T1606.002 - SAML Tokens
T1140 - Deobfuscate/Decode Files or Information
T1059.001 - PowerShell
T1547.002 - Authentication Package
T1608.005 - Link Target
T1578.001 - Create Snapshot
T1021.005 - VNC
T1091 - Replication Through Removable Media
T1622 - Debugger Evasion

MITREへのリンク →

Medusa Group

Score: 0.58

Matched TTPs:

T1027.007 - Dynamic API Resolution
T1622 - Debugger Evasion
T1140 - Deobfuscate/Decode Files or Information
T1598 - Phishing for Information
T1128 - Netsh Helper DLL
T1506 - Web Session Cookie
T1218.003 - CMSTP
T1056.002 - GUI Input Capture
T1565 - Data Manipulation
T1608.005 - Link Target

MITREへのリンク →

APT28

Score: 0.58

Matched TTPs:

T1057 - Process Discovery
T1685.001 - Disable or Modify Windows Event Log
T1140 - Deobfuscate/Decode Files or Information
T1059.001 - PowerShell
T1547.002 - Authentication Package
T1175 - Component Object Model and Distributed COM
T1608.005 - Link Target
T1146 - Clear Command History
T1056.002 - GUI Input Capture

MITREへのリンク →

Contagious Interview

Score: 0.57

Matched TTPs:

T1021.006 - Windows Remote Management
T1044 - File System Permissions Weakness
T1608.005 - Link Target
T1175 - Component Object Model and Distributed COM
T1606.002 - SAML Tokens
T1565 - Data Manipulation
T1102.003 - One-Way Communication
T1091 - Replication Through Removable Media
T1033 - System Owner/User Discovery

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る

The Bondnet Army - GuardiCore

概要

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

Pulse – 脅威アクター グラフ

Pulse – 脅威アクターグラフ