Trusted Design

HIDDEN COBRA – North Korea’s DDoS Botnet Infrastructure

概要

Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This alert provides technical details on the tools and infrastructure used by cyber actors of the North Korean government to target the media, aerospace, financial, and critical infrastructure sectors in the United States and globally. Working with U.S. Government partners, DHS and FBI identified Internet Protocol (IP) addresses associated with a malware variant, known as DeltaCharlie, used to manage North Korea’s distributed denial-of-service (DDoS) botnet infrastructure. This alert contains indicators of compromise (IOCs), malware descriptions, network signatures, and host-based rules to help network defenders detect activity conducted by the North Korean government. The U.S. Government refers to the malicious cyber activity by the North Korean government as HIDDEN COBRA.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Ember Bear

Score: 15.23
Matched TTPs:
  • T1491.002 - External Defacement
  • T1071.004 - DNS
  • T1190 - Exploit Public-Facing Application
  • T1090.003 - Multi-hop Proxy
  • T1595.001 - Scanning IP Blocks
MITREへのリンク →

Sandworm Team

Score: 30.96
Matched TTPs:
  • T1491.002 - External Defacement
  • T1040 - Network Sniffing
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1591.002 - Business Relationships
  • T1584.005 - Botnet
  • T1585.001 - Social Media Accounts
  • T1102.002 - Bidirectional Communication
  • T1499 - Endpoint Denial of Service
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Andariel

Score: 4.62
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Magic Hound

Score: 17.57
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1016.001 - Internet Connection Discovery
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1585.001 - Social Media Accounts
  • T1102.002 - Bidirectional Communication
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

HAFNIUM

Score: 24.29
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1016.001 - Internet Connection Discovery
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1584.005 - Botnet
  • T1590 - Gather Victim Network Information
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

APT41

Score: 18.01
Matched TTPs:
  • T1568.002 - Domain Generation Algorithms
  • T1071.004 - DNS
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1105 - Ingress Tool Transfer
  • T1596.005 - Scan Databases
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

TA551

Score: 4.91
Matched TTPs:
  • T1568.002 - Domain Generation Algorithms
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

HEXANE

Score: 11.70
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1585.001 - Social Media Accounts
  • T1102.002 - Bidirectional Communication
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT29

Score: 18.93
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1190 - Exploit Public-Facing Application
  • T1090.003 - Multi-hop Proxy
  • T1090.004 - Domain Fronting
  • T1105 - Ingress Tool Transfer
  • T1665 - Hide Infrastructure
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Gamaredon Group

Score: 12.54
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1608.001 - Upload Malware
  • T1090.003 - Multi-hop Proxy
  • T1102.002 - Bidirectional Communication
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

TA2541

Score: 10.14
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1608.001 - Upload Malware
  • T1573.002 - Asymmetric Cryptography
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Lotus Blossom

Score: 6.96
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1016 - System Network Configuration Discovery
  • T1090.003 - Multi-hop Proxy
MITREへのリンク →

FIN13

Score: 19.34
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1590.004 - Network Topology
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1087 - Account Discovery
  • T1657 - Financial Theft
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Turla

Score: 12.12
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1016 - System Network Configuration Discovery
  • T1102.002 - Bidirectional Communication
  • T1518.001 - Security Software Discovery
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Volt Typhoon

Score: 35.31
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1590.004 - Network Topology
  • T1190 - Exploit Public-Facing Application
  • T1590.006 - Network Security Appliances
  • T1016 - System Network Configuration Discovery
  • T1584.005 - Botnet
  • T1591 - Gather Victim Org Information
  • T1590 - Gather Victim Network Information
  • T1090.003 - Multi-hop Proxy
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
  • T1596.005 - Scan Databases
MITREへのリンク →

FIN8

Score: 10.91
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1573.002 - Asymmetric Cryptography
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Chimera

Score: 4.99
Matched TTPs:
  • T1071.004 - DNS
  • T1016 - System Network Configuration Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

LazyScripter

Score: 5.50
Matched TTPs:
  • T1071.004 - DNS
  • T1608.001 - Upload Malware
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Cobalt Group

Score: 8.17
Matched TTPs:
  • T1071.004 - DNS
  • T1573.002 - Asymmetric Cryptography
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

OilRig

Score: 19.52
Matched TTPs:
  • T1071.004 - DNS
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1137.004 - Outlook Home Page
  • T1573.002 - Asymmetric Cryptography
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Ke3chang

Score: 10.31
Matched TTPs:
  • T1071.004 - DNS
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT39

Score: 7.39
Matched TTPs:
  • T1071.004 - DNS
  • T1190 - Exploit Public-Facing Application
  • T1102.002 - Bidirectional Communication
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Tropic Trooper

Score: 12.30
Matched TTPs:
  • T1071.004 - DNS
  • T1016 - System Network Configuration Discovery
  • T1573.002 - Asymmetric Cryptography
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

APT18

Score: 3.52
Matched TTPs:
  • T1071.004 - DNS
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

FIN7

Score: 15.32
Matched TTPs:
  • T1071.004 - DNS
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1591 - Gather Victim Org Information
  • T1102.002 - Bidirectional Communication
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

APT5

Score: 5.31
Matched TTPs:
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
MITREへのリンク →

Kimsuky

Score: 24.45
Matched TTPs:
  • T1040 - Network Sniffing
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1657 - Financial Theft
  • T1591 - Gather Victim Org Information
  • T1585.001 - Social Media Accounts
  • T1102.002 - Bidirectional Communication
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Velvet Ant

Score: 9.91
Matched TTPs:
  • T1040 - Network Sniffing
  • T1573.002 - Asymmetric Cryptography
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

Salt Typhoon

Score: 11.09
Matched TTPs:
  • T1040 - Network Sniffing
  • T1590.004 - Network Topology
  • T1190 - Exploit Public-Facing Application
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

APT33

Score: 6.56
Matched TTPs:
  • T1040 - Network Sniffing
  • T1105 - Ingress Tool Transfer
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

UNC3886

Score: 8.64
Matched TTPs:
  • T1040 - Network Sniffing
  • T1190 - Exploit Public-Facing Application
  • T1681 - Search Threat Vendor Data
MITREへのリンク →

DarkVishnya

Score: 3.03
Matched TTPs:
  • T1040 - Network Sniffing
MITREへのリンク →

APT28

Score: 29.58
Matched TTPs:
  • T1040 - Network Sniffing
  • T1190 - Exploit Public-Facing Application
  • T1591 - Gather Victim Org Information
  • T1090.003 - Multi-hop Proxy
  • T1102.002 - Bidirectional Communication
  • T1498 - Network Denial of Service
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
  • T1669 - Wi-Fi Networks
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

Earth Lusca

Score: 7.75
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1584.004 - Server
MITREへのリンク →

Mustang Panda

Score: 13.76
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1105 - Ingress Tool Transfer
  • T1027.007 - Dynamic API Resolution
  • T1564.001 - Hidden Files and Directories
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

LuminousMoth

Score: 5.42
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

TeamTNT

Score: 10.25
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1518.001 - Security Software Discovery
  • T1595.001 - Scanning IP Blocks
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Star Blizzard

Score: 4.31
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1585.001 - Social Media Accounts
MITREへのリンク →

Threat Group-3390

Score: 9.82
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1608.002 - Upload Tool
  • T1016 - System Network Configuration Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

SideCopy

Score: 6.12
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

BlackByte

Score: 7.59
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT32

Score: 11.97
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1585.001 - Social Media Accounts
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Moonstone Sleet

Score: 12.37
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1591 - Gather Victim Org Information
  • T1585.001 - Social Media Accounts
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Contagious Interview

Score: 16.24
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1681 - Search Threat Vendor Data
  • T1657 - Financial Theft
  • T1585.001 - Social Media Accounts
  • T1566.003 - Spearphishing via Service
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

EXOTIC LILY

Score: 6.84
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1585.001 - Social Media Accounts
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT42

Score: 8.09
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1573.002 - Asymmetric Cryptography
  • T1518.001 - Security Software Discovery
MITREへのリンク →

Rocke

Score: 10.10
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Medusa Group

Score: 24.64
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1608.002 - Upload Tool
  • T1016 - System Network Configuration Discovery
  • T1657 - Financial Theft
  • T1090.003 - Multi-hop Proxy
  • T1585.001 - Social Media Accounts
  • T1573.002 - Asymmetric Cryptography
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1218.014 - MMC
MITREへのリンク →

Storm-0501

Score: 5.89
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1518.001 - Security Software Discovery
MITREへのリンク →

Fox Kitten

Score: 4.59
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1585.001 - Social Media Accounts
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Cinnamon Tempest

Score: 4.77
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

menuPass

Score: 3.72
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

ToddyCat

Score: 5.89
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1518.001 - Security Software Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

GALLIUM

Score: 3.72
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Leviathan

Score: 10.17
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1090.003 - Multi-hop Proxy
  • T1585.001 - Social Media Accounts
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

INC Ransom

Score: 4.77
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Moses Staff

Score: 3.72
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Dragonfly

Score: 10.39
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1591.002 - Business Relationships
  • T1016 - System Network Configuration Discovery
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Axiom

Score: 9.63
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1584.005 - Botnet
  • T1001.002 - Steganography
MITREへのリンク →

Play

Score: 8.14
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1657 - Financial Theft
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

MuddyWater

Score: 8.01
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1102.002 - Bidirectional Communication
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

LAPSUS$

Score: 3.84
Matched TTPs:
  • T1591.002 - Business Relationships
MITREへのリンク →

Lazarus Group

Score: 25.17
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1591 - Gather Victim Org Information
  • T1585.001 - Social Media Accounts
  • T1102.002 - Bidirectional Communication
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
  • T1027.007 - Dynamic API Resolution
  • T1564.001 - Hidden Files and Directories
  • T1566.003 - Spearphishing via Service
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Scattered Spider

Score: 10.96
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1087 - Account Discovery
  • T1657 - Financial Theft
  • T1585.001 - Social Media Accounts
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Naikon

Score: 3.37
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1518.001 - Security Software Discovery
MITREへのリンク →

Sidewinder

Score: 4.15
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Wizard Spider

Score: 6.89
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Darkhotel

Score: 4.15
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

ZIRCONIUM

Score: 11.52
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1090.003 - Multi-hop Proxy
  • T1102.002 - Bidirectional Communication
  • T1105 - Ingress Tool Transfer
  • T1665 - Hide Infrastructure
MITREへのリンク →

Aquatic Panda

Score: 6.52
Matched TTPs:
  • T1087 - Account Discovery
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Malteiro

Score: 4.42
Matched TTPs:
  • T1657 - Financial Theft
  • T1518.001 - Security Software Discovery
MITREへのリンク →

Water Galura

Score: 4.86
Matched TTPs:
  • T1657 - Financial Theft
  • T1585.001 - Social Media Accounts
MITREへのリンク →

Indrik Spider

Score: 7.45
Matched TTPs:
  • T1590 - Gather Victim Network Information
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

CURIUM

Score: 4.86
Matched TTPs:
  • T1585.001 - Social Media Accounts
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT37

Score: 7.31
Matched TTPs:
  • T1036.001 - Invalid Code Signature
  • T1102.002 - Bidirectional Communication
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Windshift

Score: 9.33
Matched TTPs:
  • T1036.001 - Invalid Code Signature
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

RedCurl

Score: 5.41
Matched TTPs:
  • T1573.002 - Asymmetric Cryptography
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

FIN6

Score: 8.02
Matched TTPs:
  • T1573.002 - Asymmetric Cryptography
  • T1566.003 - Spearphishing via Service
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Patchwork

Score: 5.96
Matched TTPs:
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Daggerfly

Score: 3.61
Matched TTPs:
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Storm-1811

Score: 3.30
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

BRONZE BUTLER

Score: 4.06
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Ajax Security Team

Score: 3.30
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

RTM

Score: 3.29
Matched TTPs:
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Volt Typhoon

Score: 0.85
Matched TTPs:
  • T1591 - Gather Victim Org Information
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
  • T1016 - System Network Configuration Discovery
  • T1596.005 - Scan Databases
  • T1584.005 - Botnet
  • T1016.001 - Internet Connection Discovery
  • T1190 - Exploit Public-Facing Application
  • T1590 - Gather Victim Network Information
  • T1590.006 - Network Security Appliances
  • T1590.004 - Network Topology
  • T1090.003 - Multi-hop Proxy
MITREへのリンク →

Sandworm Team

Score: 0.75
Matched TTPs:
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
  • T1102.002 - Bidirectional Communication
  • T1499 - Endpoint Denial of Service
  • T1608.001 - Upload Malware
  • T1040 - Network Sniffing
  • T1584.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1491.002 - External Defacement
  • T1585.001 - Social Media Accounts
  • T1591.002 - Business Relationships
MITREへのリンク →

APT28

Score: 0.71
Matched TTPs:
  • T1591 - Gather Victim Org Information
  • T1498 - Network Denial of Service
  • T1105 - Ingress Tool Transfer
  • T1102.002 - Bidirectional Communication
  • T1669 - Wi-Fi Networks
  • T1040 - Network Sniffing
  • T1190 - Exploit Public-Facing Application
  • T1211 - Exploitation for Defense Evasion
  • T1090.003 - Multi-hop Proxy
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Lazarus Group

Score: 0.68
Matched TTPs:
  • T1591 - Gather Victim Org Information
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
  • T1102.002 - Bidirectional Communication
  • T1564.001 - Hidden Files and Directories
  • T1016 - System Network Configuration Discovery
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
  • T1566.003 - Spearphishing via Service
  • T1585.001 - Social Media Accounts
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

Kimsuky

Score: 0.65
Matched TTPs:
  • T1591 - Gather Victim Org Information
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1102.002 - Bidirectional Communication
  • T1608.001 - Upload Malware
  • T1040 - Network Sniffing
  • T1016 - System Network Configuration Discovery
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1102.001 - Dead Drop Resolver
  • T1585.001 - Social Media Accounts
MITREへのリンク →

HAFNIUM

Score: 0.61
Matched TTPs:
  • T1583.005 - Botnet
  • T1105 - Ingress Tool Transfer
  • T1016 - System Network Configuration Discovery
  • T1590.005 - IP Addresses
  • T1584.005 - Botnet
  • T1016.001 - Internet Connection Discovery
  • T1190 - Exploit Public-Facing Application
  • T1590 - Gather Victim Network Information
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Medusa Group

Score: 0.60
Matched TTPs:
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1573.002 - Asymmetric Cryptography
  • T1016 - System Network Configuration Discovery
  • T1190 - Exploit Public-Facing Application
  • T1608.002 - Upload Tool
  • T1657 - Financial Theft
  • T1585.001 - Social Media Accounts
  • T1218.014 - MMC
  • T1090.003 - Multi-hop Proxy
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る