Pulse Detail-

HIDDEN COBRA – North Korea’s DDoS Botnet Infrastructure

概要

Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This alert provides technical details on the tools and infrastructure used by cyber actors of the North Korean government to target the media, aerospace, financial, and critical infrastructure sectors in the United States and globally. Working with U.S. Government partners, DHS and FBI identified Internet Protocol (IP) addresses associated with a malware variant, known as DeltaCharlie, used to manage North Korea’s distributed denial-of-service (DDoS) botnet infrastructure. This alert contains indicators of compromise (IOCs), malware descriptions, network signatures, and host-based rules to help network defenders detect activity conducted by the North Korean government. The U.S. Government refers to the malicious cyber activity by the North Korean government as HIDDEN COBRA.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

TA17-164A - HIDDEN COBRA DDoS Botnet Infrastructure (score: 0.97)
TA17-164A: HIDDEN COBRA (score: 0.94)
TA17-164A: HIDDEN COBRA – North Korea’s DDoS Botnet Infrastructure (score: 0.93)
Hidden Cobra (score: 0.84)
HIDDEN COBRA – North Korea’s DDoS Botnet Infrastructure | US-CERT (score: 0.82)

このPulseに関連する脅威アクター (事実ベース)

Ember Bear

Score: 15.23

Matched TTPs:

T1564.008 - Email Hiding Rules
T1195.001 - Compromise Software Dependencies and Development Tools
T1140 - Deobfuscate/Decode Files or Information
T1056.002 - GUI Input Capture
T1519 - Emond

MITREへのリンク →

Sandworm Team

Score: 30.96

Matched TTPs:

T1564.008 - Email Hiding Rules
T1583.005 - Botnet
T1091 - Replication Through Removable Media
T1140 - Deobfuscate/Decode Files or Information
T1193 - Spearphishing Attachment
T1049 - System Network Connections Discovery
T1565 - Data Manipulation
T1547.002 - Authentication Package
T1075 - Pass the Hash
T1546.016 - Installer Packages
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Andariel

Score: 4.62

Matched TTPs:

T1171 - LLMNR/NBT-NS Poisoning and Relay
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Magic Hound

Score: 17.57

Matched TTPs:

T1171 - LLMNR/NBT-NS Poisoning and Relay
T1099 - Timestomp
T1140 - Deobfuscate/Decode Files or Information
T1590.006 - Network Security Appliances
T1565 - Data Manipulation
T1547.002 - Authentication Package
T1547.013 - XDG Autostart Entries
T1547.008 - LSASS Driver

MITREへのリンク →

HAFNIUM

Score: 24.29

Matched TTPs:

T1171 - LLMNR/NBT-NS Poisoning and Relay
T1099 - Timestomp
T1027.008 - Stripped Payloads
T1140 - Deobfuscate/Decode Files or Information
T1590.006 - Network Security Appliances
T1049 - System Network Connections Discovery
T1552.008 - Chat Messages
T1547.013 - XDG Autostart Entries
T1105 - Ingress Tool Transfer

MITREへのリンク →

APT41

Score: 18.01

Matched TTPs:

T1539 - Steal Web Session Cookie
T1195.001 - Compromise Software Dependencies and Development Tools
T1140 - Deobfuscate/Decode Files or Information
T1590.006 - Network Security Appliances
T1547.013 - XDG Autostart Entries
T1574.002 - DLL Side-Loading
T1008 - Fallback Channels

MITREへのリンク →

TA551

Score: 4.91

Matched TTPs:

T1539 - Steal Web Session Cookie
T1547.013 - XDG Autostart Entries

MITREへのリンク →

HEXANE

Score: 11.70

Matched TTPs:

T1099 - Timestomp
T1091 - Replication Through Removable Media
T1590.006 - Network Security Appliances
T1565 - Data Manipulation
T1547.002 - Authentication Package
T1547.013 - XDG Autostart Entries

MITREへのリンク →

APT29

Score: 18.93

Matched TTPs:

T1099 - Timestomp
T1140 - Deobfuscate/Decode Files or Information
T1056.002 - GUI Input Capture
T1218.009 - Regsvcs/Regasm
T1547.013 - XDG Autostart Entries
T1608.006 - SEO Poisoning
T1547.008 - LSASS Driver

MITREへのリンク →

Gamaredon Group

Score: 12.54

Matched TTPs:

T1099 - Timestomp
T1091 - Replication Through Removable Media
T1056.002 - GUI Input Capture
T1547.002 - Authentication Package
T1506 - Web Session Cookie
T1547.013 - XDG Autostart Entries

MITREへのリンク →

TA2541

Score: 10.14

Matched TTPs:

T1099 - Timestomp
T1091 - Replication Through Removable Media
T1128 - Netsh Helper DLL
T1506 - Web Session Cookie
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Lotus Blossom

Score: 6.96

Matched TTPs:

T1099 - Timestomp
T1590.006 - Network Security Appliances
T1056.002 - GUI Input Capture

MITREへのリンク →

FIN13

Score: 19.34

Matched TTPs:

T1099 - Timestomp
T1553.002 - Code Signing
T1140 - Deobfuscate/Decode Files or Information
T1590.006 - Network Security Appliances
T1144 - Gatekeeper Bypass
T1552.003 - Shell History
T1547.013 - XDG Autostart Entries
T1105 - Ingress Tool Transfer

MITREへのリンク →

Turla

Score: 12.12

Matched TTPs:

T1099 - Timestomp
T1590.006 - Network Security Appliances
T1547.002 - Authentication Package
T1506 - Web Session Cookie
T1546.016 - Installer Packages
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Volt Typhoon

Score: 35.31

Matched TTPs:

T1099 - Timestomp
T1553.002 - Code Signing
T1140 - Deobfuscate/Decode Files or Information
T1164 - Re-opened Applications
T1590.006 - Network Security Appliances
T1049 - System Network Connections Discovery
T1057 - Process Discovery
T1552.008 - Chat Messages
T1056.002 - GUI Input Capture
T1546.016 - Installer Packages
T1547.013 - XDG Autostart Entries
T1574.002 - DLL Side-Loading

MITREへのリンク →

FIN8

Score: 10.91

Matched TTPs:

T1099 - Timestomp
T1128 - Netsh Helper DLL
T1506 - Web Session Cookie
T1547.013 - XDG Autostart Entries
T1556 - Modify Authentication Process

MITREへのリンク →

Chimera

Score: 4.99

Matched TTPs:

T1195.001 - Compromise Software Dependencies and Development Tools
T1590.006 - Network Security Appliances
T1547.013 - XDG Autostart Entries

MITREへのリンク →

LazyScripter

Score: 5.50

Matched TTPs:

T1195.001 - Compromise Software Dependencies and Development Tools
T1091 - Replication Through Removable Media
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Cobalt Group

Score: 8.17

Matched TTPs:

T1195.001 - Compromise Software Dependencies and Development Tools
T1128 - Netsh Helper DLL
T1506 - Web Session Cookie
T1547.013 - XDG Autostart Entries

MITREへのリンク →

OilRig

Score: 19.52

Matched TTPs:

T1195.001 - Compromise Software Dependencies and Development Tools
T1091 - Replication Through Removable Media
T1590.006 - Network Security Appliances
T1592.002 - Software
T1128 - Netsh Helper DLL
T1547.013 - XDG Autostart Entries
T1547.008 - LSASS Driver
T1556 - Modify Authentication Process

MITREへのリンク →

Ke3chang

Score: 10.31

Matched TTPs:

T1195.001 - Compromise Software Dependencies and Development Tools
T1027.008 - Stripped Payloads
T1140 - Deobfuscate/Decode Files or Information
T1590.006 - Network Security Appliances
T1547.013 - XDG Autostart Entries

MITREへのリンク →

APT39

Score: 7.39

Matched TTPs:

T1195.001 - Compromise Software Dependencies and Development Tools
T1140 - Deobfuscate/Decode Files or Information
T1547.002 - Authentication Package
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Tropic Trooper

Score: 12.30

Matched TTPs:

T1195.001 - Compromise Software Dependencies and Development Tools
T1590.006 - Network Security Appliances
T1128 - Netsh Helper DLL
T1506 - Web Session Cookie
T1547.013 - XDG Autostart Entries
T1105 - Ingress Tool Transfer

MITREへのリンク →

APT18

Score: 3.52

Matched TTPs:

T1195.001 - Compromise Software Dependencies and Development Tools
T1547.013 - XDG Autostart Entries

MITREへのリンク →

FIN7

Score: 15.32

Matched TTPs:

T1195.001 - Compromise Software Dependencies and Development Tools
T1091 - Replication Through Removable Media
T1140 - Deobfuscate/Decode Files or Information
T1057 - Process Discovery
T1547.002 - Authentication Package
T1547.013 - XDG Autostart Entries
T1105 - Ingress Tool Transfer

MITREへのリンク →

APT5

Score: 5.31

Matched TTPs:

T1027.008 - Stripped Payloads
T1140 - Deobfuscate/Decode Files or Information

MITREへのリンク →

Kimsuky

Score: 24.45

Matched TTPs:

T1583.005 - Botnet
T1091 - Replication Through Removable Media
T1140 - Deobfuscate/Decode Files or Information
T1590.006 - Network Security Appliances
T1552.003 - Shell History
T1057 - Process Discovery
T1565 - Data Manipulation
T1547.002 - Authentication Package
T1506 - Web Session Cookie
T1547.013 - XDG Autostart Entries
T1008 - Fallback Channels

MITREへのリンク →

Velvet Ant

Score: 9.91

Matched TTPs:

T1583.005 - Botnet
T1128 - Netsh Helper DLL
T1566.003 - Spearphishing via Service

MITREへのリンク →

Salt Typhoon

Score: 11.09

Matched TTPs:

T1583.005 - Botnet
T1553.002 - Code Signing
T1140 - Deobfuscate/Decode Files or Information
T1556 - Modify Authentication Process

MITREへのリンク →

APT33

Score: 6.56

Matched TTPs:

T1583.005 - Botnet
T1547.013 - XDG Autostart Entries
T1556 - Modify Authentication Process

MITREへのリンク →

UNC3886

Score: 8.64

Matched TTPs:

T1583.005 - Botnet
T1140 - Deobfuscate/Decode Files or Information
T1021.006 - Windows Remote Management

MITREへのリンク →

DarkVishnya

Score: 3.03

Matched TTPs:

T1583.005 - Botnet

MITREへのリンク →

APT28

Score: 29.58

Matched TTPs:

T1583.005 - Botnet
T1140 - Deobfuscate/Decode Files or Information
T1057 - Process Discovery
T1056.002 - GUI Input Capture
T1547.002 - Authentication Package
T1146 - Clear Command History
T1547.013 - XDG Autostart Entries
T1105 - Ingress Tool Transfer
T1546.007 - Netsh Helper DLL
T1566.003 - Spearphishing via Service

MITREへのリンク →

Earth Lusca

Score: 7.75

Matched TTPs:

T1091 - Replication Through Removable Media
T1140 - Deobfuscate/Decode Files or Information
T1590.006 - Network Security Appliances
T1546.016 - Installer Packages

MITREへのリンク →

Mustang Panda

Score: 13.76

Matched TTPs:

T1091 - Replication Through Removable Media
T1590.006 - Network Security Appliances
T1547.013 - XDG Autostart Entries
T1055.005 - Thread Local Storage
T1105 - Ingress Tool Transfer
T1556 - Modify Authentication Process

MITREへのリンク →

LuminousMoth

Score: 5.42

Matched TTPs:

T1091 - Replication Through Removable Media
T1547.013 - XDG Autostart Entries
T1105 - Ingress Tool Transfer

MITREへのリンク →

TeamTNT

Score: 10.25

Matched TTPs:

T1091 - Replication Through Removable Media
T1590.006 - Network Security Appliances
T1506 - Web Session Cookie
T1519 - Emond
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Star Blizzard

Score: 4.31

Matched TTPs:

T1091 - Replication Through Removable Media
T1565 - Data Manipulation

MITREへのリンク →

Threat Group-3390

Score: 9.82

Matched TTPs:

T1091 - Replication Through Removable Media
T1140 - Deobfuscate/Decode Files or Information
T1218.003 - CMSTP
T1590.006 - Network Security Appliances
T1547.013 - XDG Autostart Entries

MITREへのリンク →

SideCopy

Score: 6.12

Matched TTPs:

T1091 - Replication Through Removable Media
T1590.006 - Network Security Appliances
T1506 - Web Session Cookie
T1547.013 - XDG Autostart Entries

MITREへのリンク →

BlackByte

Score: 7.59

Matched TTPs:

T1091 - Replication Through Removable Media
T1140 - Deobfuscate/Decode Files or Information
T1590.006 - Network Security Appliances
T1506 - Web Session Cookie
T1547.013 - XDG Autostart Entries

MITREへのリンク →

APT32

Score: 11.97

Matched TTPs:

T1091 - Replication Through Removable Media
T1590.006 - Network Security Appliances
T1565 - Data Manipulation
T1547.013 - XDG Autostart Entries
T1105 - Ingress Tool Transfer
T1556 - Modify Authentication Process

MITREへのリンク →

Moonstone Sleet

Score: 12.37

Matched TTPs:

T1091 - Replication Through Removable Media
T1590.006 - Network Security Appliances
T1057 - Process Discovery
T1565 - Data Manipulation
T1547.013 - XDG Autostart Entries
T1547.008 - LSASS Driver

MITREへのリンク →

Contagious Interview

Score: 16.24

Matched TTPs:

T1091 - Replication Through Removable Media
T1021.006 - Windows Remote Management
T1552.003 - Shell History
T1565 - Data Manipulation
T1547.008 - LSASS Driver
T1556 - Modify Authentication Process

MITREへのリンク →

EXOTIC LILY

Score: 6.84

Matched TTPs:

T1091 - Replication Through Removable Media
T1565 - Data Manipulation
T1547.008 - LSASS Driver

MITREへのリンク →

APT42

Score: 8.09

Matched TTPs:

T1091 - Replication Through Removable Media
T1590.006 - Network Security Appliances
T1128 - Netsh Helper DLL
T1506 - Web Session Cookie

MITREへのリンク →

Rocke

Score: 10.10

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1506 - Web Session Cookie
T1547.013 - XDG Autostart Entries
T1105 - Ingress Tool Transfer
T1008 - Fallback Channels

MITREへのリンク →

Medusa Group

Score: 24.64

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1218.003 - CMSTP
T1590.006 - Network Security Appliances
T1552.003 - Shell History
T1056.002 - GUI Input Capture
T1565 - Data Manipulation
T1128 - Netsh Helper DLL
T1506 - Web Session Cookie
T1547.013 - XDG Autostart Entries
T1094 - Custom Command and Control Protocol

MITREへのリンク →

Storm-0501

Score: 5.89

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1552.003 - Shell History
T1506 - Web Session Cookie

MITREへのリンク →

Fox Kitten

Score: 4.59

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1565 - Data Manipulation
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Cinnamon Tempest

Score: 4.77

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1552.003 - Shell History
T1547.013 - XDG Autostart Entries

MITREへのリンク →

menuPass

Score: 3.72

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1590.006 - Network Security Appliances
T1547.013 - XDG Autostart Entries

MITREへのリンク →

ToddyCat

Score: 5.89

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1506 - Web Session Cookie
T1547.008 - LSASS Driver

MITREへのリンク →

GALLIUM

Score: 3.72

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1590.006 - Network Security Appliances
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Leviathan

Score: 10.17

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1056.002 - GUI Input Capture
T1565 - Data Manipulation
T1546.016 - Installer Packages
T1547.013 - XDG Autostart Entries

MITREへのリンク →

INC Ransom

Score: 4.77

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1552.003 - Shell History
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Moses Staff

Score: 3.72

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1590.006 - Network Security Appliances
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Dragonfly

Score: 10.39

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1193 - Spearphishing Attachment
T1590.006 - Network Security Appliances
T1546.016 - Installer Packages
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Axiom

Score: 9.63

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1049 - System Network Connections Discovery
T1160 - Launch Daemon

MITREへのリンク →

Play

Score: 8.14

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1590.006 - Network Security Appliances
T1552.003 - Shell History
T1506 - Web Session Cookie
T1547.013 - XDG Autostart Entries

MITREへのリンク →

MuddyWater

Score: 8.01

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1590.006 - Network Security Appliances
T1547.002 - Authentication Package
T1506 - Web Session Cookie
T1547.013 - XDG Autostart Entries

MITREへのリンク →

LAPSUS$

Score: 3.84

Matched TTPs:

T1193 - Spearphishing Attachment

MITREへのリンク →

Lazarus Group

Score: 25.17

Matched TTPs:

T1590.006 - Network Security Appliances
T1057 - Process Discovery
T1565 - Data Manipulation
T1547.002 - Authentication Package
T1546.016 - Installer Packages
T1547.013 - XDG Autostart Entries
T1055.005 - Thread Local Storage
T1105 - Ingress Tool Transfer
T1547.008 - LSASS Driver
T1556 - Modify Authentication Process

MITREへのリンク →

Scattered Spider

Score: 10.96

Matched TTPs:

T1590.006 - Network Security Appliances
T1144 - Gatekeeper Bypass
T1552.003 - Shell History
T1565 - Data Manipulation
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Naikon

Score: 3.37

Matched TTPs:

T1590.006 - Network Security Appliances
T1506 - Web Session Cookie

MITREへのリンク →

Sidewinder

Score: 4.15

Matched TTPs:

T1590.006 - Network Security Appliances
T1506 - Web Session Cookie
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Wizard Spider

Score: 6.89

Matched TTPs:

T1590.006 - Network Security Appliances
T1506 - Web Session Cookie
T1547.013 - XDG Autostart Entries
T1556 - Modify Authentication Process

MITREへのリンク →

Darkhotel

Score: 4.15

Matched TTPs:

T1590.006 - Network Security Appliances
T1506 - Web Session Cookie
T1547.013 - XDG Autostart Entries

MITREへのリンク →

ZIRCONIUM

Score: 11.52

Matched TTPs:

T1590.006 - Network Security Appliances
T1056.002 - GUI Input Capture
T1547.002 - Authentication Package
T1547.013 - XDG Autostart Entries
T1608.006 - SEO Poisoning

MITREへのリンク →

Aquatic Panda

Score: 6.52

Matched TTPs:

T1144 - Gatekeeper Bypass
T1506 - Web Session Cookie
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Malteiro

Score: 4.42

Matched TTPs:

T1552.003 - Shell History
T1506 - Web Session Cookie

MITREへのリンク →

Water Galura

Score: 4.86

Matched TTPs:

T1552.003 - Shell History
T1565 - Data Manipulation

MITREへのリンク →

Indrik Spider

Score: 7.45

Matched TTPs:

T1552.008 - Chat Messages
T1546.016 - Installer Packages
T1547.013 - XDG Autostart Entries

MITREへのリンク →

CURIUM

Score: 4.86

Matched TTPs:

T1565 - Data Manipulation
T1547.008 - LSASS Driver

MITREへのリンク →

APT37

Score: 7.31

Matched TTPs:

T1078 - Valid Accounts
T1547.002 - Authentication Package
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Windshift

Score: 9.33

Matched TTPs:

T1078 - Valid Accounts
T1506 - Web Session Cookie
T1547.013 - XDG Autostart Entries
T1547.008 - LSASS Driver

MITREへのリンク →

RedCurl

Score: 5.41

Matched TTPs:

T1128 - Netsh Helper DLL
T1105 - Ingress Tool Transfer

MITREへのリンク →

FIN6

Score: 8.02

Matched TTPs:

T1128 - Netsh Helper DLL
T1547.008 - LSASS Driver
T1556 - Modify Authentication Process

MITREへのリンク →

Patchwork

Score: 5.96

Matched TTPs:

T1506 - Web Session Cookie
T1547.013 - XDG Autostart Entries
T1008 - Fallback Channels

MITREへのリンク →

Daggerfly

Score: 3.61

Matched TTPs:

T1546.016 - Installer Packages
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Storm-1811

Score: 3.30

Matched TTPs:

T1547.013 - XDG Autostart Entries
T1547.008 - LSASS Driver

MITREへのリンク →

BRONZE BUTLER

Score: 4.06

Matched TTPs:

T1547.013 - XDG Autostart Entries
T1008 - Fallback Channels

MITREへのリンク →

Ajax Security Team

Score: 3.30

Matched TTPs:

T1547.013 - XDG Autostart Entries
T1547.008 - LSASS Driver

MITREへのリンク →

RTM

Score: 3.29

Matched TTPs:

T1008 - Fallback Channels

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Volt Typhoon

Score: 0.85

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1164 - Re-opened Applications
T1056.002 - GUI Input Capture
T1574.002 - DLL Side-Loading
T1099 - Timestomp
T1546.016 - Installer Packages
T1590.006 - Network Security Appliances
T1552.008 - Chat Messages
T1553.002 - Code Signing
T1547.013 - XDG Autostart Entries
T1049 - System Network Connections Discovery
T1057 - Process Discovery

MITREへのリンク →

Sandworm Team

Score: 0.75

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1546.016 - Installer Packages
T1193 - Spearphishing Attachment
T1565 - Data Manipulation
T1075 - Pass the Hash
T1547.013 - XDG Autostart Entries
T1564.008 - Email Hiding Rules
T1583.005 - Botnet
T1049 - System Network Connections Discovery
T1091 - Replication Through Removable Media
T1547.002 - Authentication Package

MITREへのリンク →

APT28

Score: 0.71

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1146 - Clear Command History
T1566.003 - Spearphishing via Service
T1546.007 - Netsh Helper DLL
T1105 - Ingress Tool Transfer
T1547.013 - XDG Autostart Entries
T1583.005 - Botnet
T1056.002 - GUI Input Capture
T1547.002 - Authentication Package
T1057 - Process Discovery

MITREへのリンク →

Lazarus Group

Score: 0.68

Matched TTPs:

T1547.008 - LSASS Driver
T1546.016 - Installer Packages
T1565 - Data Manipulation
T1590.006 - Network Security Appliances
T1105 - Ingress Tool Transfer
T1547.013 - XDG Autostart Entries
T1055.005 - Thread Local Storage
T1556 - Modify Authentication Process
T1547.002 - Authentication Package
T1057 - Process Discovery

MITREへのリンク →

Kimsuky

Score: 0.65

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1565 - Data Manipulation
T1506 - Web Session Cookie
T1590.006 - Network Security Appliances
T1547.013 - XDG Autostart Entries
T1583.005 - Botnet
T1552.003 - Shell History
T1091 - Replication Through Removable Media
T1547.002 - Authentication Package
T1057 - Process Discovery
T1008 - Fallback Channels

MITREへのリンク →

HAFNIUM

Score: 0.61

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1027.008 - Stripped Payloads
T1099 - Timestomp
T1590.006 - Network Security Appliances
T1552.008 - Chat Messages
T1105 - Ingress Tool Transfer
T1171 - LLMNR/NBT-NS Poisoning and Relay
T1547.013 - XDG Autostart Entries
T1049 - System Network Connections Discovery

MITREへのリンク →

Medusa Group

Score: 0.60

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1565 - Data Manipulation
T1128 - Netsh Helper DLL
T1590.006 - Network Security Appliances
T1506 - Web Session Cookie
T1547.013 - XDG Autostart Entries
T1056.002 - GUI Input Capture
T1552.003 - Shell History
T1218.003 - CMSTP
T1094 - Custom Command and Control Protocol

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る

HIDDEN COBRA – North Korea’s DDoS Botnet Infrastructure

概要

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

Pulse – 脅威アクター グラフ

Pulse – 脅威アクターグラフ