Trusted Design

Nemucod Evolves Delivery and Obfuscation Techniques to Harvest Credentials

概要

Recently the Unit 42 research team have been investigating a wave of Nemucod downloader malware that uses weaponized documents to deploy encoded, and heavily obfuscated JavaScript, ultimately leading to further payloads being delivered to the victim. From a single instance of the encoded JavaScript discovered in one version of this malware, we pivoted on the Command and Control (C2) IPv4 address discovered during static analysis and deobfuscation, using our Threat Intelligence Service AutoFocus, unearthed many more versions of the malware and found that the versions seen to date were delivering a credential-stealing Trojan as the final payload.

Created: 2026-02-23

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Lazarus Group

Score: 36.37
Matched TTPs:
  • T1027.009 - Embedded Payloads
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1010 - Application Window Discovery
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1036.003 - Rename Legitimate Utilities
  • T1203 - Exploitation for Client Execution
  • T1001.003 - Protocol or Service Impersonation
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1027.007 - Dynamic API Resolution
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

TA577

Score: 7.18
Matched TTPs:
  • T1027.009 - Embedded Payloads
  • T1059.007 - JavaScript
  • T1204.001 - Malicious Link
MITREへのリンク →

Moonstone Sleet

Score: 17.32
Matched TTPs:
  • T1027.009 - Embedded Payloads
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1027 - Obfuscated Files or Information
  • T1105 - Ingress Tool Transfer
  • T1569.002 - Service Execution
MITREへのリンク →

Turla

Score: 31.90
Matched TTPs:
  • T1564.012 - File/Path Exclusions
  • T1059.007 - JavaScript
  • T1587.001 - Malware
  • T1007 - System Service Discovery
  • T1140 - Deobfuscate/Decode Files or Information
  • T1112 - Modify Registry
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1555.004 - Windows Credential Manager
  • T1027.010 - Command Obfuscation
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1078.003 - Local Accounts
MITREへのリンク →

Ember Bear

Score: 17.24
Matched TTPs:
  • T1003 - OS Credential Dumping
  • T1003.004 - LSA Secrets
  • T1195 - Supply Chain Compromise
  • T1036 - Masquerading
  • T1112 - Modify Registry
  • T1588.001 - Malware
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT39

Score: 15.77
Matched TTPs:
  • T1003 - OS Credential Dumping
  • T1027.013 - Encrypted/Encoded File
  • T1204.002 - Malicious File
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.002 - Tool
  • T1056 - Input Capture
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1569.002 - Service Execution
MITREへのリンク →

Poseidon Group

Score: 5.12
Matched TTPs:
  • T1003 - OS Credential Dumping
  • T1007 - System Service Discovery
MITREへのリンク →

Mustang Panda

Score: 55.58
Matched TTPs:
  • T1003 - OS Credential Dumping
  • T1059.007 - JavaScript
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1176.002 - IDE Extensions
  • T1608 - Stage Capabilities
  • T1027.012 - LNK Icon Smuggling
  • T1583.006 - Web Services
  • T1678 - Delay Execution
  • T1588.002 - Tool
  • T1027 - Obfuscated Files or Information
  • T1203 - Exploitation for Client Execution
  • T1001.003 - Protocol or Service Impersonation
  • T1518 - Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1588.003 - Code Signing Certificates
  • T1027.007 - Dynamic API Resolution
  • T1204.001 - Malicious Link
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Tonto Team

Score: 7.39
Matched TTPs:
  • T1003 - OS Credential Dumping
  • T1204.002 - Malicious File
  • T1574.001 - DLL
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT32

Score: 39.73
Matched TTPs:
  • T1003 - OS Credential Dumping
  • T1027.013 - Encrypted/Encoded File
  • T1059.007 - JavaScript
  • T1204.002 - Malicious File
  • T1574.001 - DLL
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1112 - Modify Registry
  • T1550.003 - Pass the Ticket
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1036.003 - Rename Legitimate Utilities
  • T1203 - Exploitation for Client Execution
  • T1027.010 - Command Obfuscation
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1569.002 - Service Execution
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
  • T1078.003 - Local Accounts
MITREへのリンク →

BlackByte

Score: 11.14
Matched TTPs:
  • T1003 - OS Credential Dumping
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1112 - Modify Registry
  • T1105 - Ingress Tool Transfer
  • T1569.002 - Service Execution
MITREへのリンク →

APT28

Score: 38.90
Matched TTPs:
  • T1003 - OS Credential Dumping
  • T1027.013 - Encrypted/Encoded File
  • T1584.008 - Network Devices
  • T1204.002 - Malicious File
  • T1040 - Network Sniffing
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1039 - Data from Network Shared Drive
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1498 - Network Denial of Service
  • T1221 - Template Injection
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1001.001 - Junk Data
MITREへのリンク →

Sowbug

Score: 5.63
Matched TTPs:
  • T1003 - OS Credential Dumping
  • T1039 - Data from Network Shared Drive
MITREへのリンク →

Axiom

Score: 10.39
Matched TTPs:
  • T1003 - OS Credential Dumping
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1001.002 - Steganography
MITREへのリンク →

Leviathan

Score: 21.74
Matched TTPs:
  • T1003 - OS Credential Dumping
  • T1027.013 - Encrypted/Encoded File
  • T1584.008 - Network Devices
  • T1204.002 - Malicious File
  • T1140 - Deobfuscate/Decode Files or Information
  • T1203 - Exploitation for Client Execution
  • T1027.003 - Steganography
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1027.015 - Compression
MITREへのリンク →

Contagious Interview

Score: 37.19
Matched TTPs:
  • T1588.007 - Artificial Intelligence
  • T1027.013 - Encrypted/Encoded File
  • T1059.007 - JavaScript
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1681 - Search Threat Vendor Data
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1543.001 - Launch Agent
  • T1027.010 - Command Obfuscation
  • T1204.004 - Malicious Copy and Paste
  • T1204.001 - Malicious Link
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Inception

Score: 10.62
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1204.002 - Malicious File
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1221 - Template Injection
  • T1518 - Software Discovery
MITREへのリンク →

Dark Caracal

Score: 4.15
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1204.002 - Malicious File
  • T1189 - Drive-by Compromise
MITREへのリンク →

Elderwood

Score: 7.78
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1204.002 - Malicious File
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Darkhotel

Score: 7.99
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1204.002 - Malicious File
  • T1140 - Deobfuscate/Decode Files or Information
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Transparent Tribe

Score: 7.00
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1204.002 - Malicious File
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Sidewinder

Score: 14.33
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1059.007 - JavaScript
  • T1204.002 - Malicious File
  • T1574.001 - DLL
  • T1203 - Exploitation for Client Execution
  • T1027.010 - Command Obfuscation
  • T1518 - Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Saint Bear

Score: 13.02
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1059.007 - JavaScript
  • T1204.002 - Malicious File
  • T1608.001 - Upload Malware
  • T1112 - Modify Registry
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

APT33

Score: 15.47
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1003.004 - LSA Secrets
  • T1204.002 - Malicious File
  • T1040 - Network Sniffing
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

BITTER

Score: 11.10
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1204.002 - Malicious File
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

TA505

Score: 20.32
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1059.007 - JavaScript
  • T1069 - Permission Groups Discovery
  • T1204.002 - Malicious File
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1112 - Modify Registry
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1027.010 - Command Obfuscation
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Higaisa

Score: 16.15
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1059.007 - JavaScript
  • T1204.002 - Malicious File
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1203 - Exploitation for Client Execution
  • T1001.003 - Protocol or Service Impersonation
  • T1027.015 - Compression
MITREへのリンク →

APT19

Score: 11.99
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1204.002 - Malicious File
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1112 - Modify Registry
  • T1588.002 - Tool
  • T1027.010 - Command Obfuscation
  • T1189 - Drive-by Compromise
MITREへのリンク →

Fox Kitten

Score: 7.27
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1039 - Data from Network Shared Drive
  • T1027.010 - Command Obfuscation
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Threat Group-3390

Score: 23.51
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1003.004 - LSA Secrets
  • T1204.002 - Malicious File
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1112 - Modify Registry
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1588.003 - Code Signing Certificates
  • T1027.015 - Compression
MITREへのリンク →

TA2541

Score: 14.96
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1204.002 - Malicious File
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1027.015 - Compression
MITREへのリンク →

Malteiro

Score: 3.95
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1204.002 - Malicious File
  • T1140 - Deobfuscate/Decode Files or Information
MITREへのリンク →

Magic Hound

Score: 20.31
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1204.002 - Malicious File
  • T1112 - Modify Registry
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1573 - Encrypted Channel
  • T1592.002 - Software
  • T1027.010 - Command Obfuscation
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Storm-1811

Score: 17.88
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1204.002 - Malicious File
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1056 - Input Capture
  • T1566.004 - Spearphishing Voice
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Blue Mockingbird

Score: 6.67
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1112 - Modify Registry
  • T1588.002 - Tool
  • T1569.002 - Service Execution
MITREへのリンク →

Tropic Trooper

Score: 23.17
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1204.002 - Malicious File
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
  • T1027.003 - Steganography
  • T1221 - Template Injection
  • T1518 - Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1078.003 - Local Accounts
MITREへのリンク →

Mofang

Score: 6.89
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1204.002 - Malicious File
  • T1204.001 - Malicious Link
  • T1027.015 - Compression
MITREへのリンク →

Whitefly

Score: 5.74
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1204.002 - Malicious File
  • T1574.001 - DLL
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

menuPass

Score: 18.65
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1003.004 - LSA Secrets
  • T1204.002 - Malicious File
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1039 - Data from Network Shared Drive
  • T1036.003 - Rename Legitimate Utilities
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Moses Staff

Score: 5.31
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

TeamTNT

Score: 17.25
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1007 - System Service Discovery
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1610 - Deploy Container
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Metador

Score: 5.68
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

OilRig

Score: 35.23
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1003.004 - LSA Secrets
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1007 - System Service Discovery
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1036 - Masquerading
  • T1112 - Modify Registry
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1555.004 - Windows Credential Manager
  • T1105 - Ingress Tool Transfer
  • T1588.003 - Code Signing Certificates
  • T1204.001 - Malicious Link
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

FIN6

Score: 10.62
Matched TTPs:
  • T1059.007 - JavaScript
  • T1204.002 - Malicious File
  • T1588.002 - Tool
  • T1027.010 - Command Obfuscation
  • T1569.002 - Service Execution
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

MoustachedBouncer

Score: 6.51
Matched TTPs:
  • T1059.007 - JavaScript
  • T1659 - Content Injection
MITREへのリンク →

MuddyWater

Score: 26.65
Matched TTPs:
  • T1059.007 - JavaScript
  • T1003.004 - LSA Secrets
  • T1204.002 - Malicious File
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1027.003 - Steganography
  • T1027.004 - Compile After Delivery
  • T1027.010 - Command Obfuscation
  • T1518 - Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Earth Lusca

Score: 26.16
Matched TTPs:
  • T1059.007 - JavaScript
  • T1204.002 - Malicious File
  • T1574.001 - DLL
  • T1007 - System Service Discovery
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1112 - Modify Registry
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1027 - Obfuscated Files or Information
  • T1027.003 - Steganography
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Winter Vivern

Score: 14.17
Matched TTPs:
  • T1059.007 - JavaScript
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1056.003 - Web Portal Capture
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Silence

Score: 10.48
Matched TTPs:
  • T1059.007 - JavaScript
  • T1204.002 - Malicious File
  • T1112 - Modify Registry
  • T1588.002 - Tool
  • T1027.010 - Command Obfuscation
  • T1105 - Ingress Tool Transfer
  • T1569.002 - Service Execution
MITREへのリンク →

LazyScripter

Score: 15.39
Matched TTPs:
  • T1059.007 - JavaScript
  • T1204.002 - Malicious File
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1027.010 - Command Obfuscation
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN7

Score: 24.86
Matched TTPs:
  • T1059.007 - JavaScript
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1674 - Input Injection
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1027.010 - Command Obfuscation
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1569.002 - Service Execution
  • T1078.003 - Local Accounts
MITREへのリンク →

Cobalt Group

Score: 9.10
Matched TTPs:
  • T1059.007 - JavaScript
  • T1204.002 - Malicious File
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1027.010 - Command Obfuscation
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Kimsuky

Score: 37.88
Matched TTPs:
  • T1059.007 - JavaScript
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1007 - System Service Discovery
  • T1040 - Network Sniffing
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1112 - Modify Registry
  • T1027.012 - LNK Icon Smuggling
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1027 - Obfuscated Files or Information
  • T1027.010 - Command Obfuscation
  • T1105 - Ingress Tool Transfer
  • T1588.003 - Code Signing Certificates
  • T1204.001 - Malicious Link
  • T1102.001 - Dead Drop Resolver
  • T1078.003 - Local Accounts
MITREへのリンク →

Indrik Spider

Score: 9.99
Matched TTPs:
  • T1059.007 - JavaScript
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1007 - System Service Discovery
  • T1112 - Modify Registry
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Molerats

Score: 9.62
Matched TTPs:
  • T1059.007 - JavaScript
  • T1204.002 - Malicious File
  • T1140 - Deobfuscate/Decode Files or Information
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1027.015 - Compression
MITREへのリンク →

Leafminer

Score: 9.28
Matched TTPs:
  • T1059.007 - JavaScript
  • T1003.004 - LSA Secrets
  • T1588.002 - Tool
  • T1027.010 - Command Obfuscation
  • T1189 - Drive-by Compromise
MITREへのリンク →

TA578

Score: 5.35
Matched TTPs:
  • T1059.007 - JavaScript
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

Evilnum

Score: 5.84
Matched TTPs:
  • T1059.007 - JavaScript
  • T1574.001 - DLL
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Star Blizzard

Score: 5.58
Matched TTPs:
  • T1059.007 - JavaScript
  • T1204.002 - Malicious File
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
MITREへのリンク →

APT41

Score: 30.34
Matched TTPs:
  • T1568.002 - Domain Generation Algorithms
  • T1069 - Permission Groups Discovery
  • T1574.001 - DLL
  • T1112 - Modify Registry
  • T1588.002 - Tool
  • T1027 - Obfuscated Files or Information
  • T1203 - Exploitation for Client Execution
  • T1595.003 - Wordlist Scanning
  • T1105 - Ingress Tool Transfer
  • T1569.002 - Service Execution
  • T1480.001 - Environmental Keying
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

TA551

Score: 12.78
Matched TTPs:
  • T1568.002 - Domain Generation Algorithms
  • T1204.002 - Malicious File
  • T1036 - Masquerading
  • T1027.003 - Steganography
  • T1027.010 - Command Obfuscation
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Volt Typhoon

Score: 25.58
Matched TTPs:
  • T1584.008 - Network Devices
  • T1069 - Permission Groups Discovery
  • T1007 - System Service Discovery
  • T1140 - Deobfuscate/Decode Files or Information
  • T1552 - Unsecured Credentials
  • T1010 - Application Window Discovery
  • T1112 - Modify Registry
  • T1588.002 - Tool
  • T1518 - Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

ZIRCONIUM

Score: 11.52
Matched TTPs:
  • T1584.008 - Network Devices
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1583.006 - Web Services
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Scattered Spider

Score: 11.50
Matched TTPs:
  • T1069 - Permission Groups Discovery
  • T1588.001 - Malware
  • T1204 - User Execution
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT3

Score: 10.94
Matched TTPs:
  • T1069 - Permission Groups Discovery
  • T1574.001 - DLL
  • T1027 - Obfuscated Files or Information
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN13

Score: 17.03
Matched TTPs:
  • T1069 - Permission Groups Discovery
  • T1587.001 - Malware
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
  • T1556 - Modify Authentication Process
MITREへのリンク →

APT29

Score: 26.88
Matched TTPs:
  • T1003.004 - LSA Secrets
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1550.003 - Pass the Ticket
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
  • T1027.006 - HTML Smuggling
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1078.003 - Local Accounts
MITREへのリンク →

Dragonfly

Score: 13.49
Matched TTPs:
  • T1003.004 - LSA Secrets
  • T1204.002 - Malicious File
  • T1112 - Modify Registry
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1221 - Template Injection
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Ke3chang

Score: 15.33
Matched TTPs:
  • T1003.004 - LSA Secrets
  • T1587.001 - Malware
  • T1007 - System Service Discovery
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.002 - Tool
  • T1027 - Obfuscated Files or Information
  • T1105 - Ingress Tool Transfer
  • T1569.002 - Service Execution
MITREへのリンク →

UNC3886

Score: 13.21
Matched TTPs:
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1681 - Search Threat Vendor Data
  • T1588.001 - Malware
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

LuminousMoth

Score: 13.08
Matched TTPs:
  • T1587.001 - Malware
  • T1574.001 - DLL
  • T1608.001 - Upload Malware
  • T1112 - Modify Registry
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Sandworm Team

Score: 27.96
Matched TTPs:
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1040 - Network Sniffing
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1027 - Obfuscated Files or Information
  • T1592.002 - Software
  • T1203 - Exploitation for Client Execution
  • T1027.010 - Command Obfuscation
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Salt Typhoon

Score: 8.72
Matched TTPs:
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1588.002 - Tool
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Play

Score: 8.25
Matched TTPs:
  • T1587.001 - Malware
  • T1588.002 - Tool
  • T1027.010 - Command Obfuscation
  • T1105 - Ingress Tool Transfer
  • T1078.003 - Local Accounts
MITREへのリンク →

Aoqin Dragon

Score: 7.41
Matched TTPs:
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

RedCurl

Score: 13.70
Matched TTPs:
  • T1587.001 - Malware
  • T1204.002 - Malicious File
  • T1056.002 - GUI Input Capture
  • T1039 - Data from Network Shared Drive
  • T1027 - Obfuscated Files or Information
  • T1204.001 - Malicious Link
MITREへのリンク →

Machete

Score: 3.91
Matched TTPs:
  • T1204.002 - Malicious File
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

WIRTE

Score: 3.98
Matched TTPs:
  • T1204.002 - Malicious File
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

RTM

Score: 7.57
Matched TTPs:
  • T1204.002 - Malicious File
  • T1574.001 - DLL
  • T1189 - Drive-by Compromise
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

APT-C-36

Score: 4.70
Matched TTPs:
  • T1204.002 - Malicious File
  • T1588.002 - Tool
  • T1027 - Obfuscated Files or Information
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Gallmaker

Score: 3.08
Matched TTPs:
  • T1204.002 - Malicious File
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

DarkHydrus

Score: 4.79
Matched TTPs:
  • T1204.002 - Malicious File
  • T1588.002 - Tool
  • T1221 - Template Injection
MITREへのリンク →

PLATINUM

Score: 10.06
Matched TTPs:
  • T1204.002 - Malicious File
  • T1036 - Masquerading
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1056.004 - Credential API Hooking
MITREへのリンク →

HEXANE

Score: 12.84
Matched TTPs:
  • T1204.002 - Malicious File
  • T1608.001 - Upload Malware
  • T1010 - Application Window Discovery
  • T1588.002 - Tool
  • T1027.010 - Command Obfuscation
  • T1518 - Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

FIN8

Score: 13.37
Matched TTPs:
  • T1204.002 - Malicious File
  • T1112 - Modify Registry
  • T1588.002 - Tool
  • T1027.010 - Command Obfuscation
  • T1105 - Ingress Tool Transfer
  • T1588.003 - Code Signing Certificates
  • T1204.001 - Malicious Link
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

APT37

Score: 10.14
Matched TTPs:
  • T1204.002 - Malicious File
  • T1027 - Obfuscated Files or Information
  • T1203 - Exploitation for Client Execution
  • T1027.003 - Steganography
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

PROMETHIUM

Score: 5.22
Matched TTPs:
  • T1204.002 - Malicious File
  • T1189 - Drive-by Compromise
  • T1078.003 - Local Accounts
MITREへのリンク →

Wizard Spider

Score: 19.39
Matched TTPs:
  • T1204.002 - Malicious File
  • T1112 - Modify Registry
  • T1588.002 - Tool
  • T1555.004 - Windows Credential Manager
  • T1027.010 - Command Obfuscation
  • T1105 - Ingress Tool Transfer
  • T1588.003 - Code Signing Certificates
  • T1204.001 - Malicious Link
  • T1569.002 - Service Execution
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

FIN4

Score: 6.28
Matched TTPs:
  • T1204.002 - Malicious File
  • T1056.002 - GUI Input Capture
  • T1204.001 - Malicious Link
MITREへのリンク →

EXOTIC LILY

Score: 5.61
Matched TTPs:
  • T1204.002 - Malicious File
  • T1608.001 - Upload Malware
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Patchwork

Score: 15.75
Matched TTPs:
  • T1204.002 - Malicious File
  • T1574.001 - DLL
  • T1112 - Modify Registry
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1027.010 - Command Obfuscation
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Nomadic Octopus

Score: 3.75
Matched TTPs:
  • T1204.002 - Malicious File
  • T1036 - Masquerading
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Gorgon Group

Score: 5.81
Matched TTPs:
  • T1204.002 - Malicious File
  • T1140 - Deobfuscate/Decode Files or Information
  • T1112 - Modify Registry
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

SideCopy

Score: 8.02
Matched TTPs:
  • T1204.002 - Malicious File
  • T1574.001 - DLL
  • T1608.001 - Upload Malware
  • T1518 - Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Andariel

Score: 14.16
Matched TTPs:
  • T1204.002 - Malicious File
  • T1588.001 - Malware
  • T1592.002 - Software
  • T1203 - Exploitation for Client Execution
  • T1027.003 - Steganography
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

BRONZE BUTLER

Score: 29.63
Matched TTPs:
  • T1204.002 - Malicious File
  • T1574.001 - DLL
  • T1007 - System Service Discovery
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1550.003 - Pass the Ticket
  • T1588.002 - Tool
  • T1039 - Data from Network Shared Drive
  • T1203 - Exploitation for Client Execution
  • T1027.003 - Steganography
  • T1189 - Drive-by Compromise
  • T1518 - Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

APT38

Score: 14.62
Matched TTPs:
  • T1204.002 - Malicious File
  • T1140 - Deobfuscate/Decode Files or Information
  • T1112 - Modify Registry
  • T1588.002 - Tool
  • T1036.003 - Rename Legitimate Utilities
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1569.002 - Service Execution
MITREへのリンク →

admin@338

Score: 4.80
Matched TTPs:
  • T1204.002 - Malicious File
  • T1007 - System Service Discovery
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Gamaredon Group

Score: 36.65
Matched TTPs:
  • T1204.002 - Malicious File
  • T1140 - Deobfuscate/Decode Files or Information
  • T1608.001 - Upload Malware
  • T1112 - Modify Registry
  • T1027.012 - LNK Icon Smuggling
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1001 - Data Obfuscation
  • T1039 - Data from Network Shared Drive
  • T1027 - Obfuscated Files or Information
  • T1027.004 - Compile After Delivery
  • T1027.010 - Command Obfuscation
  • T1221 - Template Injection
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1027.015 - Compression
MITREへのリンク →

IndigoZebra

Score: 4.43
Matched TTPs:
  • T1204.002 - Malicious File
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Confucius

Score: 9.58
Matched TTPs:
  • T1204.002 - Malicious File
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1221 - Template Injection
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

BlackTech

Score: 9.38
Matched TTPs:
  • T1204.002 - Malicious File
  • T1574.001 - DLL
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1588.003 - Code Signing Certificates
  • T1204.001 - Malicious Link
MITREへのリンク →

Windshift

Score: 11.91
Matched TTPs:
  • T1204.002 - Malicious File
  • T1036 - Masquerading
  • T1027 - Obfuscated Files or Information
  • T1189 - Drive-by Compromise
  • T1518 - Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Chimera

Score: 13.18
Matched TTPs:
  • T1574.001 - DLL
  • T1007 - System Service Discovery
  • T1588.002 - Tool
  • T1039 - Data from Network Shared Drive
  • T1027.010 - Command Obfuscation
  • T1105 - Ingress Tool Transfer
  • T1569.002 - Service Execution
MITREへのリンク →

Cinnamon Tempest

Score: 4.93
Matched TTPs:
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Velvet Ant

Score: 9.83
Matched TTPs:
  • T1574.001 - DLL
  • T1040 - Network Sniffing
  • T1569.002 - Service Execution
  • T1078.003 - Local Accounts
MITREへのリンク →

Aquatic Panda

Score: 12.04
Matched TTPs:
  • T1574.001 - DLL
  • T1007 - System Service Discovery
  • T1112 - Modify Registry
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1027.010 - Command Obfuscation
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

GALLIUM

Score: 8.93
Matched TTPs:
  • T1574.001 - DLL
  • T1588.002 - Tool
  • T1027 - Obfuscated Files or Information
  • T1036.003 - Rename Legitimate Utilities
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Daggerfly

Score: 8.92
Matched TTPs:
  • T1574.001 - DLL
  • T1036.003 - Rename Legitimate Utilities
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

BackdoorDiplomacy

Score: 8.11
Matched TTPs:
  • T1574.001 - DLL
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1027 - Obfuscated Files or Information
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT1

Score: 5.83
Matched TTPs:
  • T1007 - System Service Discovery
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

DarkVishnya

Score: 3.88
Matched TTPs:
  • T1040 - Network Sniffing
  • T1588.002 - Tool
MITREへのリンク →

Agrius

Score: 3.75
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
MITREへのリンク →

Rocke

Score: 11.54
Matched TTPs:
  • T1140 - Deobfuscate/Decode Files or Information
  • T1027 - Obfuscated Files or Information
  • T1027.004 - Compile After Delivery
  • T1105 - Ingress Tool Transfer
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Mustard Tempest

Score: 10.41
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1189 - Drive-by Compromise
  • T1608.006 - SEO Poisoning
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

APT42

Score: 8.50
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1112 - Modify Registry
  • T1588.002 - Tool
  • T1056 - Input Capture
MITREへのリンク →

Medusa Group

Score: 9.73
Matched TTPs:
  • T1112 - Modify Registry
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1027.010 - Command Obfuscation
  • T1105 - Ingress Tool Transfer
  • T1569.002 - Service Execution
MITREへのリンク →

LAPSUS$

Score: 7.44
Matched TTPs:
  • T1588.001 - Malware
  • T1204 - User Execution
  • T1588.002 - Tool
MITREへのリンク →

HAFNIUM

Score: 5.46
Matched TTPs:
  • T1583.006 - Web Services
  • T1105 - Ingress Tool Transfer
  • T1078.003 - Local Accounts
MITREへのリンク →

Sea Turtle

Score: 8.63
Matched TTPs:
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1027.004 - Compile After Delivery
  • T1078.003 - Local Accounts
MITREへのリンク →

Thrip

Score: 3.60
Matched TTPs:
  • T1588.002 - Tool
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

FIN10

Score: 3.52
Matched TTPs:
  • T1588.002 - Tool
  • T1078.003 - Local Accounts
MITREへのリンク →

INC Ransom

Score: 4.02
Matched TTPs:
  • T1588.002 - Tool
  • T1105 - Ingress Tool Transfer
  • T1569.002 - Service Execution
MITREへのリンク →

Volatile Cedar

Score: 4.91
Matched TTPs:
  • T1595.003 - Wordlist Scanning
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Stealth Falcon

Score: 3.62
Matched TTPs:
  • T1555.004 - Windows Credential Manager
MITREへのリンク →

Windigo

Score: 4.51
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1518 - Software Discovery
MITREへのリンク →

Equation

Score: 8.26
Matched TTPs:
  • T1564.005 - Hidden File System
  • T1480.001 - Environmental Keying
MITREへのリンク →

Strider

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Mustang Panda

Score: 0.80
Matched TTPs:
  • T1003 - OS Credential Dumping
  • T1204.001 - Malicious Link
  • T1203 - Exploitation for Client Execution
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
  • T1140 - Deobfuscate/Decode Files or Information
  • T1588.003 - Code Signing Certificates
  • T1583.006 - Web Services
  • T1176.002 - IDE Extensions
  • T1608 - Stage Capabilities
  • T1027.007 - Dynamic API Resolution
  • T1608.001 - Upload Malware
  • T1027 - Obfuscated Files or Information
  • T1027.012 - LNK Icon Smuggling
  • T1105 - Ingress Tool Transfer
  • T1574.001 - DLL
  • T1204.002 - Malicious File
  • T1001.003 - Protocol or Service Impersonation
  • T1587.001 - Malware
  • T1588.002 - Tool
  • T1678 - Delay Execution
  • T1518 - Software Discovery
  • T1059.007 - JavaScript
MITREへのリンク →

APT28

Score: 0.60
Matched TTPs:
  • T1588.002 - Tool
  • T1498 - Network Denial of Service
  • T1039 - Data from Network Shared Drive
  • T1003 - OS Credential Dumping
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1203 - Exploitation for Client Execution
  • T1027.013 - Encrypted/Encoded File
  • T1189 - Drive-by Compromise
  • T1204.002 - Malicious File
  • T1140 - Deobfuscate/Decode Files or Information
  • T1036 - Masquerading
  • T1001.001 - Junk Data
  • T1221 - Template Injection
  • T1040 - Network Sniffing
  • T1584.008 - Network Devices
  • T1583.006 - Web Services
MITREへのリンク →

APT32

Score: 0.59
Matched TTPs:
  • T1003 - OS Credential Dumping
  • T1204.001 - Malicious Link
  • T1203 - Exploitation for Client Execution
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
  • T1583.006 - Web Services
  • T1027.010 - Command Obfuscation
  • T1027.013 - Encrypted/Encoded File
  • T1608.001 - Upload Malware
  • T1036.003 - Rename Legitimate Utilities
  • T1105 - Ingress Tool Transfer
  • T1569.002 - Service Execution
  • T1189 - Drive-by Compromise
  • T1574.001 - DLL
  • T1204.002 - Malicious File
  • T1112 - Modify Registry
  • T1078.003 - Local Accounts
  • T1036 - Masquerading
  • T1550.003 - Pass the Ticket
  • T1588.002 - Tool
  • T1059.007 - JavaScript
MITREへのリンク →

Gamaredon Group

Score: 0.56
Matched TTPs:
  • T1588.002 - Tool
  • T1039 - Data from Network Shared Drive
  • T1027.012 - LNK Icon Smuggling
  • T1027 - Obfuscated Files or Information
  • T1027.010 - Command Obfuscation
  • T1001 - Data Obfuscation
  • T1027.004 - Compile After Delivery
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1608.001 - Upload Malware
  • T1112 - Modify Registry
  • T1140 - Deobfuscate/Decode Files or Information
  • T1204.002 - Malicious File
  • T1027.015 - Compression
  • T1221 - Template Injection
  • T1583.006 - Web Services
MITREへのリンク →

Contagious Interview

Score: 0.56
Matched TTPs:
  • T1587.001 - Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1543.001 - Launch Agent
  • T1027.010 - Command Obfuscation
  • T1204.001 - Malicious Link
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
  • T1027.013 - Encrypted/Encoded File
  • T1588.007 - Artificial Intelligence
  • T1204.002 - Malicious File
  • T1608.001 - Upload Malware
  • T1681 - Search Threat Vendor Data
  • T1036 - Masquerading
  • T1059.007 - JavaScript
  • T1204.004 - Malicious Copy and Paste
MITREへのリンク →

Kimsuky

Score: 0.56
Matched TTPs:
  • T1587.001 - Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1027 - Obfuscated Files or Information
  • T1007 - System Service Discovery
  • T1027.012 - LNK Icon Smuggling
  • T1027.010 - Command Obfuscation
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1204.002 - Malicious File
  • T1608.001 - Upload Malware
  • T1140 - Deobfuscate/Decode Files or Information
  • T1112 - Modify Registry
  • T1102.001 - Dead Drop Resolver
  • T1078.003 - Local Accounts
  • T1588.003 - Code Signing Certificates
  • T1040 - Network Sniffing
  • T1059.007 - JavaScript
MITREへのリンク →

Lazarus Group

Score: 0.55
Matched TTPs:
  • T1587.001 - Malware
  • T1036.003 - Rename Legitimate Utilities
  • T1588.002 - Tool
  • T1027.009 - Embedded Payloads
  • T1105 - Ingress Tool Transfer
  • T1027.007 - Dynamic API Resolution
  • T1203 - Exploitation for Client Execution
  • T1027.013 - Encrypted/Encoded File
  • T1189 - Drive-by Compromise
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
  • T1204.002 - Malicious File
  • T1574.001 - DLL
  • T1140 - Deobfuscate/Decode Files or Information
  • T1010 - Application Window Discovery
  • T1583.006 - Web Services
  • T1001.003 - Protocol or Service Impersonation
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る