Trusted Design

Skynet Tor botnet / Trojan.Tbot samples

概要

This analysis from my my research into file carving, malware, and PCAP analysis. While the EK and Ransomware may be old, it still may have value for some environments.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

OilRig

Score: 10.61
Matched TTPs:
  • T1025 - Data from Removable Media
  • T1119 - Automated Collection
  • T1005 - Data from Local System
  • T1608.001 - Upload Malware
  • T1070.004 - File Deletion
MITREへのリンク →

Gamaredon Group

Score: 18.09
Matched TTPs:
  • T1025 - Data from Removable Media
  • T1119 - Automated Collection
  • T1005 - Data from Local System
  • T1608.001 - Upload Malware
  • T1083 - File and Directory Discovery
  • T1039 - Data from Network Shared Drive
  • T1070.004 - File Deletion
  • T1027.015 - Compression
MITREへのリンク →

APT28

Score: 14.44
Matched TTPs:
  • T1025 - Data from Removable Media
  • T1119 - Automated Collection
  • T1005 - Data from Local System
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1039 - Data from Network Shared Drive
  • T1070.004 - File Deletion
MITREへのリンク →

Turla

Score: 8.60
Matched TTPs:
  • T1025 - Data from Removable Media
  • T1005 - Data from Local System
  • T1083 - File and Directory Discovery
  • T1570 - Lateral Tool Transfer
MITREへのリンク →

Ember Bear

Score: 8.72
Matched TTPs:
  • T1119 - Automated Collection
  • T1005 - Data from Local System
  • T1190 - Exploit Public-Facing Application
  • T1570 - Lateral Tool Transfer
  • T1070.004 - File Deletion
MITREへのリンク →

RedCurl

Score: 9.35
Matched TTPs:
  • T1119 - Automated Collection
  • T1005 - Data from Local System
  • T1083 - File and Directory Discovery
  • T1039 - Data from Network Shared Drive
  • T1070.004 - File Deletion
MITREへのリンク →

APT1

Score: 3.63
Matched TTPs:
  • T1119 - Automated Collection
  • T1005 - Data from Local System
MITREへのリンク →

Ke3chang

Score: 10.25
Matched TTPs:
  • T1119 - Automated Collection
  • T1583.005 - Botnet
  • T1005 - Data from Local System
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
MITREへのリンク →

FIN5

Score: 3.57
Matched TTPs:
  • T1119 - Automated Collection
  • T1070.004 - File Deletion
MITREへのリンク →

HAFNIUM

Score: 13.87
Matched TTPs:
  • T1119 - Automated Collection
  • T1583.005 - Botnet
  • T1005 - Data from Local System
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1584.005 - Botnet
MITREへのリンク →

Agrius

Score: 7.34
Matched TTPs:
  • T1119 - Automated Collection
  • T1005 - Data from Local System
  • T1190 - Exploit Public-Facing Application
  • T1570 - Lateral Tool Transfer
MITREへのリンク →

Winter Vivern

Score: 4.96
Matched TTPs:
  • T1119 - Automated Collection
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
MITREへのリンク →

Confucius

Score: 3.49
Matched TTPs:
  • T1119 - Automated Collection
  • T1083 - File and Directory Discovery
MITREへのリンク →

FIN6

Score: 5.01
Matched TTPs:
  • T1119 - Automated Collection
  • T1005 - Data from Local System
  • T1070.004 - File Deletion
MITREへのリンク →

Patchwork

Score: 6.31
Matched TTPs:
  • T1119 - Automated Collection
  • T1005 - Data from Local System
  • T1083 - File and Directory Discovery
  • T1070.004 - File Deletion
MITREへのリンク →

Tropic Trooper

Score: 4.87
Matched TTPs:
  • T1119 - Automated Collection
  • T1083 - File and Directory Discovery
  • T1070.004 - File Deletion
MITREへのリンク →

Sidewinder

Score: 3.49
Matched TTPs:
  • T1119 - Automated Collection
  • T1083 - File and Directory Discovery
MITREへのリンク →

Chimera

Score: 10.14
Matched TTPs:
  • T1119 - Automated Collection
  • T1083 - File and Directory Discovery
  • T1039 - Data from Network Shared Drive
  • T1570 - Lateral Tool Transfer
  • T1070.004 - File Deletion
MITREへのリンク →

Threat Group-3390

Score: 11.61
Matched TTPs:
  • T1119 - Automated Collection
  • T1005 - Data from Local System
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1070.004 - File Deletion
  • T1027.015 - Compression
MITREへのリンク →

Mustang Panda

Score: 19.13
Matched TTPs:
  • T1119 - Automated Collection
  • T1608.001 - Upload Malware
  • T1070 - Indicator Removal
  • T1083 - File and Directory Discovery
  • T1678 - Delay Execution
  • T1070.004 - File Deletion
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

menuPass

Score: 10.82
Matched TTPs:
  • T1119 - Automated Collection
  • T1005 - Data from Local System
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1039 - Data from Network Shared Drive
  • T1070.004 - File Deletion
MITREへのリンク →

APT5

Score: 11.62
Matched TTPs:
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1070 - Indicator Removal
  • T1083 - File and Directory Discovery
  • T1070.004 - File Deletion
MITREへのリンク →

Kimsuky

Score: 7.57
Matched TTPs:
  • T1005 - Data from Local System
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1070.004 - File Deletion
MITREへのリンク →

BRONZE BUTLER

Score: 7.16
Matched TTPs:
  • T1005 - Data from Local System
  • T1083 - File and Directory Discovery
  • T1039 - Data from Network Shared Drive
  • T1070.004 - File Deletion
MITREへのリンク →

APT39

Score: 5.60
Matched TTPs:
  • T1005 - Data from Local System
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1070.004 - File Deletion
MITREへのリンク →

Axiom

Score: 6.54
Matched TTPs:
  • T1005 - Data from Local System
  • T1190 - Exploit Public-Facing Application
  • T1584.005 - Botnet
MITREへのリンク →

ToddyCat

Score: 4.22
Matched TTPs:
  • T1005 - Data from Local System
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
MITREへのリンク →

Fox Kitten

Score: 7.25
Matched TTPs:
  • T1005 - Data from Local System
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1039 - Data from Network Shared Drive
MITREへのリンク →

Andariel

Score: 5.29
Matched TTPs:
  • T1005 - Data from Local System
  • T1592.002 - Software
MITREへのリンク →

GALLIUM

Score: 5.15
Matched TTPs:
  • T1005 - Data from Local System
  • T1190 - Exploit Public-Facing Application
  • T1570 - Lateral Tool Transfer
MITREへのリンク →

APT29

Score: 4.30
Matched TTPs:
  • T1005 - Data from Local System
  • T1190 - Exploit Public-Facing Application
  • T1070.004 - File Deletion
MITREへのリンク →

Lazarus Group

Score: 11.88
Matched TTPs:
  • T1005 - Data from Local System
  • T1070 - Indicator Removal
  • T1083 - File and Directory Discovery
  • T1070.004 - File Deletion
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

APT41

Score: 14.31
Matched TTPs:
  • T1005 - Data from Local System
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1486 - Data Encrypted for Impact
  • T1570 - Lateral Tool Transfer
  • T1070.004 - File Deletion
  • T1480.001 - Environmental Keying
MITREへのリンク →

LuminousMoth

Score: 4.72
Matched TTPs:
  • T1005 - Data from Local System
  • T1608.001 - Upload Malware
  • T1083 - File and Directory Discovery
MITREへのリンク →

Dragonfly

Score: 5.60
Matched TTPs:
  • T1005 - Data from Local System
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1070.004 - File Deletion
MITREへのリンク →

APT3

Score: 4.13
Matched TTPs:
  • T1005 - Data from Local System
  • T1083 - File and Directory Discovery
  • T1070.004 - File Deletion
MITREへのリンク →

FIN7

Score: 7.23
Matched TTPs:
  • T1005 - Data from Local System
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

APT38

Score: 6.47
Matched TTPs:
  • T1005 - Data from Local System
  • T1083 - File and Directory Discovery
  • T1486 - Data Encrypted for Impact
  • T1070.004 - File Deletion
MITREへのリンク →

Volt Typhoon

Score: 11.45
Matched TTPs:
  • T1005 - Data from Local System
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1584.005 - Botnet
  • T1570 - Lateral Tool Transfer
  • T1070.004 - File Deletion
MITREへのリンク →

Wizard Spider

Score: 5.06
Matched TTPs:
  • T1005 - Data from Local System
  • T1570 - Lateral Tool Transfer
  • T1070.004 - File Deletion
MITREへのリンク →

Magic Hound

Score: 14.02
Matched TTPs:
  • T1005 - Data from Local System
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1486 - Data Encrypted for Impact
  • T1592.002 - Software
  • T1570 - Lateral Tool Transfer
  • T1070.004 - File Deletion
MITREへのリンク →

Sandworm Team

Score: 19.61
Matched TTPs:
  • T1005 - Data from Local System
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1584.005 - Botnet
  • T1486 - Data Encrypted for Impact
  • T1592.002 - Software
  • T1570 - Lateral Tool Transfer
  • T1070.004 - File Deletion
MITREへのリンク →

FIN13

Score: 4.22
Matched TTPs:
  • T1005 - Data from Local System
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
MITREへのリンク →

TA2541

Score: 5.12
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1027.015 - Compression
MITREへのリンク →

Earth Lusca

Score: 3.44
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
MITREへのリンク →

Mustard Tempest

Score: 6.51
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1608.006 - SEO Poisoning
MITREへのリンク →

TeamTNT

Score: 4.65
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1083 - File and Directory Discovery
  • T1070.004 - File Deletion
MITREへのリンク →

TA505

Score: 4.31
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

BlackByte

Score: 9.40
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1486 - Data Encrypted for Impact
  • T1570 - Lateral Tool Transfer
  • T1070.004 - File Deletion
MITREへのリンク →

APT32

Score: 11.43
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1083 - File and Directory Discovery
  • T1570 - Lateral Tool Transfer
  • T1070.004 - File Deletion
  • T1564.004 - NTFS File Attributes
MITREへのリンク →

Moonstone Sleet

Score: 4.31
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Contagious Interview

Score: 4.65
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1083 - File and Directory Discovery
  • T1070.004 - File Deletion
MITREへのリンク →

APT42

Score: 5.59
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1070 - Indicator Removal
MITREへのリンク →

Medusa Group

Score: 13.26
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1486 - Data Encrypted for Impact
  • T1570 - Lateral Tool Transfer
  • T1650 - Acquire Access
  • T1070.004 - File Deletion
MITREへのリンク →

Storm-0501

Score: 3.81
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Blue Mockingbird

Score: 6.01
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1574.012 - COR_PROFILER
MITREへのリンク →

Leviathan

Score: 4.62
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1027.015 - Compression
MITREへのリンク →

INC Ransom

Score: 7.43
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1486 - Data Encrypted for Impact
  • T1570 - Lateral Tool Transfer
  • T1070.004 - File Deletion
MITREへのリンク →

UNC3886

Score: 6.39
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1570 - Lateral Tool Transfer
  • T1070.004 - File Deletion
MITREへのリンク →

Play

Score: 4.15
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1070.004 - File Deletion
MITREへのリンク →

Sowbug

Score: 4.33
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1039 - Data from Network Shared Drive
MITREへのリンク →

Velvet Ant

Score: 3.53
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1570 - Lateral Tool Transfer
MITREへのリンク →

Scattered Spider

Score: 3.64
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Aoqin Dragon

Score: 3.53
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1570 - Lateral Tool Transfer
MITREへのリンク →

Storm-1811

Score: 4.58
Matched TTPs:
  • T1486 - Data Encrypted for Impact
  • T1570 - Lateral Tool Transfer
MITREへのリンク →

FIN8

Score: 3.72
Matched TTPs:
  • T1486 - Data Encrypted for Impact
  • T1070.004 - File Deletion
MITREへのリンク →

FIN10

Score: 3.62
Matched TTPs:
  • T1570 - Lateral Tool Transfer
  • T1070.004 - File Deletion
MITREへのリンク →

Equation

Score: 8.26
Matched TTPs:
  • T1564.005 - Hidden File System
  • T1480.001 - Environmental Keying
MITREへのリンク →

Strider

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

PLATINUM

Score: 4.54
Matched TTPs:
  • T1056.004 - Credential API Hooking
MITREへのリンク →

Molerats

Score: 3.15
Matched TTPs:
  • T1027.015 - Compression
MITREへのリンク →

Higaisa

Score: 3.15
Matched TTPs:
  • T1027.015 - Compression
MITREへのリンク →

Mofang

Score: 3.15
Matched TTPs:
  • T1027.015 - Compression
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Sandworm Team

Score: 0.80
Matched TTPs:
  • T1070.004 - File Deletion
  • T1486 - Data Encrypted for Impact
  • T1592.002 - Software
  • T1005 - Data from Local System
  • T1083 - File and Directory Discovery
  • T1570 - Lateral Tool Transfer
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1584.005 - Botnet
MITREへのリンク →

Mustang Panda

Score: 0.77
Matched TTPs:
  • T1070.004 - File Deletion
  • T1027.007 - Dynamic API Resolution
  • T1083 - File and Directory Discovery
  • T1070 - Indicator Removal
  • T1608.001 - Upload Malware
  • T1119 - Automated Collection
  • T1678 - Delay Execution
MITREへのリンク →

Gamaredon Group

Score: 0.72
Matched TTPs:
  • T1025 - Data from Removable Media
  • T1070.004 - File Deletion
  • T1027.015 - Compression
  • T1083 - File and Directory Discovery
  • T1039 - Data from Network Shared Drive
  • T1119 - Automated Collection
  • T1608.001 - Upload Malware
  • T1005 - Data from Local System
MITREへのリンク →

HAFNIUM

Score: 0.63
Matched TTPs:
  • T1584.005 - Botnet
  • T1583.005 - Botnet
  • T1083 - File and Directory Discovery
  • T1119 - Automated Collection
  • T1190 - Exploit Public-Facing Application
  • T1005 - Data from Local System
MITREへのリンク →

APT28

Score: 0.60
Matched TTPs:
  • T1025 - Data from Removable Media
  • T1070.004 - File Deletion
  • T1083 - File and Directory Discovery
  • T1039 - Data from Network Shared Drive
  • T1119 - Automated Collection
  • T1190 - Exploit Public-Facing Application
  • T1005 - Data from Local System
MITREへのリンク →

APT41

Score: 0.60
Matched TTPs:
  • T1070.004 - File Deletion
  • T1480.001 - Environmental Keying
  • T1486 - Data Encrypted for Impact
  • T1083 - File and Directory Discovery
  • T1570 - Lateral Tool Transfer
  • T1190 - Exploit Public-Facing Application
  • T1005 - Data from Local System
MITREへのリンク →

Magic Hound

Score: 0.59
Matched TTPs:
  • T1070.004 - File Deletion
  • T1486 - Data Encrypted for Impact
  • T1592.002 - Software
  • T1083 - File and Directory Discovery
  • T1570 - Lateral Tool Transfer
  • T1190 - Exploit Public-Facing Application
  • T1005 - Data from Local System
MITREへのリンク →

Medusa Group

Score: 0.59
Matched TTPs:
  • T1070.004 - File Deletion
  • T1486 - Data Encrypted for Impact
  • T1650 - Acquire Access
  • T1083 - File and Directory Discovery
  • T1570 - Lateral Tool Transfer
  • T1190 - Exploit Public-Facing Application
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る