Trusted Design

TA17-164A: HIDDEN COBRA

概要

This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This alert provides technical details on the tools and infrastructure used by cyber actors of the North Korean government to target the media, aerospace, financial, and critical infrastructure sectors in the United States and globally. Working with U.S. Government partners, DHS and FBI identified Internet Protocol (IP) addresses associated with a malware variant, known as DeltaCharlie, used to manage North Korea’s distributed denial-of-service (DDoS) botnet infrastructure. This alert contains indicators of compromise (IOCs), malware descriptions, network signatures, and host-based rules to help network defenders detect activity conducted by the North Korean government.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Andariel

Score: 8.47
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1592.002 - Software
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Magic Hound

Score: 23.55
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1016.001 - Internet Connection Discovery
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1585.001 - Social Media Accounts
  • T1592.002 - Software
  • T1105 - Ingress Tool Transfer
  • T1591.001 - Determine Physical Locations
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

HAFNIUM

Score: 24.29
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1016.001 - Internet Connection Discovery
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1584.005 - Botnet
  • T1590 - Gather Victim Network Information
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

APT41

Score: 18.01
Matched TTPs:
  • T1568.002 - Domain Generation Algorithms
  • T1071.004 - DNS
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1105 - Ingress Tool Transfer
  • T1596.005 - Scan Databases
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

TA551

Score: 4.91
Matched TTPs:
  • T1568.002 - Domain Generation Algorithms
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

HEXANE

Score: 9.31
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1585.001 - Social Media Accounts
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT29

Score: 21.03
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1090.003 - Multi-hop Proxy
  • T1090.004 - Domain Fronting
  • T1105 - Ingress Tool Transfer
  • T1665 - Hide Infrastructure
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Gamaredon Group

Score: 10.14
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1608.001 - Upload Malware
  • T1090.003 - Multi-hop Proxy
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

TA2541

Score: 10.14
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1608.001 - Upload Malware
  • T1573.002 - Asymmetric Cryptography
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Lotus Blossom

Score: 9.89
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1016 - System Network Configuration Discovery
  • T1090.003 - Multi-hop Proxy
  • T1090.001 - Internal Proxy
MITREへのリンク →

FIN13

Score: 24.37
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1587.001 - Malware
  • T1590.004 - Network Topology
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1087 - Account Discovery
  • T1657 - Financial Theft
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
  • T1090.001 - Internal Proxy
MITREへのリンク →

Turla

Score: 18.03
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1587.001 - Malware
  • T1071.003 - Mail Protocols
  • T1016 - System Network Configuration Discovery
  • T1518.001 - Security Software Discovery
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
  • T1090.001 - Internal Proxy
MITREへのリンク →

Volt Typhoon

Score: 38.24
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1590.004 - Network Topology
  • T1190 - Exploit Public-Facing Application
  • T1590.006 - Network Security Appliances
  • T1016 - System Network Configuration Discovery
  • T1584.005 - Botnet
  • T1591 - Gather Victim Org Information
  • T1590 - Gather Victim Network Information
  • T1090.003 - Multi-hop Proxy
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
  • T1596.005 - Scan Databases
  • T1090.001 - Internal Proxy
MITREへのリンク →

FIN8

Score: 10.91
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1573.002 - Asymmetric Cryptography
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Chimera

Score: 4.99
Matched TTPs:
  • T1071.004 - DNS
  • T1016 - System Network Configuration Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

LazyScripter

Score: 5.50
Matched TTPs:
  • T1071.004 - DNS
  • T1608.001 - Upload Malware
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Cobalt Group

Score: 8.17
Matched TTPs:
  • T1071.004 - DNS
  • T1573.002 - Asymmetric Cryptography
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

OilRig

Score: 21.61
Matched TTPs:
  • T1071.004 - DNS
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1137.004 - Outlook Home Page
  • T1573.002 - Asymmetric Cryptography
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Ke3chang

Score: 12.40
Matched TTPs:
  • T1071.004 - DNS
  • T1587.001 - Malware
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT39

Score: 7.92
Matched TTPs:
  • T1071.004 - DNS
  • T1190 - Exploit Public-Facing Application
  • T1105 - Ingress Tool Transfer
  • T1090.001 - Internal Proxy
MITREへのリンク →

Ember Bear

Score: 11.09
Matched TTPs:
  • T1071.004 - DNS
  • T1190 - Exploit Public-Facing Application
  • T1090.003 - Multi-hop Proxy
  • T1595.001 - Scanning IP Blocks
MITREへのリンク →

Tropic Trooper

Score: 12.30
Matched TTPs:
  • T1071.004 - DNS
  • T1016 - System Network Configuration Discovery
  • T1573.002 - Asymmetric Cryptography
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

APT18

Score: 3.52
Matched TTPs:
  • T1071.004 - DNS
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

FIN7

Score: 15.01
Matched TTPs:
  • T1071.004 - DNS
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1591 - Gather Victim Org Information
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Kimsuky

Score: 27.44
Matched TTPs:
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1071.003 - Mail Protocols
  • T1016 - System Network Configuration Discovery
  • T1657 - Financial Theft
  • T1591 - Gather Victim Org Information
  • T1585.001 - Social Media Accounts
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Moonstone Sleet

Score: 14.46
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1591 - Gather Victim Org Information
  • T1585.001 - Social Media Accounts
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Indrik Spider

Score: 9.55
Matched TTPs:
  • T1587.001 - Malware
  • T1590 - Gather Victim Network Information
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Lazarus Group

Score: 27.80
Matched TTPs:
  • T1587.001 - Malware
  • T1016 - System Network Configuration Discovery
  • T1591 - Gather Victim Org Information
  • T1585.001 - Social Media Accounts
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
  • T1027.007 - Dynamic API Resolution
  • T1564.001 - Hidden Files and Directories
  • T1566.003 - Spearphishing via Service
  • T1090.001 - Internal Proxy
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Contagious Interview

Score: 21.62
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1071.003 - Mail Protocols
  • T1681 - Search Threat Vendor Data
  • T1657 - Financial Theft
  • T1585.001 - Social Media Accounts
  • T1566.003 - Spearphishing via Service
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

UNC3886

Score: 10.73
Matched TTPs:
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1190 - Exploit Public-Facing Application
  • T1681 - Search Threat Vendor Data
MITREへのリンク →

LuminousMoth

Score: 7.51
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Sandworm Team

Score: 30.37
Matched TTPs:
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1591.002 - Business Relationships
  • T1584.005 - Botnet
  • T1585.001 - Social Media Accounts
  • T1592.002 - Software
  • T1499 - Endpoint Denial of Service
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Salt Typhoon

Score: 17.73
Matched TTPs:
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1590.004 - Network Topology
  • T1190 - Exploit Public-Facing Application
  • T1602.002 - Network Device Configuration Dump
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Play

Score: 10.23
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1657 - Financial Theft
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

RedCurl

Score: 7.51
Matched TTPs:
  • T1587.001 - Malware
  • T1573.002 - Asymmetric Cryptography
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Cleaver

Score: 4.44
Matched TTPs:
  • T1587.001 - Malware
  • T1585.001 - Social Media Accounts
MITREへのリンク →

Moses Staff

Score: 5.81
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Mustang Panda

Score: 15.86
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1105 - Ingress Tool Transfer
  • T1027.007 - Dynamic API Resolution
  • T1564.001 - Hidden Files and Directories
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

TeamTNT

Score: 12.35
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1518.001 - Security Software Discovery
  • T1595.001 - Scanning IP Blocks
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT5

Score: 5.31
Matched TTPs:
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
MITREへのリンク →

Velvet Ant

Score: 12.84
Matched TTPs:
  • T1040 - Network Sniffing
  • T1573.002 - Asymmetric Cryptography
  • T1090.001 - Internal Proxy
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

APT33

Score: 6.56
Matched TTPs:
  • T1040 - Network Sniffing
  • T1105 - Ingress Tool Transfer
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

DarkVishnya

Score: 3.03
Matched TTPs:
  • T1040 - Network Sniffing
MITREへのリンク →

APT28

Score: 35.01
Matched TTPs:
  • T1040 - Network Sniffing
  • T1190 - Exploit Public-Facing Application
  • T1557.004 - Evil Twin
  • T1071.003 - Mail Protocols
  • T1591 - Gather Victim Org Information
  • T1090.003 - Multi-hop Proxy
  • T1498 - Network Denial of Service
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
  • T1669 - Wi-Fi Networks
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

Earth Lusca

Score: 7.75
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1584.004 - Server
MITREへのリンク →

Star Blizzard

Score: 4.31
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1585.001 - Social Media Accounts
MITREへのリンク →

Threat Group-3390

Score: 9.82
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1608.002 - Upload Tool
  • T1016 - System Network Configuration Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

SideCopy

Score: 6.12
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

BlackByte

Score: 7.59
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT32

Score: 15.26
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1071.003 - Mail Protocols
  • T1016 - System Network Configuration Discovery
  • T1585.001 - Social Media Accounts
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

EXOTIC LILY

Score: 6.84
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1585.001 - Social Media Accounts
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT42

Score: 8.09
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1573.002 - Asymmetric Cryptography
  • T1518.001 - Security Software Discovery
MITREへのリンク →

Rocke

Score: 10.10
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Medusa Group

Score: 20.10
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1608.002 - Upload Tool
  • T1016 - System Network Configuration Discovery
  • T1657 - Financial Theft
  • T1090.003 - Multi-hop Proxy
  • T1585.001 - Social Media Accounts
  • T1573.002 - Asymmetric Cryptography
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Storm-0501

Score: 5.89
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1518.001 - Security Software Discovery
MITREへのリンク →

Fox Kitten

Score: 4.59
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1585.001 - Social Media Accounts
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Cinnamon Tempest

Score: 4.77
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

menuPass

Score: 3.72
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

ToddyCat

Score: 5.89
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1518.001 - Security Software Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

GALLIUM

Score: 3.72
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Leviathan

Score: 10.17
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1090.003 - Multi-hop Proxy
  • T1585.001 - Social Media Accounts
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

INC Ransom

Score: 4.77
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Dragonfly

Score: 10.39
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1591.002 - Business Relationships
  • T1016 - System Network Configuration Discovery
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Axiom

Score: 9.63
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1584.005 - Botnet
  • T1001.002 - Steganography
MITREへのリンク →

MuddyWater

Score: 5.62
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

SilverTerrier

Score: 5.81
Matched TTPs:
  • T1071.003 - Mail Protocols
  • T1657 - Financial Theft
MITREへのリンク →

LAPSUS$

Score: 3.84
Matched TTPs:
  • T1591.002 - Business Relationships
MITREへのリンク →

Scattered Spider

Score: 10.96
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1087 - Account Discovery
  • T1657 - Financial Theft
  • T1585.001 - Social Media Accounts
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Naikon

Score: 3.37
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1518.001 - Security Software Discovery
MITREへのリンク →

Sidewinder

Score: 4.15
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Wizard Spider

Score: 6.89
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Darkhotel

Score: 4.15
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Higaisa

Score: 4.40
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1090.001 - Internal Proxy
MITREへのリンク →

ZIRCONIUM

Score: 9.13
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1090.003 - Multi-hop Proxy
  • T1105 - Ingress Tool Transfer
  • T1665 - Hide Infrastructure
MITREへのリンク →

Aquatic Panda

Score: 6.52
Matched TTPs:
  • T1087 - Account Discovery
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Malteiro

Score: 4.42
Matched TTPs:
  • T1657 - Financial Theft
  • T1518.001 - Security Software Discovery
MITREへのリンク →

Water Galura

Score: 4.86
Matched TTPs:
  • T1657 - Financial Theft
  • T1585.001 - Social Media Accounts
MITREへのリンク →

CURIUM

Score: 4.86
Matched TTPs:
  • T1585.001 - Social Media Accounts
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT37

Score: 4.91
Matched TTPs:
  • T1036.001 - Invalid Code Signature
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Windshift

Score: 9.33
Matched TTPs:
  • T1036.001 - Invalid Code Signature
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

FIN6

Score: 8.02
Matched TTPs:
  • T1573.002 - Asymmetric Cryptography
  • T1566.003 - Spearphishing via Service
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Patchwork

Score: 5.96
Matched TTPs:
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Daggerfly

Score: 3.61
Matched TTPs:
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Storm-1811

Score: 3.30
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

BRONZE BUTLER

Score: 4.06
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Ajax Security Team

Score: 3.30
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

RTM

Score: 3.29
Matched TTPs:
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Volt Typhoon

Score: 0.85
Matched TTPs:
  • T1090.001 - Internal Proxy
  • T1016.001 - Internet Connection Discovery
  • T1590.006 - Network Security Appliances
  • T1596.005 - Scan Databases
  • T1190 - Exploit Public-Facing Application
  • T1584.004 - Server
  • T1090.003 - Multi-hop Proxy
  • T1105 - Ingress Tool Transfer
  • T1584.005 - Botnet
  • T1590.004 - Network Topology
  • T1590 - Gather Victim Network Information
  • T1591 - Gather Victim Org Information
  • T1016 - System Network Configuration Discovery
MITREへのリンク →

APT28

Score: 0.77
Matched TTPs:
  • T1564.001 - Hidden Files and Directories
  • T1190 - Exploit Public-Facing Application
  • T1071.003 - Mail Protocols
  • T1090.003 - Multi-hop Proxy
  • T1105 - Ingress Tool Transfer
  • T1040 - Network Sniffing
  • T1557.004 - Evil Twin
  • T1498 - Network Denial of Service
  • T1669 - Wi-Fi Networks
  • T1211 - Exploitation for Defense Evasion
  • T1591 - Gather Victim Org Information
MITREへのリンク →

Sandworm Team

Score: 0.70
Matched TTPs:
  • T1592.002 - Software
  • T1591.002 - Business Relationships
  • T1587.001 - Malware
  • T1499 - Endpoint Denial of Service
  • T1190 - Exploit Public-Facing Application
  • T1608.001 - Upload Malware
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
  • T1040 - Network Sniffing
  • T1584.005 - Botnet
  • T1585.001 - Social Media Accounts
MITREへのリンク →

Lazarus Group

Score: 0.67
Matched TTPs:
  • T1027.007 - Dynamic API Resolution
  • T1587.001 - Malware
  • T1090.001 - Internal Proxy
  • T1564.001 - Hidden Files and Directories
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
  • T1585.001 - Social Media Accounts
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
  • T1591 - Gather Victim Org Information
  • T1016 - System Network Configuration Discovery
MITREへのリンク →

Kimsuky

Score: 0.65
Matched TTPs:
  • T1587.001 - Malware
  • T1657 - Financial Theft
  • T1190 - Exploit Public-Facing Application
  • T1608.001 - Upload Malware
  • T1071.003 - Mail Protocols
  • T1518.001 - Security Software Discovery
  • T1105 - Ingress Tool Transfer
  • T1040 - Network Sniffing
  • T1585.001 - Social Media Accounts
  • T1102.001 - Dead Drop Resolver
  • T1591 - Gather Victim Org Information
  • T1016 - System Network Configuration Discovery
MITREへのリンク →

FIN13

Score: 0.59
Matched TTPs:
  • T1587.001 - Malware
  • T1090.001 - Internal Proxy
  • T1016.001 - Internet Connection Discovery
  • T1564.001 - Hidden Files and Directories
  • T1657 - Financial Theft
  • T1190 - Exploit Public-Facing Application
  • T1105 - Ingress Tool Transfer
  • T1590.004 - Network Topology
  • T1087 - Account Discovery
  • T1016 - System Network Configuration Discovery
MITREへのリンク →

HAFNIUM

Score: 0.57
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1583.005 - Botnet
  • T1564.001 - Hidden Files and Directories
  • T1190 - Exploit Public-Facing Application
  • T1105 - Ingress Tool Transfer
  • T1584.005 - Botnet
  • T1590.005 - IP Addresses
  • T1590 - Gather Victim Network Information
  • T1016 - System Network Configuration Discovery
MITREへのリンク →

Magic Hound

Score: 0.57
Matched TTPs:
  • T1592.002 - Software
  • T1016.001 - Internet Connection Discovery
  • T1190 - Exploit Public-Facing Application
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
  • T1585.001 - Social Media Accounts
  • T1590.005 - IP Addresses
  • T1591.001 - Determine Physical Locations
  • T1016 - System Network Configuration Discovery
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る