Trusted Design

TA17-164A - HIDDEN COBRA DDoS Botnet Infrastructure

概要

This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This alert provides technical details on the tools and infrastructure used by cyber actors of the North Korean government to target the media, aerospace, financial, and critical infrastructure sectors in the United States and globally. Working with U.S. Government partners, DHS and FBI identified Internet Protocol (IP) addresses associated with a malware variant, known as DeltaCharlie, used to manage North Korea’s distributed denial-of-service (DDoS) botnet infrastructure. This alert contains indicators of compromise (IOCs), malware descriptions, network signatures, and host-based rules to help network defenders detect activity conducted by the North Korean government. The U.S. Government refers to the malicious cyber activity by the North Korean government as HIDDEN COBRA.

Created: 2026-02-23

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Ember Bear

Score: 15.23
Matched TTPs:
  • T1491.002 - External Defacement
  • T1071.004 - DNS
  • T1190 - Exploit Public-Facing Application
  • T1090.003 - Multi-hop Proxy
  • T1595.001 - Scanning IP Blocks
MITREへのリンク →

Sandworm Team

Score: 36.90
Matched TTPs:
  • T1491.002 - External Defacement
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1591.002 - Business Relationships
  • T1584.005 - Botnet
  • T1585.001 - Social Media Accounts
  • T1592.002 - Software
  • T1102.002 - Bidirectional Communication
  • T1499 - Endpoint Denial of Service
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Andariel

Score: 8.47
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1592.002 - Software
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Magic Hound

Score: 25.95
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1016.001 - Internet Connection Discovery
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1585.001 - Social Media Accounts
  • T1592.002 - Software
  • T1102.002 - Bidirectional Communication
  • T1105 - Ingress Tool Transfer
  • T1591.001 - Determine Physical Locations
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

HAFNIUM

Score: 24.29
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1016.001 - Internet Connection Discovery
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1584.005 - Botnet
  • T1590 - Gather Victim Network Information
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

APT41

Score: 18.01
Matched TTPs:
  • T1568.002 - Domain Generation Algorithms
  • T1071.004 - DNS
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1105 - Ingress Tool Transfer
  • T1596.005 - Scan Databases
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

TA551

Score: 4.91
Matched TTPs:
  • T1568.002 - Domain Generation Algorithms
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

HEXANE

Score: 11.70
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1585.001 - Social Media Accounts
  • T1102.002 - Bidirectional Communication
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT29

Score: 21.03
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1090.003 - Multi-hop Proxy
  • T1090.004 - Domain Fronting
  • T1105 - Ingress Tool Transfer
  • T1665 - Hide Infrastructure
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Gamaredon Group

Score: 12.54
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1608.001 - Upload Malware
  • T1090.003 - Multi-hop Proxy
  • T1102.002 - Bidirectional Communication
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

TA2541

Score: 10.14
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1608.001 - Upload Malware
  • T1573.002 - Asymmetric Cryptography
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Lotus Blossom

Score: 6.96
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1016 - System Network Configuration Discovery
  • T1090.003 - Multi-hop Proxy
MITREへのリンク →

FIN13

Score: 21.44
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1587.001 - Malware
  • T1590.004 - Network Topology
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1087 - Account Discovery
  • T1657 - Financial Theft
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Turla

Score: 17.50
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1587.001 - Malware
  • T1071.003 - Mail Protocols
  • T1016 - System Network Configuration Discovery
  • T1102.002 - Bidirectional Communication
  • T1518.001 - Security Software Discovery
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Volt Typhoon

Score: 35.31
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1590.004 - Network Topology
  • T1190 - Exploit Public-Facing Application
  • T1590.006 - Network Security Appliances
  • T1016 - System Network Configuration Discovery
  • T1584.005 - Botnet
  • T1591 - Gather Victim Org Information
  • T1590 - Gather Victim Network Information
  • T1090.003 - Multi-hop Proxy
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
  • T1596.005 - Scan Databases
MITREへのリンク →

FIN8

Score: 10.91
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1573.002 - Asymmetric Cryptography
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Chimera

Score: 4.99
Matched TTPs:
  • T1071.004 - DNS
  • T1016 - System Network Configuration Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

LazyScripter

Score: 5.50
Matched TTPs:
  • T1071.004 - DNS
  • T1608.001 - Upload Malware
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Cobalt Group

Score: 8.17
Matched TTPs:
  • T1071.004 - DNS
  • T1573.002 - Asymmetric Cryptography
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

OilRig

Score: 21.61
Matched TTPs:
  • T1071.004 - DNS
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1137.004 - Outlook Home Page
  • T1573.002 - Asymmetric Cryptography
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Ke3chang

Score: 12.40
Matched TTPs:
  • T1071.004 - DNS
  • T1587.001 - Malware
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT39

Score: 7.39
Matched TTPs:
  • T1071.004 - DNS
  • T1190 - Exploit Public-Facing Application
  • T1102.002 - Bidirectional Communication
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Tropic Trooper

Score: 12.30
Matched TTPs:
  • T1071.004 - DNS
  • T1016 - System Network Configuration Discovery
  • T1573.002 - Asymmetric Cryptography
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

APT18

Score: 3.52
Matched TTPs:
  • T1071.004 - DNS
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

FIN7

Score: 17.41
Matched TTPs:
  • T1071.004 - DNS
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1591 - Gather Victim Org Information
  • T1102.002 - Bidirectional Communication
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Kimsuky

Score: 29.84
Matched TTPs:
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1071.003 - Mail Protocols
  • T1016 - System Network Configuration Discovery
  • T1657 - Financial Theft
  • T1591 - Gather Victim Org Information
  • T1585.001 - Social Media Accounts
  • T1102.002 - Bidirectional Communication
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Moonstone Sleet

Score: 14.46
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1591 - Gather Victim Org Information
  • T1585.001 - Social Media Accounts
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Indrik Spider

Score: 9.55
Matched TTPs:
  • T1587.001 - Malware
  • T1590 - Gather Victim Network Information
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Lazarus Group

Score: 27.27
Matched TTPs:
  • T1587.001 - Malware
  • T1016 - System Network Configuration Discovery
  • T1591 - Gather Victim Org Information
  • T1585.001 - Social Media Accounts
  • T1102.002 - Bidirectional Communication
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
  • T1027.007 - Dynamic API Resolution
  • T1564.001 - Hidden Files and Directories
  • T1566.003 - Spearphishing via Service
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Contagious Interview

Score: 21.62
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1071.003 - Mail Protocols
  • T1681 - Search Threat Vendor Data
  • T1657 - Financial Theft
  • T1585.001 - Social Media Accounts
  • T1566.003 - Spearphishing via Service
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

UNC3886

Score: 10.73
Matched TTPs:
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1190 - Exploit Public-Facing Application
  • T1681 - Search Threat Vendor Data
MITREへのリンク →

LuminousMoth

Score: 7.51
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Salt Typhoon

Score: 17.73
Matched TTPs:
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1590.004 - Network Topology
  • T1190 - Exploit Public-Facing Application
  • T1602.002 - Network Device Configuration Dump
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Play

Score: 10.23
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1657 - Financial Theft
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

RedCurl

Score: 7.51
Matched TTPs:
  • T1587.001 - Malware
  • T1573.002 - Asymmetric Cryptography
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Cleaver

Score: 4.44
Matched TTPs:
  • T1587.001 - Malware
  • T1585.001 - Social Media Accounts
MITREへのリンク →

Moses Staff

Score: 5.81
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Mustang Panda

Score: 15.86
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1105 - Ingress Tool Transfer
  • T1027.007 - Dynamic API Resolution
  • T1564.001 - Hidden Files and Directories
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

TeamTNT

Score: 12.35
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1518.001 - Security Software Discovery
  • T1595.001 - Scanning IP Blocks
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT5

Score: 5.31
Matched TTPs:
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
MITREへのリンク →

Velvet Ant

Score: 9.91
Matched TTPs:
  • T1040 - Network Sniffing
  • T1573.002 - Asymmetric Cryptography
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

APT33

Score: 6.56
Matched TTPs:
  • T1040 - Network Sniffing
  • T1105 - Ingress Tool Transfer
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

DarkVishnya

Score: 3.03
Matched TTPs:
  • T1040 - Network Sniffing
MITREへのリンク →

APT28

Score: 37.41
Matched TTPs:
  • T1040 - Network Sniffing
  • T1190 - Exploit Public-Facing Application
  • T1557.004 - Evil Twin
  • T1071.003 - Mail Protocols
  • T1591 - Gather Victim Org Information
  • T1090.003 - Multi-hop Proxy
  • T1102.002 - Bidirectional Communication
  • T1498 - Network Denial of Service
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
  • T1669 - Wi-Fi Networks
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

Earth Lusca

Score: 7.75
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1584.004 - Server
MITREへのリンク →

Star Blizzard

Score: 4.31
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1585.001 - Social Media Accounts
MITREへのリンク →

Threat Group-3390

Score: 9.82
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1608.002 - Upload Tool
  • T1016 - System Network Configuration Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

SideCopy

Score: 6.12
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

BlackByte

Score: 7.59
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT32

Score: 15.26
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1071.003 - Mail Protocols
  • T1016 - System Network Configuration Discovery
  • T1585.001 - Social Media Accounts
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

EXOTIC LILY

Score: 6.84
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1585.001 - Social Media Accounts
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT42

Score: 8.09
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1573.002 - Asymmetric Cryptography
  • T1518.001 - Security Software Discovery
MITREへのリンク →

Rocke

Score: 10.10
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Medusa Group

Score: 24.64
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1608.002 - Upload Tool
  • T1016 - System Network Configuration Discovery
  • T1657 - Financial Theft
  • T1090.003 - Multi-hop Proxy
  • T1585.001 - Social Media Accounts
  • T1573.002 - Asymmetric Cryptography
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1218.014 - MMC
MITREへのリンク →

Storm-0501

Score: 5.89
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1518.001 - Security Software Discovery
MITREへのリンク →

Fox Kitten

Score: 4.59
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1585.001 - Social Media Accounts
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Cinnamon Tempest

Score: 4.77
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

menuPass

Score: 3.72
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

ToddyCat

Score: 5.89
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1518.001 - Security Software Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

GALLIUM

Score: 3.72
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Leviathan

Score: 10.17
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1090.003 - Multi-hop Proxy
  • T1585.001 - Social Media Accounts
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

INC Ransom

Score: 4.77
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Dragonfly

Score: 10.39
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1591.002 - Business Relationships
  • T1016 - System Network Configuration Discovery
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Axiom

Score: 9.63
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1584.005 - Botnet
  • T1001.002 - Steganography
MITREへのリンク →

MuddyWater

Score: 8.01
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1102.002 - Bidirectional Communication
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

SilverTerrier

Score: 5.81
Matched TTPs:
  • T1071.003 - Mail Protocols
  • T1657 - Financial Theft
MITREへのリンク →

LAPSUS$

Score: 3.84
Matched TTPs:
  • T1591.002 - Business Relationships
MITREへのリンク →

Scattered Spider

Score: 10.96
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1087 - Account Discovery
  • T1657 - Financial Theft
  • T1585.001 - Social Media Accounts
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Naikon

Score: 3.37
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1518.001 - Security Software Discovery
MITREへのリンク →

Sidewinder

Score: 4.15
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Wizard Spider

Score: 6.89
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Darkhotel

Score: 4.15
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

ZIRCONIUM

Score: 11.52
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1090.003 - Multi-hop Proxy
  • T1102.002 - Bidirectional Communication
  • T1105 - Ingress Tool Transfer
  • T1665 - Hide Infrastructure
MITREへのリンク →

Aquatic Panda

Score: 6.52
Matched TTPs:
  • T1087 - Account Discovery
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Malteiro

Score: 4.42
Matched TTPs:
  • T1657 - Financial Theft
  • T1518.001 - Security Software Discovery
MITREへのリンク →

Water Galura

Score: 4.86
Matched TTPs:
  • T1657 - Financial Theft
  • T1585.001 - Social Media Accounts
MITREへのリンク →

CURIUM

Score: 4.86
Matched TTPs:
  • T1585.001 - Social Media Accounts
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT37

Score: 7.31
Matched TTPs:
  • T1036.001 - Invalid Code Signature
  • T1102.002 - Bidirectional Communication
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Windshift

Score: 9.33
Matched TTPs:
  • T1036.001 - Invalid Code Signature
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

FIN6

Score: 8.02
Matched TTPs:
  • T1573.002 - Asymmetric Cryptography
  • T1566.003 - Spearphishing via Service
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Patchwork

Score: 5.96
Matched TTPs:
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Daggerfly

Score: 3.61
Matched TTPs:
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Storm-1811

Score: 3.30
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

BRONZE BUTLER

Score: 4.06
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Ajax Security Team

Score: 3.30
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

RTM

Score: 3.29
Matched TTPs:
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Sandworm Team

Score: 0.84
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1591.002 - Business Relationships
  • T1499 - Endpoint Denial of Service
  • T1587.001 - Malware
  • T1584.004 - Server
  • T1592.002 - Software
  • T1102.002 - Bidirectional Communication
  • T1040 - Network Sniffing
  • T1584.005 - Botnet
  • T1608.001 - Upload Malware
  • T1585.001 - Social Media Accounts
  • T1105 - Ingress Tool Transfer
  • T1491.002 - External Defacement
MITREへのリンク →

APT28

Score: 0.83
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1591 - Gather Victim Org Information
  • T1090.003 - Multi-hop Proxy
  • T1040 - Network Sniffing
  • T1102.002 - Bidirectional Communication
  • T1564.001 - Hidden Files and Directories
  • T1669 - Wi-Fi Networks
  • T1211 - Exploitation for Defense Evasion
  • T1557.004 - Evil Twin
  • T1105 - Ingress Tool Transfer
  • T1498 - Network Denial of Service
  • T1071.003 - Mail Protocols
MITREへのリンク →

Volt Typhoon

Score: 0.82
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1596.005 - Scan Databases
  • T1591 - Gather Victim Org Information
  • T1584.004 - Server
  • T1016 - System Network Configuration Discovery
  • T1016.001 - Internet Connection Discovery
  • T1590.006 - Network Security Appliances
  • T1090.003 - Multi-hop Proxy
  • T1584.005 - Botnet
  • T1590.004 - Network Topology
  • T1105 - Ingress Tool Transfer
  • T1590 - Gather Victim Network Information
MITREへのリンク →

Kimsuky

Score: 0.72
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1591 - Gather Victim Org Information
  • T1587.001 - Malware
  • T1016 - System Network Configuration Discovery
  • T1102.002 - Bidirectional Communication
  • T1040 - Network Sniffing
  • T1608.001 - Upload Malware
  • T1585.001 - Social Media Accounts
  • T1105 - Ingress Tool Transfer
  • T1518.001 - Security Software Discovery
  • T1102.001 - Dead Drop Resolver
  • T1071.003 - Mail Protocols
MITREへのリンク →

Lazarus Group

Score: 0.68
Matched TTPs:
  • T1591 - Gather Victim Org Information
  • T1587.001 - Malware
  • T1584.004 - Server
  • T1016 - System Network Configuration Discovery
  • T1566.003 - Spearphishing via Service
  • T1102.002 - Bidirectional Communication
  • T1585.001 - Social Media Accounts
  • T1105 - Ingress Tool Transfer
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
  • T1027.007 - Dynamic API Resolution
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Magic Hound

Score: 0.62
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1591.001 - Determine Physical Locations
  • T1016 - System Network Configuration Discovery
  • T1016.001 - Internet Connection Discovery
  • T1566.003 - Spearphishing via Service
  • T1590.005 - IP Addresses
  • T1592.002 - Software
  • T1102.002 - Bidirectional Communication
  • T1585.001 - Social Media Accounts
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

HAFNIUM

Score: 0.58
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1016.001 - Internet Connection Discovery
  • T1590.005 - IP Addresses
  • T1583.005 - Botnet
  • T1584.005 - Botnet
  • T1105 - Ingress Tool Transfer
  • T1590 - Gather Victim Network Information
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Medusa Group

Score: 0.58
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1218.014 - MMC
  • T1016 - System Network Configuration Discovery
  • T1573.002 - Asymmetric Cryptography
  • T1090.003 - Multi-hop Proxy
  • T1585.001 - Social Media Accounts
  • T1608.002 - Upload Tool
  • T1105 - Ingress Tool Transfer
  • T1518.001 - Security Software Discovery
MITREへのリンク →

FIN13

Score: 0.55
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1587.001 - Malware
  • T1016 - System Network Configuration Discovery
  • T1016.001 - Internet Connection Discovery
  • T1590.004 - Network Topology
  • T1087 - Account Discovery
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る