Pulse Detail-

Contagious Interview

Score: 51.53

Matched TTPs:

T1044 - File System Permissions Weakness
T1491.002 - External Defacement
T1606.002 - SAML Tokens
T1091 - Replication Through Removable Media
T1558 - Steal or Forge Kerberos Tickets
T1547.005 - Security Support Provider
T1021.006 - Windows Remote Management
T1218.008 - Odbcconf
T1045 - Software Packing
T1016 - System Network Configuration Discovery
T1175 - Component Object Model and Distributed COM
T1219.001 - IDE Tunneling
T1064 - Scripting
T1552.003 - Shell History
T1608.005 - Link Target
T1199 - Trusted Relationship
T1597 - Search Closed Sources
T1030 - Data Transfer Size Limits
T1591.004 - Identify Roles
T1547.008 - LSASS Driver

MITREへのリンク →

Ember Bear

Score: 35.41

Matched TTPs:

T1564.008 - Email Hiding Rules
T1584.008 - Network Devices
T1005 - Data from Local System
T1140 - Deobfuscate/Decode Files or Information
T1558 - Steal or Forge Kerberos Tickets
T1562.004 - Disable or Modify System Firewall
T1555.003 - Credentials from Web Browsers
T1175 - Component Object Model and Distributed COM
T1056.002 - GUI Input Capture
T1597 - Search Closed Sources
T1218.010 - Regsvr32
T1519 - Emond
T1003.003 - NTDS

MITREへのリンク →

Sandworm Team

Score: 56.66

Matched TTPs:

T1564.008 - Email Hiding Rules
T1606.002 - SAML Tokens
T1063 - Security Software Discovery
T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1005 - Data from Local System
T1140 - Deobfuscate/Decode Files or Information
T1558 - Steal or Forge Kerberos Tickets
T1562.004 - Disable or Modify System Firewall
T1555.003 - Credentials from Web Browsers
T1134.002 - Create Process with Token
T1193 - Spearphishing Attachment
T1045 - Software Packing
T1219.001 - IDE Tunneling
T1049 - System Network Connections Discovery
T1199 - Trusted Relationship
T1157 - Dylib Hijacking
T1027 - Obfuscated Files or Information
T1187 - Forced Authentication
T1547.002 - Authentication Package
T1218.010 - Regsvr32
T1075 - Pass the Hash

MITREへのリンク →

Inception

Score: 13.07

Matched TTPs:

T1491.002 - External Defacement
T1219.001 - IDE Tunneling
T1218.012 - Verclsid
T1199 - Trusted Relationship
T1056.002 - GUI Input Capture
T1218.010 - Regsvr32
T1159 - Launch Agent

MITREへのリンク →

Dark Caracal

Score: 6.37

Matched TTPs:

T1491.002 - External Defacement
T1219.001 - IDE Tunneling
T1591.004 - Identify Roles
T1547.008 - LSASS Driver

MITREへのリンク →

Elderwood

Score: 3.09

Matched TTPs:

T1491.002 - External Defacement
T1218.010 - Regsvr32

MITREへのリンク →

Darkhotel

Score: 12.55

Matched TTPs:

T1491.002 - External Defacement
T1590.006 - Network Security Appliances
T1219.001 - IDE Tunneling
T1064 - Scripting
T1218.010 - Regsvr32
T1506 - Web Session Cookie
T1591.004 - Identify Roles

MITREへのリンク →

Transparent Tribe

Score: 3.09

Matched TTPs:

T1491.002 - External Defacement
T1218.010 - Regsvr32

MITREへのリンク →

APT28

Score: 37.93

Matched TTPs:

T1491.002 - External Defacement
T1566.002 - Spearphishing Link
T1140 - Deobfuscate/Decode Files or Information
T1558 - Steal or Forge Kerberos Tickets
T1562.004 - Disable or Modify System Firewall
T1555.003 - Credentials from Web Browsers
T1547.011 - Plist Modification
T1175 - Component Object Model and Distributed COM
T1219.001 - IDE Tunneling
T1608.005 - Link Target
T1057 - Process Discovery
T1199 - Trusted Relationship
T1056.002 - GUI Input Capture
T1157 - Dylib Hijacking
T1547.002 - Authentication Package
T1218.010 - Regsvr32
T1591.004 - Identify Roles
T1566.003 - Spearphishing via Service

MITREへのリンク →

APT18

Score: 5.27

Matched TTPs:

T1491.002 - External Defacement
T1219.001 - IDE Tunneling
T1157 - Dylib Hijacking
T1591.004 - Identify Roles

MITREへのリンク →

Leviathan

Score: 16.71

Matched TTPs:

T1491.002 - External Defacement
T1140 - Deobfuscate/Decode Files or Information
T1562.004 - Disable or Modify System Firewall
T1555.003 - Credentials from Web Browsers
T1055.014 - VDSO Hijacking
T1056.002 - GUI Input Capture
T1157 - Dylib Hijacking
T1218.010 - Regsvr32

MITREへのリンク →

Sidewinder

Score: 18.92

Matched TTPs:

T1491.002 - External Defacement
T1566.002 - Spearphishing Link
T1590.006 - Network Security Appliances
T1219.001 - IDE Tunneling
T1218.012 - Verclsid
T1657 - Financial Theft
T1218.010 - Regsvr32
T1506 - Web Session Cookie
T1159 - Launch Agent

MITREへのリンク →

APT39

Score: 16.21

Matched TTPs:

T1491.002 - External Defacement
T1140 - Deobfuscate/Decode Files or Information
T1562 - Impair Defenses
T1555.003 - Credentials from Web Browsers
T1547.011 - Plist Modification
T1219.001 - IDE Tunneling
T1199 - Trusted Relationship
T1157 - Dylib Hijacking
T1547.002 - Authentication Package

MITREへのリンク →

Lazarus Group

Score: 39.09

Matched TTPs:

T1491.002 - External Defacement
T1606.002 - SAML Tokens
T1070.006 - Timestomp
T1009 - Binary Padding
T1547.011 - Plist Modification
T1134.002 - Create Process with Token
T1590.006 - Network Security Appliances
T1219.001 - IDE Tunneling
T1588.001 - Malware
T1218.012 - Verclsid
T1608.005 - Link Target
T1057 - Process Discovery
T1199 - Trusted Relationship
T1597 - Search Closed Sources
T1157 - Dylib Hijacking
T1547.002 - Authentication Package
T1218.010 - Regsvr32
T1591.004 - Identify Roles
T1547.008 - LSASS Driver

MITREへのリンク →

Saint Bear

Score: 19.23

Matched TTPs:

T1491.002 - External Defacement
T1091 - Replication Through Removable Media
T1134.002 - Create Process with Token
T1064 - Scripting
T1608.005 - Link Target
T1597 - Search Closed Sources
T1218.010 - Regsvr32
T1030 - Data Transfer Size Limits
T1591.004 - Identify Roles

MITREへのリンク →

APT33

Score: 8.03

Matched TTPs:

T1491.002 - External Defacement
T1562 - Impair Defenses
T1199 - Trusted Relationship
T1157 - Dylib Hijacking
T1218.010 - Regsvr32

MITREへのリンク →

BITTER

Score: 8.00

Matched TTPs:

T1491.002 - External Defacement
T1091 - Replication Through Removable Media
T1588.001 - Malware
T1199 - Trusted Relationship
T1218.010 - Regsvr32

MITREへのリンク →

TA505

Score: 9.51

Matched TTPs:

T1491.002 - External Defacement
T1091 - Replication Through Removable Media
T1199 - Trusted Relationship
T1597 - Search Closed Sources
T1027 - Obfuscated Files or Information
T1591.004 - Identify Roles

MITREへのリンク →

Higaisa

Score: 7.61

Matched TTPs:

T1491.002 - External Defacement
T1590.006 - Network Security Appliances
T1588.001 - Malware
T1218.010 - Regsvr32
T1591.004 - Identify Roles

MITREへのリンク →

APT19

Score: 3.91

Matched TTPs:

T1491.002 - External Defacement
T1590.006 - Network Security Appliances
T1199 - Trusted Relationship

MITREへのリンク →

Fox Kitten

Score: 20.07

Matched TTPs:

T1491.002 - External Defacement
T1140 - Deobfuscate/Decode Files or Information
T1555.003 - Credentials from Web Browsers
T1177 - LSASS Driver
T1045 - Software Packing
T1219.001 - IDE Tunneling
T1588.001 - Malware
T1157 - Dylib Hijacking
T1591.004 - Identify Roles
T1588.005 - Exploits

MITREへのリンク →

Threat Group-3390

Score: 19.72

Matched TTPs:

T1491.002 - External Defacement
T1584.008 - Network Devices
T1091 - Replication Through Removable Media
T1140 - Deobfuscate/Decode Files or Information
T1218.003 - CMSTP
T1555.003 - Credentials from Web Browsers
T1590.006 - Network Security Appliances
T1199 - Trusted Relationship
T1157 - Dylib Hijacking
T1218.010 - Regsvr32
T1591.004 - Identify Roles

MITREへのリンク →

TA2541

Score: 12.46

Matched TTPs:

T1491.002 - External Defacement
T1091 - Replication Through Removable Media
T1218.012 - Verclsid
T1608.005 - Link Target
T1199 - Trusted Relationship
T1597 - Search Closed Sources
T1506 - Web Session Cookie

MITREへのリンク →

Malteiro

Score: 8.68

Matched TTPs:

T1491.002 - External Defacement
T1562 - Impair Defenses
T1552.003 - Shell History
T1506 - Web Session Cookie

MITREへのリンク →

Magic Hound

Score: 46.13

Matched TTPs:

T1491.002 - External Defacement
T1566.002 - Spearphishing Link
T1140 - Deobfuscate/Decode Files or Information
T1547.005 - Security Support Provider
T1009 - Binary Padding
T1562.004 - Disable or Modify System Firewall
T1555.003 - Credentials from Web Browsers
T1134.002 - Create Process with Token
T1590.006 - Network Security Appliances
T1045 - Software Packing
T1219.001 - IDE Tunneling
T1588.001 - Malware
T1608.005 - Link Target
T1199 - Trusted Relationship
T1597 - Search Closed Sources
T1027 - Obfuscated Files or Information
T1187 - Forced Authentication
T1547.002 - Authentication Package
T1591.004 - Identify Roles
T1098.002 - Additional Email Delegate Permissions
T1547.008 - LSASS Driver

MITREへのリンク →

Storm-1811

Score: 18.02

Matched TTPs:

T1491.002 - External Defacement
T1558 - Steal or Forge Kerberos Tickets
T1196 - Control Panel Items
T1199 - Trusted Relationship
T1027 - Obfuscated Files or Information
T1030 - Data Transfer Size Limits
T1591.004 - Identify Roles
T1547.008 - LSASS Driver

MITREへのリンク →

Blue Mockingbird

Score: 11.75

Matched TTPs:

T1491.002 - External Defacement
T1140 - Deobfuscate/Decode Files or Information
T1045 - Software Packing
T1199 - Trusted Relationship
T1591.004 - Identify Roles
T1001.001 - Junk Data

MITREへのリンク →

Tropic Trooper

Score: 13.22

Matched TTPs:

T1491.002 - External Defacement
T1555.003 - Credentials from Web Browsers
T1590.006 - Network Security Appliances
T1219.001 - IDE Tunneling
T1218.010 - Regsvr32
T1506 - Web Session Cookie
T1591.004 - Identify Roles
T1159 - Launch Agent

MITREへのリンク →

menuPass

Score: 16.59

Matched TTPs:

T1491.002 - External Defacement
T1584.008 - Network Devices
T1140 - Deobfuscate/Decode Files or Information
T1558 - Steal or Forge Kerberos Tickets
T1547.011 - Plist Modification
T1590.006 - Network Security Appliances
T1219.001 - IDE Tunneling
T1199 - Trusted Relationship
T1157 - Dylib Hijacking
T1591.004 - Identify Roles

MITREへのリンク →

Moses Staff

Score: 11.58

Matched TTPs:

T1491.002 - External Defacement
T1606.002 - SAML Tokens
T1140 - Deobfuscate/Decode Files or Information
T1009 - Binary Padding
T1555.003 - Credentials from Web Browsers
T1590.006 - Network Security Appliances
T1199 - Trusted Relationship

MITREへのリンク →

TeamTNT

Score: 31.39

Matched TTPs:

T1491.002 - External Defacement
T1606.002 - SAML Tokens
T1003.007 - Proc Filesystem
T1091 - Replication Through Removable Media
T1558 - Steal or Forge Kerberos Tickets
T1009 - Binary Padding
T1562.004 - Disable or Modify System Firewall
T1071.003 - Mail Protocols
T1590.006 - Network Security Appliances
T1219.001 - IDE Tunneling
T1597 - Search Closed Sources
T1506 - Web Session Cookie
T1591.004 - Identify Roles
T1519 - Emond

MITREへのリンク →

Metador

Score: 3.40

Matched TTPs:

T1491.002 - External Defacement
T1199 - Trusted Relationship
T1591.004 - Identify Roles

MITREへのリンク →

Putter Panda

Score: 3.39

Matched TTPs:

T1491.002 - External Defacement
T1597 - Search Closed Sources

MITREへのリンク →

OilRig

Score: 37.86

Matched TTPs:

T1491.002 - External Defacement
T1606.002 - SAML Tokens
T1003.007 - Proc Filesystem
T1091 - Replication Through Removable Media
T1005 - Data from Local System
T1562 - Impair Defenses
T1558 - Steal or Forge Kerberos Tickets
T1009 - Binary Padding
T1555.003 - Credentials from Web Browsers
T1590.006 - Network Security Appliances
T1199 - Trusted Relationship
T1157 - Dylib Hijacking
T1218.010 - Regsvr32
T1592.002 - Software
T1591.004 - Identify Roles
T1556.009 - Conditional Access Policies
T1547.008 - LSASS Driver

MITREへのリンク →

APT32

Score: 27.94

Matched TTPs:

T1491.002 - External Defacement
T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1558 - Steal or Forge Kerberos Tickets
T1547.005 - Security Support Provider
T1555.003 - Credentials from Web Browsers
T1134.002 - Create Process with Token
T1590.006 - Network Security Appliances
T1219.001 - IDE Tunneling
T1588.001 - Malware
T1218.012 - Verclsid
T1608.005 - Link Target
T1199 - Trusted Relationship
T1218.010 - Regsvr32
T1591.004 - Identify Roles

MITREへのリンク →

Moonstone Sleet

Score: 22.79

Matched TTPs:

T1491.002 - External Defacement
T1606.002 - SAML Tokens
T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1134.002 - Create Process with Token
T1590.006 - Network Security Appliances
T1175 - Component Object Model and Distributed COM
T1057 - Process Discovery
T1027 - Obfuscated Files or Information
T1547.008 - LSASS Driver

MITREへのリンク →

APT41

Score: 46.15

Matched TTPs:

T1539 - Steal Web Session Cookie
T1584.008 - Network Devices
T1140 - Deobfuscate/Decode Files or Information
T1562 - Impair Defenses
T1562.004 - Disable or Modify System Firewall
T1590.006 - Network Security Appliances
T1177 - LSASS Driver
T1045 - Software Packing
T1219.001 - IDE Tunneling
T1588.001 - Malware
T1199 - Trusted Relationship
T1157 - Dylib Hijacking
T1027 - Obfuscated Files or Information
T1218.010 - Regsvr32
T1002 - Data Compressed
T1030 - Data Transfer Size Limits
T1564.003 - Hidden Window
T1591.004 - Identify Roles
T1574.002 - DLL Side-Loading

MITREへのリンク →

TA551

Score: 12.14

Matched TTPs:

T1539 - Steal Web Session Cookie
T1558 - Steal or Forge Kerberos Tickets
T1134.002 - Create Process with Token
T1218.012 - Verclsid
T1591.004 - Identify Roles

MITREへのリンク →

GALLIUM

Score: 13.27

Matched TTPs:

T1584.008 - Network Devices
T1140 - Deobfuscate/Decode Files or Information
T1555.003 - Credentials from Web Browsers
T1547.011 - Plist Modification
T1590.006 - Network Security Appliances
T1199 - Trusted Relationship
T1157 - Dylib Hijacking
T1591.004 - Identify Roles

MITREへのリンク →

APT29

Score: 34.47

Matched TTPs:

T1584.008 - Network Devices
T1606.002 - SAML Tokens
T1140 - Deobfuscate/Decode Files or Information
T1562.004 - Disable or Modify System Firewall
T1555.003 - Credentials from Web Browsers
T1547.011 - Plist Modification
T1177 - LSASS Driver
T1568 - Dynamic Resolution
T1218.012 - Verclsid
T1608.005 - Link Target
T1199 - Trusted Relationship
T1056.002 - GUI Input Capture
T1157 - Dylib Hijacking
T1218.010 - Regsvr32
T1547.008 - LSASS Driver

MITREへのリンク →

FIN13

Score: 22.23

Matched TTPs:

T1584.008 - Network Devices
T1606.002 - SAML Tokens
T1140 - Deobfuscate/Decode Files or Information
T1558 - Steal or Forge Kerberos Tickets
T1547.005 - Security Support Provider
T1555.003 - Credentials from Web Browsers
T1590.006 - Network Security Appliances
T1219.001 - IDE Tunneling
T1588.001 - Malware
T1552.003 - Shell History
T1199 - Trusted Relationship
T1591.004 - Identify Roles

MITREへのリンク →

Dragonfly

Score: 34.83

Matched TTPs:

T1584.008 - Network Devices
T1566.002 - Spearphishing Link
T1140 - Deobfuscate/Decode Files or Information
T1009 - Binary Padding
T1562.004 - Disable or Modify System Firewall
T1555.003 - Credentials from Web Browsers
T1193 - Spearphishing Attachment
T1590.006 - Network Security Appliances
T1175 - Component Object Model and Distributed COM
T1219.001 - IDE Tunneling
T1657 - Financial Theft
T1199 - Trusted Relationship
T1157 - Dylib Hijacking
T1531 - Account Access Removal
T1218.010 - Regsvr32
T1591.004 - Identify Roles

MITREへのリンク →

Ke3chang

Score: 18.52

Matched TTPs:

T1584.008 - Network Devices
T1606.002 - SAML Tokens
T1027.008 - Stripped Payloads
T1003.007 - Proc Filesystem
T1140 - Deobfuscate/Decode Files or Information
T1590.006 - Network Security Appliances
T1219.001 - IDE Tunneling
T1199 - Trusted Relationship
T1157 - Dylib Hijacking
T1591.004 - Identify Roles

MITREへのリンク →

Agrius

Score: 10.77

Matched TTPs:

T1584.008 - Network Devices
T1140 - Deobfuscate/Decode Files or Information
T1558 - Steal or Forge Kerberos Tickets
T1555.003 - Credentials from Web Browsers
T1597 - Search Closed Sources
T1591.004 - Identify Roles

MITREへのリンク →

APT5

Score: 11.93

Matched TTPs:

T1584.008 - Network Devices
T1027.008 - Stripped Payloads
T1140 - Deobfuscate/Decode Files or Information
T1555.003 - Credentials from Web Browsers
T1219.001 - IDE Tunneling
T1591.004 - Identify Roles

MITREへのリンク →

Wizard Spider

Score: 21.24

Matched TTPs:

T1584.008 - Network Devices
T1038 - DLL Search Order Hijacking
T1590.006 - Network Security Appliances
T1588.001 - Malware
T1199 - Trusted Relationship
T1597 - Search Closed Sources
T1157 - Dylib Hijacking
T1506 - Web Session Cookie
T1591.004 - Identify Roles
T1556.009 - Conditional Access Policies

MITREへのリンク →

Sea Turtle

Score: 20.61

Matched TTPs:

T1499.003 - Application Exhaustion Flood
T1063 - Security Software Discovery
T1140 - Deobfuscate/Decode Files or Information
T1555.003 - Credentials from Web Browsers
T1175 - Component Object Model and Distributed COM
T1199 - Trusted Relationship
T1157 - Dylib Hijacking
T1218.010 - Regsvr32
T1059.013 - Container CLI/API

MITREへのリンク →

Axiom

Score: 17.66

Matched TTPs:

T1499.003 - Application Exhaustion Flood
T1140 - Deobfuscate/Decode Files or Information
T1177 - LSASS Driver
T1175 - Component Object Model and Distributed COM
T1049 - System Network Connections Discovery
T1157 - Dylib Hijacking
T1218.010 - Regsvr32

MITREへのリンク →

HEXANE

Score: 28.87

Matched TTPs:

T1499.003 - Application Exhaustion Flood
T1091 - Replication Through Removable Media
T1562 - Impair Defenses
T1070.006 - Timestomp
T1547.005 - Security Support Provider
T1134.002 - Create Process with Token
T1590.006 - Network Security Appliances
T1055.014 - VDSO Hijacking
T1199 - Trusted Relationship
T1547.002 - Authentication Package
T1159 - Launch Agent

MITREへのリンク →

Kimsuky

Score: 50.86

Matched TTPs:

T1606.002 - SAML Tokens
T1566.002 - Spearphishing Link
T1003.007 - Proc Filesystem
T1091 - Replication Through Removable Media
T1140 - Deobfuscate/Decode Files or Information
T1009 - Binary Padding
T1555.003 - Credentials from Web Browsers
T1134.002 - Create Process with Token
T1590.006 - Network Security Appliances
T1219.001 - IDE Tunneling
T1588.001 - Malware
T1218.012 - Verclsid
T1552.003 - Shell History
T1608.005 - Link Target
T1057 - Process Discovery
T1055.014 - VDSO Hijacking
T1199 - Trusted Relationship
T1597 - Search Closed Sources
T1547.002 - Authentication Package
T1030 - Data Transfer Size Limits
T1506 - Web Session Cookie
T1591.004 - Identify Roles
T1003.003 - NTDS

MITREへのリンク →

Indrik Spider

Score: 11.14

Matched TTPs:

T1606.002 - SAML Tokens
T1003.007 - Proc Filesystem
T1597 - Search Closed Sources
T1157 - Dylib Hijacking
T1027 - Obfuscated Files or Information
T1591.004 - Identify Roles

MITREへのリンク →

UNC3886

Score: 19.10

Matched TTPs:

T1606.002 - SAML Tokens
T1140 - Deobfuscate/Decode Files or Information
T1009 - Binary Padding
T1021.006 - Windows Remote Management
T1219.001 - IDE Tunneling
T1588.001 - Malware
T1597 - Search Closed Sources
T1157 - Dylib Hijacking
T1218.010 - Regsvr32
T1591.004 - Identify Roles

MITREへのリンク →

LuminousMoth

Score: 10.06

Matched TTPs:

T1606.002 - SAML Tokens
T1091 - Replication Through Removable Media
T1219.001 - IDE Tunneling
T1584.005 - Botnet
T1199 - Trusted Relationship

MITREへのリンク →

Salt Typhoon

Score: 11.29

Matched TTPs:

T1606.002 - SAML Tokens
T1140 - Deobfuscate/Decode Files or Information
T1608.002 - Upload Tool
T1009 - Binary Padding
T1199 - Trusted Relationship

MITREへのリンク →

Play

Score: 15.78

Matched TTPs:

T1606.002 - SAML Tokens
T1140 - Deobfuscate/Decode Files or Information
T1590.006 - Network Security Appliances
T1219.001 - IDE Tunneling
T1552.003 - Shell History
T1199 - Trusted Relationship
T1597 - Search Closed Sources
T1157 - Dylib Hijacking
T1506 - Web Session Cookie
T1591.004 - Identify Roles

MITREへのリンク →

Aoqin Dragon

Score: 7.92

Matched TTPs:

T1606.002 - SAML Tokens
T1558 - Steal or Forge Kerberos Tickets
T1219.001 - IDE Tunneling
T1199 - Trusted Relationship
T1218.010 - Regsvr32

MITREへのリンク →

RedCurl

Score: 4.35

Matched TTPs:

T1606.002 - SAML Tokens
T1219.001 - IDE Tunneling
T1591.004 - Identify Roles

MITREへのリンク →

Turla

Score: 30.50

Matched TTPs:

T1606.002 - SAML Tokens
T1063 - Security Software Discovery
T1003.007 - Proc Filesystem
T1590.006 - Network Security Appliances
T1045 - Software Packing
T1219.001 - IDE Tunneling
T1608.005 - Link Target
T1199 - Trusted Relationship
T1597 - Search Closed Sources
T1218.001 - Compiled HTML File
T1547.002 - Authentication Package
T1506 - Web Session Cookie
T1591.004 - Identify Roles
T1556.009 - Conditional Access Policies

MITREへのリンク →

Mustang Panda

Score: 26.00

Matched TTPs:

T1606.002 - SAML Tokens
T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1555.003 - Credentials from Web Browsers
T1590.006 - Network Security Appliances
T1219.001 - IDE Tunneling
T1218.012 - Verclsid
T1569.001 - Launchctl
T1608.005 - Link Target
T1199 - Trusted Relationship
T1218.010 - Regsvr32
T1591.004 - Identify Roles
T1159 - Launch Agent

MITREへのリンク →

FIN7

Score: 29.42

Matched TTPs:

T1606.002 - SAML Tokens
T1091 - Replication Through Removable Media
T1140 - Deobfuscate/Decode Files or Information
T1009 - Binary Padding
T1588.001 - Malware
T1218.012 - Verclsid
T1584.005 - Botnet
T1608.005 - Link Target
T1057 - Process Discovery
T1199 - Trusted Relationship
T1157 - Dylib Hijacking
T1027 - Obfuscated Files or Information
T1547.002 - Authentication Package
T1591.004 - Identify Roles

MITREへのリンク →

Medusa Group

Score: 33.56

Matched TTPs:

T1036.008 - Masquerade File Type
T1140 - Deobfuscate/Decode Files or Information
T1218.003 - CMSTP
T1009 - Binary Padding
T1555.003 - Credentials from Web Browsers
T1590.006 - Network Security Appliances
T1219.001 - IDE Tunneling
T1552.003 - Shell History
T1608.005 - Link Target
T1199 - Trusted Relationship
T1056.002 - GUI Input Capture
T1597 - Search Closed Sources
T1157 - Dylib Hijacking
T1027 - Obfuscated Files or Information
T1506 - Web Session Cookie
T1591.004 - Identify Roles

MITREへのリンク →

Scattered Spider

Score: 51.22

Matched TTPs:

T1685.004 - Disable or Modify Linux Audit System Log
T1566.002 - Spearphishing Link
T1583.001 - Domains
T1547.005 - Security Support Provider
T1019 - System Firmware
T1590.006 - Network Security Appliances
T1045 - Software Packing
T1219.001 - IDE Tunneling
T1552.003 - Shell History
T1199 - Trusted Relationship
T1597 - Search Closed Sources
T1157 - Dylib Hijacking
T1027 - Obfuscated Files or Information
T1030 - Data Transfer Size Limits
T1090.004 - Domain Fronting
T1564.003 - Hidden Window
T1027.002 - Software Packing
T1588.005 - Exploits

MITREへのリンク →

Storm-0501

Score: 18.59

Matched TTPs:

T1685.004 - Disable or Modify Linux Audit System Log
T1140 - Deobfuscate/Decode Files or Information
T1588.001 - Malware
T1552.003 - Shell History
T1027 - Obfuscated Files or Information
T1506 - Web Session Cookie
T1090.004 - Domain Fronting

MITREへのリンク →

FIN6

Score: 15.93

Matched TTPs:

T1063 - Security Software Discovery
T1562 - Impair Defenses
T1588.001 - Malware
T1199 - Trusted Relationship
T1597 - Search Closed Sources
T1157 - Dylib Hijacking
T1591.004 - Identify Roles
T1547.008 - LSASS Driver

MITREへのリンク →

Silent Librarian

Score: 11.10

Matched TTPs:

T1566.002 - Spearphishing Link
T1134.002 - Create Process with Token
T1584.005 - Botnet
T1199 - Trusted Relationship
T1157 - Dylib Hijacking

MITREへのリンク →

ZIRCONIUM

Score: 16.32

Matched TTPs:

T1566.002 - Spearphishing Link
T1558 - Steal or Forge Kerberos Tickets
T1590.006 - Network Security Appliances
T1588.001 - Malware
T1608.005 - Link Target
T1056.002 - GUI Input Capture
T1547.002 - Authentication Package
T1591.004 - Identify Roles

MITREへのリンク →

Star Blizzard

Score: 13.26

Matched TTPs:

T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1547.005 - Security Support Provider
T1657 - Financial Theft
T1199 - Trusted Relationship
T1157 - Dylib Hijacking

MITREへのリンク →

CURIUM

Score: 12.89

Matched TTPs:

T1566.002 - Spearphishing Link
T1555.003 - Credentials from Web Browsers
T1175 - Component Object Model and Distributed COM
T1218.001 - Compiled HTML File
T1547.008 - LSASS Driver

MITREへのリンク →

Patchwork

Score: 8.95

Matched TTPs:

T1566.002 - Spearphishing Link
T1219.001 - IDE Tunneling
T1199 - Trusted Relationship
T1218.010 - Regsvr32
T1506 - Web Session Cookie
T1591.004 - Identify Roles

MITREへのリンク →

HAFNIUM

Score: 29.87

Matched TTPs:

T1027.008 - Stripped Payloads
T1140 - Deobfuscate/Decode Files or Information
T1555.003 - Credentials from Web Browsers
T1134.002 - Create Process with Token
T1590.006 - Network Security Appliances
T1218.008 - Odbcconf
T1059 - Command and Scripting Interpreter
T1175 - Component Object Model and Distributed COM
T1219.001 - IDE Tunneling
T1049 - System Network Connections Discovery
T1608.005 - Link Target
T1591.004 - Identify Roles

MITREへのリンク →

BRONZE BUTLER

Score: 13.85

Matched TTPs:

T1003.007 - Proc Filesystem
T1558 - Steal or Forge Kerberos Tickets
T1219.001 - IDE Tunneling
T1199 - Trusted Relationship
T1597 - Search Closed Sources
T1218.010 - Regsvr32
T1591.004 - Identify Roles
T1159 - Launch Agent

MITREへのリンク →

Aquatic Panda

Score: 12.71

Matched TTPs:

T1003.007 - Proc Filesystem
T1562.004 - Disable or Modify System Firewall
T1588.001 - Malware
T1199 - Trusted Relationship
T1597 - Search Closed Sources
T1506 - Web Session Cookie
T1591.004 - Identify Roles

MITREへのリンク →

Chimera

Score: 13.06

Matched TTPs:

T1003.007 - Proc Filesystem
T1590.006 - Network Security Appliances
T1219.001 - IDE Tunneling
T1199 - Trusted Relationship
T1157 - Dylib Hijacking
T1591.004 - Identify Roles
T1059.003 - Windows Command Shell

MITREへのリンク →

Earth Lusca

Score: 21.19

Matched TTPs:

T1003.007 - Proc Filesystem
T1091 - Replication Through Removable Media
T1140 - Deobfuscate/Decode Files or Information
T1562.004 - Disable or Modify System Firewall
T1590.006 - Network Security Appliances
T1045 - Software Packing
T1218.012 - Verclsid
T1608.005 - Link Target
T1199 - Trusted Relationship
T1218.001 - Compiled HTML File

MITREへのリンク →

Volt Typhoon

Score: 47.13

Matched TTPs:

T1003.007 - Proc Filesystem
T1140 - Deobfuscate/Decode Files or Information
T1562 - Impair Defenses
T1070.006 - Timestomp
T1547.005 - Security Support Provider
T1555.003 - Credentials from Web Browsers
T1134.002 - Create Process with Token
T1164 - Re-opened Applications
T1590.006 - Network Security Appliances
T1045 - Software Packing
T1219.001 - IDE Tunneling
T1049 - System Network Connections Discovery
T1057 - Process Discovery
T1199 - Trusted Relationship
T1056.002 - GUI Input Capture
T1157 - Dylib Hijacking
T1591.004 - Identify Roles
T1159 - Launch Agent
T1574.002 - DLL Side-Loading

MITREへのリンク →

admin@338

Score: 7.74

Matched TTPs:

T1003.007 - Proc Filesystem
T1590.006 - Network Security Appliances
T1219.001 - IDE Tunneling
T1218.010 - Regsvr32
T1591.004 - Identify Roles

MITREへのリンク →

APT1

Score: 5.80

Matched TTPs:

T1003.007 - Proc Filesystem
T1590.006 - Network Security Appliances
T1199 - Trusted Relationship
T1591.004 - Identify Roles

MITREへのリンク →

LazyScripter

Score: 9.47

Matched TTPs:

T1091 - Replication Through Removable Media
T1558 - Steal or Forge Kerberos Tickets
T1218.012 - Verclsid
T1608.005 - Link Target
T1591.004 - Identify Roles

MITREへのリンク →

Gamaredon Group

Score: 30.38

Matched TTPs:

T1091 - Replication Through Removable Media
T1045 - Software Packing
T1175 - Component Object Model and Distributed COM
T1219.001 - IDE Tunneling
T1218.012 - Verclsid
T1608.005 - Link Target
T1055.014 - VDSO Hijacking
T1199 - Trusted Relationship
T1056.002 - GUI Input Capture
T1597 - Search Closed Sources
T1547.002 - Authentication Package
T1059.013 - Container CLI/API
T1506 - Web Session Cookie
T1591.004 - Identify Roles

MITREへのリンク →

SideCopy

Score: 14.05

Matched TTPs:

T1091 - Replication Through Removable Media
T1590.006 - Network Security Appliances
T1218.012 - Verclsid
T1657 - Financial Theft
T1506 - Web Session Cookie
T1159 - Launch Agent

MITREへのリンク →

BlackByte

Score: 19.96

Matched TTPs:

T1091 - Replication Through Removable Media
T1140 - Deobfuscate/Decode Files or Information
T1009 - Binary Padding
T1555.003 - Credentials from Web Browsers
T1590.006 - Network Security Appliances
T1175 - Component Object Model and Distributed COM
T1597 - Search Closed Sources
T1157 - Dylib Hijacking
T1027 - Obfuscated Files or Information
T1506 - Web Session Cookie
T1591.004 - Identify Roles

MITREへのリンク →

EXOTIC LILY

Score: 8.51

Matched TTPs:

T1091 - Replication Through Removable Media
T1134.002 - Create Process with Token
T1218.010 - Regsvr32
T1547.008 - LSASS Driver

MITREへのリンク →

APT42

Score: 15.88

Matched TTPs:

T1091 - Replication Through Removable Media
T1583.001 - Domains
T1590.006 - Network Security Appliances
T1175 - Component Object Model and Distributed COM
T1199 - Trusted Relationship
T1030 - Data Transfer Size Limits
T1506 - Web Session Cookie

MITREへのリンク →

Rocke

Score: 11.13

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1009 - Binary Padding
T1597 - Search Closed Sources
T1059.013 - Container CLI/API
T1506 - Web Session Cookie

MITREへのリンク →

BackdoorDiplomacy

Score: 6.18

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1555.003 - Credentials from Web Browsers
T1588.001 - Malware
T1199 - Trusted Relationship

MITREへのリンク →

BlackTech

Score: 3.81

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1199 - Trusted Relationship
T1218.010 - Regsvr32

MITREへのリンク →

Cinnamon Tempest

Score: 9.56

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1045 - Software Packing
T1552.003 - Shell History
T1199 - Trusted Relationship
T1157 - Dylib Hijacking
T1591.004 - Identify Roles

MITREへのリンク →

ToddyCat

Score: 10.49

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1009 - Binary Padding
T1219.001 - IDE Tunneling
T1506 - Web Session Cookie
T1591.004 - Identify Roles
T1547.008 - LSASS Driver

MITREへのリンク →

Winter Vivern

Score: 16.74

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1558 - Steal or Forge Kerberos Tickets
T1562.004 - Disable or Modify System Firewall
T1175 - Component Object Model and Distributed COM
T1219.001 - IDE Tunneling
T1588.001 - Malware
T1218.001 - Compiled HTML File
T1591.004 - Identify Roles

MITREへのリンク →

Volatile Cedar

Score: 9.96

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1562.004 - Disable or Modify System Firewall
T1555.003 - Credentials from Web Browsers
T1002 - Data Compressed

MITREへのリンク →

INC Ransom

Score: 11.36

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1552.003 - Shell History
T1199 - Trusted Relationship
T1597 - Search Closed Sources
T1157 - Dylib Hijacking
T1027 - Obfuscated Files or Information
T1591.004 - Identify Roles

MITREへのリンク →

MuddyWater

Score: 29.76

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1562 - Impair Defenses
T1547.011 - Plist Modification
T1590.006 - Network Security Appliances
T1219.001 - IDE Tunneling
T1218.012 - Verclsid
T1608.005 - Link Target
T1199 - Trusted Relationship
T1597 - Search Closed Sources
T1547.002 - Authentication Package
T1218.010 - Regsvr32
T1059.013 - Container CLI/API
T1506 - Web Session Cookie
T1591.004 - Identify Roles
T1159 - Launch Agent

MITREへのリンク →

Akira

Score: 12.62

Matched TTPs:

T1137.005 - Outlook Rules
T1552.003 - Shell History
T1597 - Search Closed Sources
T1157 - Dylib Hijacking
T1027 - Obfuscated Files or Information

MITREへのリンク →

Leafminer

Score: 4.81

Matched TTPs:

T1562 - Impair Defenses
T1219.001 - IDE Tunneling
T1199 - Trusted Relationship

MITREへのリンク →

Stealth Falcon

Score: 7.76

Matched TTPs:

T1562 - Impair Defenses
T1590.006 - Network Security Appliances
T1556.009 - Conditional Access Policies

MITREへのリンク →

Nomadic Octopus

Score: 3.14

Matched TTPs:

T1558 - Steal or Forge Kerberos Tickets
T1591.004 - Identify Roles

MITREへのリンク →

Windshift

Score: 9.35

Matched TTPs:

T1558 - Steal or Forge Kerberos Tickets
T1506 - Web Session Cookie
T1159 - Launch Agent
T1547.008 - LSASS Driver

MITREへのリンク →

MoustachedBouncer

Score: 6.88

Matched TTPs:

T1055.003 - Thread Execution Hijacking
T1045 - Software Packing

MITREへのリンク →

LAPSUS$

Score: 35.13

Matched TTPs:

T1547.005 - Security Support Provider
T1134.002 - Create Process with Token
T1019 - System Firmware
T1193 - Spearphishing Attachment
T1218.008 - Odbcconf
T1045 - Software Packing
T1175 - Component Object Model and Distributed COM
T1199 - Trusted Relationship
T1157 - Dylib Hijacking
T1030 - Data Transfer Size Limits
T1564.003 - Hidden Window
T1588.005 - Exploits

MITREへのリンク →

Carbanak

Score: 9.11

Matched TTPs:

T1009 - Binary Padding
T1588.001 - Malware
T1199 - Trusted Relationship
T1157 - Dylib Hijacking
T1547.002 - Authentication Package

MITREへのリンク →

APT38

Score: 20.12

Matched TTPs:

T1009 - Binary Padding
T1555.003 - Credentials from Web Browsers
T1219.001 - IDE Tunneling
T1218.012 - Verclsid
T1199 - Trusted Relationship
T1597 - Search Closed Sources
T1027 - Obfuscated Files or Information
T1506 - Web Session Cookie
T1493 - Transmitted Data Manipulation
T1591.004 - Identify Roles

MITREへのリンク →

Velvet Ant

Score: 9.57

Matched TTPs:

T1009 - Binary Padding
T1219.001 - IDE Tunneling
T1597 - Search Closed Sources
T1566.003 - Spearphishing via Service

MITREへのリンク →

Deep Panda

Score: 5.05

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1177 - LSASS Driver

MITREへのリンク →

Tonto Team

Score: 6.01

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1547.011 - Plist Modification
T1218.010 - Regsvr32

MITREへのリンク →

FIN5

Score: 5.02

Matched TTPs:

T1547.011 - Plist Modification
T1199 - Trusted Relationship
T1157 - Dylib Hijacking

MITREへのリンク →

APT3

Score: 11.25

Matched TTPs:

T1547.011 - Plist Modification
T1590.006 - Network Security Appliances
T1177 - LSASS Driver
T1219.001 - IDE Tunneling
T1218.010 - Regsvr32
T1591.004 - Identify Roles

MITREへのリンク →

Silence

Score: 5.97

Matched TTPs:

T1547.011 - Plist Modification
T1199 - Trusted Relationship
T1157 - Dylib Hijacking
T1591.004 - Identify Roles

MITREへのリンク →

Lotus Blossom

Score: 6.36

Matched TTPs:

T1590.006 - Network Security Appliances
T1219.001 - IDE Tunneling
T1199 - Trusted Relationship
T1056.002 - GUI Input Capture

MITREへのリンク →

Naikon

Score: 5.46

Matched TTPs:

T1590.006 - Network Security Appliances
T1588.001 - Malware
T1506 - Web Session Cookie

MITREへのリンク →

CopyKittens

Score: 3.19

Matched TTPs:

T1045 - Software Packing
T1199 - Trusted Relationship

MITREへのリンク →

Windigo

Score: 6.39

Matched TTPs:

T1045 - Software Packing
T1219.001 - IDE Tunneling
T1159 - Launch Agent

MITREへのリンク →

POLONIUM

Score: 9.02

Matched TTPs:

T1045 - Software Packing
T1608.005 - Link Target
T1199 - Trusted Relationship
T1157 - Dylib Hijacking
T1547.002 - Authentication Package

MITREへのリンク →

Equation

Score: 4.54

Matched TTPs:

T1589.003 - Employee Names

MITREへのリンク →

Confucius

Score: 7.15

Matched TTPs:

T1219.001 - IDE Tunneling
T1218.012 - Verclsid
T1608.005 - Link Target
T1218.010 - Regsvr32

MITREへのリンク →

Water Galura

Score: 4.86

Matched TTPs:

T1552.003 - Shell History
T1027 - Obfuscated Files or Information

MITREへのリンク →

FIN8

Score: 7.47

Matched TTPs:

T1199 - Trusted Relationship
T1157 - Dylib Hijacking
T1027 - Obfuscated Files or Information
T1506 - Web Session Cookie
T1591.004 - Identify Roles

MITREへのリンク →

Cobalt Group

Score: 5.20

Matched TTPs:

T1199 - Trusted Relationship
T1218.010 - Regsvr32
T1506 - Web Session Cookie
T1591.004 - Identify Roles

MITREへのリンク →

FIN10

Score: 3.23

Matched TTPs:

T1199 - Trusted Relationship
T1157 - Dylib Hijacking
T1591.004 - Identify Roles

MITREへのリンク →

Gorgon Group

Score: 3.60

Matched TTPs:

T1199 - Trusted Relationship
T1597 - Search Closed Sources
T1591.004 - Identify Roles

MITREへのリンク →

DarkHydrus

Score: 4.98

Matched TTPs:

T1199 - Trusted Relationship
T1531 - Account Access Removal

MITREへのリンク →

FIN4

Score: 4.17

Matched TTPs:

T1056.002 - GUI Input Capture
T1157 - Dylib Hijacking

MITREへのリンク →

Andariel

Score: 5.34

Matched TTPs:

T1187 - Forced Authentication
T1218.010 - Regsvr32

MITREへのリンク →

APT37

Score: 4.85

Matched TTPs:

T1547.002 - Authentication Package
T1218.010 - Regsvr32
T1591.004 - Identify Roles

MITREへのリンク →

APT12

Score: 3.89

Matched TTPs:

T1547.002 - Authentication Package
T1218.010 - Regsvr32

MITREへのリンク →

The White Company

Score: 3.39

Matched TTPs:

T1218.010 - Regsvr32
T1506 - Web Session Cookie

MITREへのリンク →

Sandworm Team

Score: 0.70

Matched TTPs:

T1219.001 - IDE Tunneling
T1199 - Trusted Relationship
T1218.010 - Regsvr32
T1606.002 - SAML Tokens
T1045 - Software Packing
T1091 - Replication Through Removable Media
T1140 - Deobfuscate/Decode Files or Information
T1187 - Forced Authentication
T1555.003 - Credentials from Web Browsers
T1075 - Pass the Hash
T1063 - Security Software Discovery
T1005 - Data from Local System
T1566.002 - Spearphishing Link
T1564.008 - Email Hiding Rules
T1027 - Obfuscated Files or Information
T1157 - Dylib Hijacking
T1134.002 - Create Process with Token
T1558 - Steal or Forge Kerberos Tickets
T1562.004 - Disable or Modify System Firewall
T1049 - System Network Connections Discovery
T1193 - Spearphishing Attachment
T1547.002 - Authentication Package

MITREへのリンク →

Contagious Interview

Score: 0.64

Matched TTPs:

T1219.001 - IDE Tunneling
T1552.003 - Shell History
T1199 - Trusted Relationship
T1606.002 - SAML Tokens
T1045 - Software Packing
T1091 - Replication Through Removable Media
T1491.002 - External Defacement
T1021.006 - Windows Remote Management
T1547.008 - LSASS Driver
T1591.004 - Identify Roles
T1030 - Data Transfer Size Limits
T1597 - Search Closed Sources
T1218.008 - Odbcconf
T1044 - File System Permissions Weakness
T1558 - Steal or Forge Kerberos Tickets
T1175 - Component Object Model and Distributed COM
T1547.005 - Security Support Provider
T1608.005 - Link Target
T1064 - Scripting
T1016 - System Network Configuration Discovery

MITREへのリンク →

Scattered Spider

Score: 0.63

Matched TTPs:

T1566.002 - Spearphishing Link
T1564.003 - Hidden Window
T1219.001 - IDE Tunneling
T1027.002 - Software Packing
T1552.003 - Shell History
T1199 - Trusted Relationship
T1583.001 - Domains
T1590.006 - Network Security Appliances
T1045 - Software Packing
T1547.005 - Security Support Provider
T1027 - Obfuscated Files or Information
T1030 - Data Transfer Size Limits
T1019 - System Firmware
T1090.004 - Domain Fronting
T1597 - Search Closed Sources
T1685.004 - Disable or Modify Linux Audit System Log
T1157 - Dylib Hijacking
T1588.005 - Exploits

MITREへのリンク →

Kimsuky

Score: 0.63

Matched TTPs:

T1588.001 - Malware
T1219.001 - IDE Tunneling
T1003.007 - Proc Filesystem
T1218.012 - Verclsid
T1057 - Process Discovery
T1552.003 - Shell History
T1199 - Trusted Relationship
T1606.002 - SAML Tokens
T1055.014 - VDSO Hijacking
T1091 - Replication Through Removable Media
T1003.003 - NTDS
T1140 - Deobfuscate/Decode Files or Information
T1506 - Web Session Cookie
T1591.004 - Identify Roles
T1555.003 - Credentials from Web Browsers
T1030 - Data Transfer Size Limits
T1597 - Search Closed Sources
T1566.002 - Spearphishing Link
T1590.006 - Network Security Appliances
T1134.002 - Create Process with Token
T1608.005 - Link Target
T1009 - Binary Padding
T1547.002 - Authentication Package

MITREへのリンク →

Volt Typhoon

Score: 0.58

Matched TTPs:

T1574.002 - DLL Side-Loading
T1219.001 - IDE Tunneling
T1003.007 - Proc Filesystem
T1057 - Process Discovery
T1199 - Trusted Relationship
T1045 - Software Packing
T1070.006 - Timestomp
T1140 - Deobfuscate/Decode Files or Information
T1562 - Impair Defenses
T1591.004 - Identify Roles
T1555.003 - Credentials from Web Browsers
T1590.006 - Network Security Appliances
T1157 - Dylib Hijacking
T1164 - Re-opened Applications
T1159 - Launch Agent
T1134.002 - Create Process with Token
T1049 - System Network Connections Discovery
T1056.002 - GUI Input Capture
T1547.005 - Security Support Provider

MITREへのリンク →

APT41

Score: 0.57

Matched TTPs:

T1588.001 - Malware
T1564.003 - Hidden Window
T1219.001 - IDE Tunneling
T1574.002 - DLL Side-Loading
T1199 - Trusted Relationship
T1218.010 - Regsvr32
T1045 - Software Packing
T1539 - Steal Web Session Cookie
T1140 - Deobfuscate/Decode Files or Information
T1562 - Impair Defenses
T1591.004 - Identify Roles
T1030 - Data Transfer Size Limits
T1177 - LSASS Driver
T1584.008 - Network Devices
T1027 - Obfuscated Files or Information
T1590.006 - Network Security Appliances
T1002 - Data Compressed
T1157 - Dylib Hijacking
T1562.004 - Disable or Modify System Firewall

MITREへのリンク →

Magic Hound

Score: 0.57

Matched TTPs:

T1588.001 - Malware
T1219.001 - IDE Tunneling
T1199 - Trusted Relationship
T1045 - Software Packing
T1140 - Deobfuscate/Decode Files or Information
T1491.002 - External Defacement
T1187 - Forced Authentication
T1547.008 - LSASS Driver
T1591.004 - Identify Roles
T1555.003 - Credentials from Web Browsers
T1597 - Search Closed Sources
T1566.002 - Spearphishing Link
T1027 - Obfuscated Files or Information
T1590.006 - Network Security Appliances
T1134.002 - Create Process with Token
T1562.004 - Disable or Modify System Firewall
T1547.005 - Security Support Provider
T1098.002 - Additional Email Delegate Permissions
T1608.005 - Link Target
T1009 - Binary Padding
T1547.002 - Authentication Package

MITREへのリンク →

DynoWiper update: Technical analysis

概要

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

Pulse – 脅威アクター グラフ

Pulse – 脅威アクターグラフ