Trusted Design

DynoWiper update: Technical analysis

概要

ESET researchers provide technical details on a recent data destruction incident affecting a Polish energy company. They identified new data-wiping malware named DynoWiper, attributed to the Russia-aligned threat group Sandworm with medium confidence. The tactics, techniques, and procedures observed during the DynoWiper incident resemble those seen earlier in an incident involving the ZOV wiper in Ukraine. Sandworm has a history of destructive cyberattacks, targeting various entities including energy providers. The DynoWiper samples focus on the IT environment, with no observed functionality targeting OT industrial components. The attackers deployed additional tools and attempted to use a SOCKS5 proxy. The incident represents a rare case of a Russia-aligned threat actor deploying destructive malware against an energy company in Poland.

Created: 2026-03-01

Indicators

類似Pulses

類似するPulseは見つかりませんでした。

このPulseに関連する脅威アクター (事実ベース)

Contagious Interview

Score: 51.53
Matched TTPs:
  • T1588.007 - Artificial Intelligence
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1589 - Gather Victim Identity Information
  • T1681 - Search Threat Vendor Data
  • T1593.003 - Code Repositories
  • T1090 - Proxy
  • T1204.005 - Malicious Library
  • T1583.003 - Virtual Private Server
  • T1083 - File and Directory Discovery
  • T1497 - Virtualization/Sandbox Evasion
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1656 - Impersonation
  • T1059.003 - Windows Command Shell
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Ember Bear

Score: 35.41
Matched TTPs:
  • T1491.002 - External Defacement
  • T1003.002 - Security Account Manager
  • T1195 - Supply Chain Compromise
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1595.002 - Vulnerability Scanning
  • T1505.003 - Web Shell
  • T1583.003 - Virtual Private Server
  • T1090.003 - Multi-hop Proxy
  • T1562.001 - Disable or Modify Tools
  • T1203 - Exploitation for Client Execution
  • T1595.001 - Scanning IP Blocks
  • T1588.005 - Exploits
MITREへのリンク →

Sandworm Team

Score: 56.66
Matched TTPs:
  • T1491.002 - External Defacement
  • T1587.001 - Malware
  • T1213.006 - Databases
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1595.002 - Vulnerability Scanning
  • T1505.003 - Web Shell
  • T1589.002 - Email Addresses
  • T1591.002 - Business Relationships
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1584.005 - Botnet
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1592.002 - Software
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1499 - Endpoint Denial of Service
MITREへのリンク →

Inception

Score: 13.07
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1588.002 - Tool
  • T1090.003 - Multi-hop Proxy
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

Dark Caracal

Score: 6.37
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1083 - File and Directory Discovery
  • T1059.003 - Windows Command Shell
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Elderwood

Score: 3.09
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Darkhotel

Score: 12.55
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1497 - Virtualization/Sandbox Evasion
  • T1203 - Exploitation for Client Execution
  • T1518.001 - Security Software Discovery
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Transparent Tribe

Score: 3.09
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT28

Score: 37.93
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1598.003 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1595.002 - Vulnerability Scanning
  • T1505.003 - Web Shell
  • T1090.002 - External Proxy
  • T1583.003 - Virtual Private Server
  • T1083 - File and Directory Discovery
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1588.002 - Tool
  • T1090.003 - Multi-hop Proxy
  • T1078 - Valid Accounts
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1059.003 - Windows Command Shell
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

APT18

Score: 5.27
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Leviathan

Score: 16.71
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1190 - Exploit Public-Facing Application
  • T1595.002 - Vulnerability Scanning
  • T1505.003 - Web Shell
  • T1534 - Internal Spearphishing
  • T1090.003 - Multi-hop Proxy
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Sidewinder

Score: 18.92
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1598.003 - Spearphishing Link
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1598.002 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1518.001 - Security Software Discovery
  • T1518 - Software Discovery
MITREへのリンク →

APT39

Score: 16.21
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1190 - Exploit Public-Facing Application
  • T1555 - Credentials from Password Stores
  • T1505.003 - Web Shell
  • T1090.002 - External Proxy
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

Lazarus Group

Score: 39.09
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1010 - Application Window Discovery
  • T1562.004 - Disable or Modify System Firewall
  • T1090.002 - External Proxy
  • T1589.002 - Email Addresses
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1059.003 - Windows Command Shell
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Saint Bear

Score: 19.23
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1608.001 - Upload Malware
  • T1589.002 - Email Addresses
  • T1497 - Virtualization/Sandbox Evasion
  • T1583.006 - Web Services
  • T1562.001 - Disable or Modify Tools
  • T1203 - Exploitation for Client Execution
  • T1656 - Impersonation
  • T1059.003 - Windows Command Shell
MITREへのリンク →

APT33

Score: 8.03
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1555 - Credentials from Password Stores
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

BITTER

Score: 8.00
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1608.001 - Upload Malware
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

TA505

Score: 9.51
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Higaisa

Score: 7.61
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1016 - System Network Configuration Discovery
  • T1036.004 - Masquerade Task or Service
  • T1203 - Exploitation for Client Execution
  • T1059.003 - Windows Command Shell
MITREへのリンク →

APT19

Score: 3.91
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1016 - System Network Configuration Discovery
  • T1588.002 - Tool
MITREへのリンク →

Fox Kitten

Score: 20.07
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1190 - Exploit Public-Facing Application
  • T1505.003 - Web Shell
  • T1546.008 - Accessibility Features
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1078 - Valid Accounts
  • T1059.003 - Windows Command Shell
  • T1213.005 - Messaging Applications
MITREへのリンク →

Threat Group-3390

Score: 19.72
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1003.002 - Security Account Manager
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1608.002 - Upload Tool
  • T1505.003 - Web Shell
  • T1016 - System Network Configuration Discovery
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
  • T1059.003 - Windows Command Shell
MITREへのリンク →

TA2541

Score: 12.46
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1608.001 - Upload Malware
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1518.001 - Security Software Discovery
MITREへのリンク →

Malteiro

Score: 8.68
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1555 - Credentials from Password Stores
  • T1657 - Financial Theft
  • T1518.001 - Security Software Discovery
MITREへのリンク →

Magic Hound

Score: 46.13
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1598.003 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1589 - Gather Victim Identity Information
  • T1562.004 - Disable or Modify System Firewall
  • T1595.002 - Vulnerability Scanning
  • T1505.003 - Web Shell
  • T1589.002 - Email Addresses
  • T1016 - System Network Configuration Discovery
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1592.002 - Software
  • T1102.002 - Bidirectional Communication
  • T1059.003 - Windows Command Shell
  • T1591.001 - Determine Physical Locations
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Storm-1811

Score: 18.02
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1036 - Masquerading
  • T1585.003 - Cloud Accounts
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
  • T1656 - Impersonation
  • T1059.003 - Windows Command Shell
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Blue Mockingbird

Score: 11.75
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1190 - Exploit Public-Facing Application
  • T1090 - Proxy
  • T1588.002 - Tool
  • T1059.003 - Windows Command Shell
  • T1574.012 - COR_PROFILER
MITREへのリンク →

Tropic Trooper

Score: 13.22
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1505.003 - Web Shell
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1203 - Exploitation for Client Execution
  • T1518.001 - Security Software Discovery
  • T1059.003 - Windows Command Shell
  • T1518 - Software Discovery
MITREへのリンク →

menuPass

Score: 16.59
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1090.002 - External Proxy
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Moses Staff

Score: 11.58
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1505.003 - Web Shell
  • T1016 - System Network Configuration Discovery
  • T1588.002 - Tool
MITREへのリンク →

TeamTNT

Score: 31.39
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1007 - System Service Discovery
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1562.004 - Disable or Modify System Firewall
  • T1595.002 - Vulnerability Scanning
  • T1610 - Deploy Container
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1518.001 - Security Software Discovery
  • T1059.003 - Windows Command Shell
  • T1595.001 - Scanning IP Blocks
MITREへのリンク →

Metador

Score: 3.40
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1588.002 - Tool
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Putter Panda

Score: 3.39
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

OilRig

Score: 37.86
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1007 - System Service Discovery
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1555 - Credentials from Password Stores
  • T1036 - Masquerading
  • T1562.004 - Disable or Modify System Firewall
  • T1505.003 - Web Shell
  • T1016 - System Network Configuration Discovery
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
  • T1137.004 - Outlook Home Page
  • T1059.003 - Windows Command Shell
  • T1555.004 - Windows Credential Manager
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT32

Score: 27.94
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1589 - Gather Victim Identity Information
  • T1505.003 - Web Shell
  • T1589.002 - Email Addresses
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Moonstone Sleet

Score: 22.79
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1589.002 - Email Addresses
  • T1016 - System Network Configuration Discovery
  • T1583.003 - Virtual Private Server
  • T1591 - Gather Victim Org Information
  • T1486 - Data Encrypted for Impact
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT41

Score: 46.15
Matched TTPs:
  • T1568.002 - Domain Generation Algorithms
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1555 - Credentials from Password Stores
  • T1595.002 - Vulnerability Scanning
  • T1016 - System Network Configuration Discovery
  • T1546.008 - Accessibility Features
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1203 - Exploitation for Client Execution
  • T1595.003 - Wordlist Scanning
  • T1656 - Impersonation
  • T1213.003 - Code Repositories
  • T1059.003 - Windows Command Shell
  • T1596.005 - Scan Databases
MITREへのリンク →

TA551

Score: 12.14
Matched TTPs:
  • T1568.002 - Domain Generation Algorithms
  • T1036 - Masquerading
  • T1589.002 - Email Addresses
  • T1218.005 - Mshta
  • T1059.003 - Windows Command Shell
MITREへのリンク →

GALLIUM

Score: 13.27
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1505.003 - Web Shell
  • T1090.002 - External Proxy
  • T1016 - System Network Configuration Discovery
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1059.003 - Windows Command Shell
MITREへのリンク →

APT29

Score: 34.47
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1595.002 - Vulnerability Scanning
  • T1505.003 - Web Shell
  • T1090.002 - External Proxy
  • T1546.008 - Accessibility Features
  • T1649 - Steal or Forge Authentication Certificates
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1090.003 - Multi-hop Proxy
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

FIN13

Score: 22.23
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1589 - Gather Victim Identity Information
  • T1505.003 - Web Shell
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Dragonfly

Score: 34.83
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1598.003 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1595.002 - Vulnerability Scanning
  • T1505.003 - Web Shell
  • T1591.002 - Business Relationships
  • T1016 - System Network Configuration Discovery
  • T1583.003 - Virtual Private Server
  • T1083 - File and Directory Discovery
  • T1598.002 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1187 - Forced Authentication
  • T1203 - Exploitation for Client Execution
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Ke3chang

Score: 18.52
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1583.005 - Botnet
  • T1007 - System Service Discovery
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Agrius

Score: 10.77
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1505.003 - Web Shell
  • T1562.001 - Disable or Modify Tools
  • T1059.003 - Windows Command Shell
MITREへのリンク →

APT5

Score: 11.93
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1505.003 - Web Shell
  • T1083 - File and Directory Discovery
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Wizard Spider

Score: 21.24
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1518.002 - Backup Software Discovery
  • T1016 - System Network Configuration Discovery
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1518.001 - Security Software Discovery
  • T1059.003 - Windows Command Shell
  • T1555.004 - Windows Credential Manager
MITREへのリンク →

Sea Turtle

Score: 20.61
Matched TTPs:
  • T1583.002 - DNS Server
  • T1213.006 - Databases
  • T1190 - Exploit Public-Facing Application
  • T1505.003 - Web Shell
  • T1583.003 - Virtual Private Server
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Axiom

Score: 17.66
Matched TTPs:
  • T1583.002 - DNS Server
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1583.003 - Virtual Private Server
  • T1584.005 - Botnet
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

HEXANE

Score: 28.87
Matched TTPs:
  • T1583.002 - DNS Server
  • T1608.001 - Upload Malware
  • T1555 - Credentials from Password Stores
  • T1010 - Application Window Discovery
  • T1589 - Gather Victim Identity Information
  • T1589.002 - Email Addresses
  • T1016 - System Network Configuration Discovery
  • T1534 - Internal Spearphishing
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1518 - Software Discovery
MITREへのリンク →

Kimsuky

Score: 50.86
Matched TTPs:
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1007 - System Service Discovery
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1505.003 - Web Shell
  • T1589.002 - Email Addresses
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1218.005 - Mshta
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1534 - Internal Spearphishing
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1102.002 - Bidirectional Communication
  • T1656 - Impersonation
  • T1518.001 - Security Software Discovery
  • T1059.003 - Windows Command Shell
  • T1588.005 - Exploits
MITREへのリンク →

Indrik Spider

Score: 11.14
Matched TTPs:
  • T1587.001 - Malware
  • T1007 - System Service Discovery
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1059.003 - Windows Command Shell
MITREへのリンク →

UNC3886

Score: 19.10
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1681 - Search Threat Vendor Data
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
  • T1059.003 - Windows Command Shell
MITREへのリンク →

LuminousMoth

Score: 10.06
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1083 - File and Directory Discovery
  • T1608.005 - Link Target
  • T1588.002 - Tool
MITREへのリンク →

Salt Typhoon

Score: 11.29
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1602.002 - Network Device Configuration Dump
  • T1562.004 - Disable or Modify System Firewall
  • T1588.002 - Tool
MITREへのリンク →

Play

Score: 15.78
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1518.001 - Security Software Discovery
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Aoqin Dragon

Score: 7.92
Matched TTPs:
  • T1587.001 - Malware
  • T1036 - Masquerading
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

RedCurl

Score: 4.35
Matched TTPs:
  • T1587.001 - Malware
  • T1083 - File and Directory Discovery
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Turla

Score: 30.50
Matched TTPs:
  • T1587.001 - Malware
  • T1213.006 - Databases
  • T1007 - System Service Discovery
  • T1016 - System Network Configuration Discovery
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1584.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1518.001 - Security Software Discovery
  • T1059.003 - Windows Command Shell
  • T1555.004 - Windows Credential Manager
MITREへのリンク →

Mustang Panda

Score: 26.00
Matched TTPs:
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1505.003 - Web Shell
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1608 - Stage Capabilities
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1059.003 - Windows Command Shell
  • T1518 - Software Discovery
MITREへのリンク →

FIN7

Score: 29.42
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1036.004 - Masquerade Task or Service
  • T1218.005 - Mshta
  • T1608.005 - Link Target
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1102.002 - Bidirectional Communication
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Medusa Group

Score: 33.56
Matched TTPs:
  • T1652 - Device Driver Discovery
  • T1190 - Exploit Public-Facing Application
  • T1608.002 - Upload Tool
  • T1562.004 - Disable or Modify System Firewall
  • T1505.003 - Web Shell
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1090.003 - Multi-hop Proxy
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1518.001 - Security Software Discovery
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Scattered Spider

Score: 51.22
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1598.003 - Spearphishing Link
  • T1070.008 - Clear Mailbox Data
  • T1589 - Gather Victim Identity Information
  • T1598.004 - Spearphishing Voice
  • T1016 - System Network Configuration Discovery
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1656 - Impersonation
  • T1556.009 - Conditional Access Policies
  • T1213.003 - Code Repositories
  • T1538 - Cloud Service Dashboard
  • T1213.005 - Messaging Applications
MITREへのリンク →

Storm-0501

Score: 18.59
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1190 - Exploit Public-Facing Application
  • T1036.004 - Masquerade Task or Service
  • T1657 - Financial Theft
  • T1486 - Data Encrypted for Impact
  • T1518.001 - Security Software Discovery
  • T1556.009 - Conditional Access Policies
MITREへのリンク →

FIN6

Score: 15.93
Matched TTPs:
  • T1213.006 - Databases
  • T1555 - Credentials from Password Stores
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1059.003 - Windows Command Shell
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Silent Librarian

Score: 11.10
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1589.002 - Email Addresses
  • T1608.005 - Link Target
  • T1588.002 - Tool
  • T1078 - Valid Accounts
MITREへのリンク →

ZIRCONIUM

Score: 16.32
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1036 - Masquerading
  • T1016 - System Network Configuration Discovery
  • T1036.004 - Masquerade Task or Service
  • T1583.006 - Web Services
  • T1090.003 - Multi-hop Proxy
  • T1102.002 - Bidirectional Communication
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Star Blizzard

Score: 13.26
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1589 - Gather Victim Identity Information
  • T1598.002 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1078 - Valid Accounts
MITREへのリンク →

CURIUM

Score: 12.89
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1505.003 - Web Shell
  • T1583.003 - Virtual Private Server
  • T1584.006 - Web Services
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Patchwork

Score: 8.95
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1518.001 - Security Software Discovery
  • T1059.003 - Windows Command Shell
MITREへのリンク →

HAFNIUM

Score: 29.87
Matched TTPs:
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1505.003 - Web Shell
  • T1589.002 - Email Addresses
  • T1016 - System Network Configuration Discovery
  • T1593.003 - Code Repositories
  • T1592.004 - Client Configurations
  • T1583.003 - Virtual Private Server
  • T1083 - File and Directory Discovery
  • T1584.005 - Botnet
  • T1583.006 - Web Services
  • T1059.003 - Windows Command Shell
MITREへのリンク →

BRONZE BUTLER

Score: 13.85
Matched TTPs:
  • T1007 - System Service Discovery
  • T1036 - Masquerading
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1203 - Exploitation for Client Execution
  • T1059.003 - Windows Command Shell
  • T1518 - Software Discovery
MITREへのリンク →

Aquatic Panda

Score: 12.71
Matched TTPs:
  • T1007 - System Service Discovery
  • T1595.002 - Vulnerability Scanning
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1518.001 - Security Software Discovery
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Chimera

Score: 13.06
Matched TTPs:
  • T1007 - System Service Discovery
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1059.003 - Windows Command Shell
  • T1556.001 - Domain Controller Authentication
MITREへのリンク →

Earth Lusca

Score: 21.19
Matched TTPs:
  • T1007 - System Service Discovery
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1595.002 - Vulnerability Scanning
  • T1016 - System Network Configuration Discovery
  • T1090 - Proxy
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1584.006 - Web Services
MITREへのリンク →

Volt Typhoon

Score: 47.13
Matched TTPs:
  • T1007 - System Service Discovery
  • T1190 - Exploit Public-Facing Application
  • T1555 - Credentials from Password Stores
  • T1010 - Application Window Discovery
  • T1589 - Gather Victim Identity Information
  • T1505.003 - Web Shell
  • T1589.002 - Email Addresses
  • T1590.006 - Network Security Appliances
  • T1016 - System Network Configuration Discovery
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1584.005 - Botnet
  • T1591 - Gather Victim Org Information
  • T1588.002 - Tool
  • T1090.003 - Multi-hop Proxy
  • T1078 - Valid Accounts
  • T1059.003 - Windows Command Shell
  • T1518 - Software Discovery
  • T1596.005 - Scan Databases
MITREへのリンク →

admin@338

Score: 7.74
Matched TTPs:
  • T1007 - System Service Discovery
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1203 - Exploitation for Client Execution
  • T1059.003 - Windows Command Shell
MITREへのリンク →

APT1

Score: 5.80
Matched TTPs:
  • T1007 - System Service Discovery
  • T1016 - System Network Configuration Discovery
  • T1588.002 - Tool
  • T1059.003 - Windows Command Shell
MITREへのリンク →

LazyScripter

Score: 9.47
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Gamaredon Group

Score: 30.38
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1090 - Proxy
  • T1583.003 - Virtual Private Server
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1534 - Internal Spearphishing
  • T1588.002 - Tool
  • T1090.003 - Multi-hop Proxy
  • T1562.001 - Disable or Modify Tools
  • T1102.002 - Bidirectional Communication
  • T1027.004 - Compile After Delivery
  • T1518.001 - Security Software Discovery
  • T1059.003 - Windows Command Shell
MITREへのリンク →

SideCopy

Score: 14.05
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1218.005 - Mshta
  • T1598.002 - Spearphishing Attachment
  • T1518.001 - Security Software Discovery
  • T1518 - Software Discovery
MITREへのリンク →

BlackByte

Score: 19.96
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1505.003 - Web Shell
  • T1016 - System Network Configuration Discovery
  • T1583.003 - Virtual Private Server
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1518.001 - Security Software Discovery
  • T1059.003 - Windows Command Shell
MITREへのリンク →

EXOTIC LILY

Score: 8.51
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1589.002 - Email Addresses
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT42

Score: 15.88
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1070.008 - Clear Mailbox Data
  • T1016 - System Network Configuration Discovery
  • T1583.003 - Virtual Private Server
  • T1588.002 - Tool
  • T1656 - Impersonation
  • T1518.001 - Security Software Discovery
MITREへのリンク →

Rocke

Score: 11.13
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1562.001 - Disable or Modify Tools
  • T1027.004 - Compile After Delivery
  • T1518.001 - Security Software Discovery
MITREへのリンク →

BackdoorDiplomacy

Score: 6.18
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1505.003 - Web Shell
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
MITREへのリンク →

BlackTech

Score: 3.81
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Cinnamon Tempest

Score: 9.56
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1090 - Proxy
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1059.003 - Windows Command Shell
MITREへのリンク →

ToddyCat

Score: 10.49
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1518.001 - Security Software Discovery
  • T1059.003 - Windows Command Shell
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Winter Vivern

Score: 16.74
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1595.002 - Vulnerability Scanning
  • T1583.003 - Virtual Private Server
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1584.006 - Web Services
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Volatile Cedar

Score: 9.96
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1595.002 - Vulnerability Scanning
  • T1505.003 - Web Shell
  • T1595.003 - Wordlist Scanning
MITREへのリンク →

INC Ransom

Score: 11.36
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1059.003 - Windows Command Shell
MITREへのリンク →

MuddyWater

Score: 29.76
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1555 - Credentials from Password Stores
  • T1090.002 - External Proxy
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1027.004 - Compile After Delivery
  • T1518.001 - Security Software Discovery
  • T1059.003 - Windows Command Shell
  • T1518 - Software Discovery
MITREへのリンク →

Akira

Score: 12.62
Matched TTPs:
  • T1558 - Steal or Forge Kerberos Tickets
  • T1657 - Financial Theft
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Leafminer

Score: 4.81
Matched TTPs:
  • T1555 - Credentials from Password Stores
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
MITREへのリンク →

Stealth Falcon

Score: 7.76
Matched TTPs:
  • T1555 - Credentials from Password Stores
  • T1016 - System Network Configuration Discovery
  • T1555.004 - Windows Credential Manager
MITREへのリンク →

Nomadic Octopus

Score: 3.14
Matched TTPs:
  • T1036 - Masquerading
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Windshift

Score: 9.35
Matched TTPs:
  • T1036 - Masquerading
  • T1518.001 - Security Software Discovery
  • T1518 - Software Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

MoustachedBouncer

Score: 6.88
Matched TTPs:
  • T1659 - Content Injection
  • T1090 - Proxy
MITREへのリンク →

LAPSUS$

Score: 35.13
Matched TTPs:
  • T1589 - Gather Victim Identity Information
  • T1589.002 - Email Addresses
  • T1598.004 - Spearphishing Voice
  • T1591.002 - Business Relationships
  • T1593.003 - Code Repositories
  • T1090 - Proxy
  • T1583.003 - Virtual Private Server
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1656 - Impersonation
  • T1213.003 - Code Repositories
  • T1213.005 - Messaging Applications
MITREへのリンク →

Carbanak

Score: 9.11
Matched TTPs:
  • T1562.004 - Disable or Modify System Firewall
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

APT38

Score: 20.12
Matched TTPs:
  • T1562.004 - Disable or Modify System Firewall
  • T1505.003 - Web Shell
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1518.001 - Security Software Discovery
  • T1565.002 - Transmitted Data Manipulation
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Velvet Ant

Score: 9.57
Matched TTPs:
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

Deep Panda

Score: 5.05
Matched TTPs:
  • T1505.003 - Web Shell
  • T1546.008 - Accessibility Features
MITREへのリンク →

Tonto Team

Score: 6.01
Matched TTPs:
  • T1505.003 - Web Shell
  • T1090.002 - External Proxy
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

FIN5

Score: 5.02
Matched TTPs:
  • T1090.002 - External Proxy
  • T1588.002 - Tool
  • T1078 - Valid Accounts
MITREへのリンク →

APT3

Score: 11.25
Matched TTPs:
  • T1090.002 - External Proxy
  • T1016 - System Network Configuration Discovery
  • T1546.008 - Accessibility Features
  • T1083 - File and Directory Discovery
  • T1203 - Exploitation for Client Execution
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Silence

Score: 5.97
Matched TTPs:
  • T1090.002 - External Proxy
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Lotus Blossom

Score: 6.36
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1090.003 - Multi-hop Proxy
MITREへのリンク →

Naikon

Score: 5.46
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1036.004 - Masquerade Task or Service
  • T1518.001 - Security Software Discovery
MITREへのリンク →

CopyKittens

Score: 3.19
Matched TTPs:
  • T1090 - Proxy
  • T1588.002 - Tool
MITREへのリンク →

Windigo

Score: 6.39
Matched TTPs:
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1518 - Software Discovery
MITREへのリンク →

POLONIUM

Score: 9.02
Matched TTPs:
  • T1090 - Proxy
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

Equation

Score: 4.54
Matched TTPs:
  • T1542.002 - Component Firmware
MITREへのリンク →

Confucius

Score: 7.15
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Water Galura

Score: 4.86
Matched TTPs:
  • T1657 - Financial Theft
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

FIN8

Score: 7.47
Matched TTPs:
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1518.001 - Security Software Discovery
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Cobalt Group

Score: 5.20
Matched TTPs:
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1518.001 - Security Software Discovery
  • T1059.003 - Windows Command Shell
MITREへのリンク →

FIN10

Score: 3.23
Matched TTPs:
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Gorgon Group

Score: 3.60
Matched TTPs:
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1059.003 - Windows Command Shell
MITREへのリンク →

DarkHydrus

Score: 4.98
Matched TTPs:
  • T1588.002 - Tool
  • T1187 - Forced Authentication
MITREへのリンク →

FIN4

Score: 4.17
Matched TTPs:
  • T1090.003 - Multi-hop Proxy
  • T1078 - Valid Accounts
MITREへのリンク →

Andariel

Score: 5.34
Matched TTPs:
  • T1592.002 - Software
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT37

Score: 4.85
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1059.003 - Windows Command Shell
MITREへのリンク →

APT12

Score: 3.89
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

The White Company

Score: 3.39
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1518.001 - Security Software Discovery
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Sandworm Team

Score: 0.70
Matched TTPs:
  • T1591.002 - Business Relationships
  • T1598.003 - Spearphishing Link
  • T1203 - Exploitation for Client Execution
  • T1090 - Proxy
  • T1036 - Masquerading
  • T1505.003 - Web Shell
  • T1102.002 - Bidirectional Communication
  • T1589.002 - Email Addresses
  • T1486 - Data Encrypted for Impact
  • T1083 - File and Directory Discovery
  • T1584.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1195 - Supply Chain Compromise
  • T1499 - Endpoint Denial of Service
  • T1592.002 - Software
  • T1608.001 - Upload Malware
  • T1213.006 - Databases
  • T1587.001 - Malware
  • T1491.002 - External Defacement
  • T1595.002 - Vulnerability Scanning
MITREへのリンク →

Contagious Interview

Score: 0.64
Matched TTPs:
  • T1656 - Impersonation
  • T1059.003 - Windows Command Shell
  • T1589 - Gather Victim Identity Information
  • T1090 - Proxy
  • T1036 - Masquerading
  • T1657 - Financial Theft
  • T1566.003 - Spearphishing via Service
  • T1204.005 - Malicious Library
  • T1497 - Virtualization/Sandbox Evasion
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1583.003 - Virtual Private Server
  • T1027.013 - Encrypted/Encoded File
  • T1562.001 - Disable or Modify Tools
  • T1593.003 - Code Repositories
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1587.001 - Malware
  • T1681 - Search Threat Vendor Data
  • T1588.007 - Artificial Intelligence
MITREへのリンク →

Scattered Spider

Score: 0.63
Matched TTPs:
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1598.004 - Spearphishing Voice
  • T1213.003 - Code Repositories
  • T1656 - Impersonation
  • T1598.003 - Spearphishing Link
  • T1016 - System Network Configuration Discovery
  • T1486 - Data Encrypted for Impact
  • T1556.009 - Conditional Access Policies
  • T1562.001 - Disable or Modify Tools
  • T1213.005 - Messaging Applications
  • T1484.002 - Trust Modification
  • T1538 - Cloud Service Dashboard
  • T1589 - Gather Victim Identity Information
  • T1070.008 - Clear Mailbox Data
  • T1083 - File and Directory Discovery
  • T1090 - Proxy
  • T1657 - Financial Theft
MITREへのリンク →

Kimsuky

Score: 0.63
Matched TTPs:
  • T1656 - Impersonation
  • T1059.003 - Windows Command Shell
  • T1598.003 - Spearphishing Link
  • T1588.005 - Exploits
  • T1657 - Financial Theft
  • T1505.003 - Web Shell
  • T1102.002 - Bidirectional Communication
  • T1218.005 - Mshta
  • T1591 - Gather Victim Org Information
  • T1589.002 - Email Addresses
  • T1534 - Internal Spearphishing
  • T1083 - File and Directory Discovery
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1518.001 - Security Software Discovery
  • T1016 - System Network Configuration Discovery
  • T1562.001 - Disable or Modify Tools
  • T1036.004 - Masquerade Task or Service
  • T1608.001 - Upload Malware
  • T1007 - System Service Discovery
  • T1562.004 - Disable or Modify System Firewall
  • T1583.006 - Web Services
  • T1587.001 - Malware
MITREへのリンク →

Volt Typhoon

Score: 0.58
Matched TTPs:
  • T1518 - Software Discovery
  • T1059.003 - Windows Command Shell
  • T1589 - Gather Victim Identity Information
  • T1090.003 - Multi-hop Proxy
  • T1090 - Proxy
  • T1505.003 - Web Shell
  • T1591 - Gather Victim Org Information
  • T1596.005 - Scan Databases
  • T1589.002 - Email Addresses
  • T1555 - Credentials from Password Stores
  • T1083 - File and Directory Discovery
  • T1584.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1016 - System Network Configuration Discovery
  • T1590.006 - Network Security Appliances
  • T1007 - System Service Discovery
  • T1010 - Application Window Discovery
MITREへのリンク →

APT41

Score: 0.57
Matched TTPs:
  • T1656 - Impersonation
  • T1003.002 - Security Account Manager
  • T1059.003 - Windows Command Shell
  • T1546.008 - Accessibility Features
  • T1203 - Exploitation for Client Execution
  • T1090 - Proxy
  • T1596.005 - Scan Databases
  • T1486 - Data Encrypted for Impact
  • T1555 - Credentials from Password Stores
  • T1083 - File and Directory Discovery
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1016 - System Network Configuration Discovery
  • T1036.004 - Masquerade Task or Service
  • T1568.002 - Domain Generation Algorithms
  • T1213.003 - Code Repositories
  • T1595.003 - Wordlist Scanning
  • T1595.002 - Vulnerability Scanning
MITREへのリンク →

Magic Hound

Score: 0.57
Matched TTPs:
  • T1059.003 - Windows Command Shell
  • T1598.003 - Spearphishing Link
  • T1591.001 - Determine Physical Locations
  • T1589 - Gather Victim Identity Information
  • T1090 - Proxy
  • T1505.003 - Web Shell
  • T1102.002 - Bidirectional Communication
  • T1589.002 - Email Addresses
  • T1486 - Data Encrypted for Impact
  • T1566.003 - Spearphishing via Service
  • T1083 - File and Directory Discovery
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1016 - System Network Configuration Discovery
  • T1027.013 - Encrypted/Encoded File
  • T1562.001 - Disable or Modify Tools
  • T1036.004 - Masquerade Task or Service
  • T1592.002 - Software
  • T1562.004 - Disable or Modify System Firewall
  • T1583.006 - Web Services
  • T1595.002 - Vulnerability Scanning
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る