Trusted Design

(Don't) TrustConnect: It's a RAT in an RMM hat

概要

A new malware-as-a-service (MaaS) called TrustConnect has been discovered masquerading as a legitimate remote monitoring and management (RMM) tool. The malware, classified as a remote access trojan (RAT), uses a fake business website as its command and control center and MaaS portal. Priced at $300 per month, it offers features like a web-based C2 dashboard, automated payload generation with digital signatures, and remote desktop capabilities. The malware has been distributed through various email campaigns, often alongside legitimate RMM tools. Proofpoint researchers identified links between TrustConnect's creator and previous users of Redline stealer. The emergence of this new MaaS demonstrates the ongoing evolution of the cybercrime market and the thriving ecosystem of RMM abuse.

Created: 2026-03-21

Indicators

類似Pulses

類似するPulseは見つかりませんでした。

このPulseに関連する脅威アクター (事実ベース)

HAFNIUM

Score: 17.98
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1584.005 - Botnet
  • T1583.006 - Web Services
  • T1095 - Non-Application Layer Protocol
MITREへのリンク →

menuPass

Score: 17.51
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1027.013 - Encrypted/Encoded File
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1039 - Data from Network Shared Drive
  • T1078 - Valid Accounts
MITREへのリンク →

Wizard Spider

Score: 21.62
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.002 - Security Account Manager
  • T1566.002 - Spearphishing Link
  • T1518.002 - Backup Software Discovery
  • T1585.002 - Email Accounts
  • T1016 - System Network Configuration Discovery
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1555.004 - Windows Credential Manager
MITREへのリンク →

APT33

Score: 16.15
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1027.013 - Encrypted/Encoded File
  • T1566.002 - Spearphishing Link
  • T1040 - Network Sniffing
  • T1555 - Credentials from Password Stores
  • T1555.003 - Credentials from Web Browsers
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Fox Kitten

Score: 16.22
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1027.013 - Encrypted/Encoded File
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1083 - File and Directory Discovery
  • T1102 - Web Service
  • T1039 - Data from Network Shared Drive
  • T1078 - Valid Accounts
MITREへのリンク →

Volt Typhoon

Score: 39.48
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1584.008 - Network Devices
  • T1584.003 - Virtual Private Server
  • T1190 - Exploit Public-Facing Application
  • T1555 - Credentials from Password Stores
  • T1589 - Gather Victim Identity Information
  • T1555.003 - Credentials from Web Browsers
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1584.005 - Botnet
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1587.004 - Exploits
  • T1584.004 - Server
  • T1518 - Software Discovery
  • T1090.001 - Internal Proxy
MITREへのリンク →

APT1

Score: 10.10
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1566.002 - Spearphishing Link
  • T1585.002 - Email Accounts
  • T1016 - System Network Configuration Discovery
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

Mustang Panda

Score: 36.72
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1585.002 - Email Accounts
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1102 - Web Service
  • T1218.005 - Mshta
  • T1608 - Stage Capabilities
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1095 - Non-Application Layer Protocol
  • T1219.002 - Remote Desktop Software
  • T1518 - Software Discovery
MITREへのリンク →

Play

Score: 14.52
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
MITREへのリンク →

Chimera

Score: 13.11
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1039 - Data from Network Shared Drive
  • T1078 - Valid Accounts
  • T1589.001 - Credentials
MITREへのリンク →

Sea Turtle

Score: 20.62
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1583 - Acquire Infrastructure
  • T1583.002 - DNS Server
  • T1070.002 - Clear Linux or Mac System Logs
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1566 - Phishing
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT39

Score: 17.67
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1027.013 - Encrypted/Encoded File
  • T1566.002 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1555 - Credentials from Password Stores
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1102.002 - Bidirectional Communication
  • T1090.001 - Internal Proxy
MITREへのリンク →

RedCurl

Score: 21.46
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1555.003 - Credentials from Web Browsers
  • T1020 - Automated Exfiltration
  • T1083 - File and Directory Discovery
  • T1102 - Web Service
  • T1056.002 - GUI Input Capture
  • T1039 - Data from Network Shared Drive
MITREへのリンク →

APT5

Score: 10.80
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.002 - Security Account Manager
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
MITREへのリンク →

Agrius

Score: 12.67
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1583 - Acquire Infrastructure
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

GALLIUM

Score: 9.40
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1588.002 - Tool
  • T1078 - Valid Accounts
MITREへのリンク →

APT41

Score: 42.22
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1555 - Credentials from Password Stores
  • T1555.003 - Credentials from Web Browsers
  • T1016 - System Network Configuration Discovery
  • T1546.008 - Accessibility Features
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1599 - Network Boundary Bridging
  • T1486 - Data Encrypted for Impact
  • T1203 - Exploitation for Client Execution
  • T1595.003 - Wordlist Scanning
  • T1656 - Impersonation
  • T1213.003 - Code Repositories
  • T1480.001 - Environmental Keying
MITREへのリンク →

MuddyWater

Score: 32.36
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1566.002 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1555 - Credentials from Password Stores
  • T1219 - Remote Access Tools
  • T1218.003 - CMSTP
  • T1555.003 - Credentials from Web Browsers
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

APT28

Score: 38.21
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1027.013 - Encrypted/Encoded File
  • T1584.008 - Network Devices
  • T1598.003 - Spearphishing Link
  • T1040 - Network Sniffing
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1083 - File and Directory Discovery
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1039 - Data from Network Shared Drive
  • T1078 - Valid Accounts
  • T1589.001 - Credentials
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1498 - Network Denial of Service
MITREへのリンク →

Turla

Score: 38.85
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1584.003 - Virtual Private Server
  • T1016 - System Network Configuration Discovery
  • T1588.001 - Malware
  • T1083 - File and Directory Discovery
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1584.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1555.004 - Windows Credential Manager
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1090.001 - Internal Proxy
MITREへのリンク →

Sowbug

Score: 5.93
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1083 - File and Directory Discovery
  • T1039 - Data from Network Shared Drive
MITREへのリンク →

BRONZE BUTLER

Score: 16.76
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1036 - Masquerading
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1039 - Data from Network Shared Drive
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1518 - Software Discovery
MITREへのリンク →

UNC3886

Score: 29.65
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1681 - Search Threat Vendor Data
  • T1588.001 - Malware
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1587.004 - Exploits
  • T1203 - Exploitation for Client Execution
  • T1095 - Non-Application Layer Protocol
MITREへのリンク →

Kimsuky

Score: 55.48
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1583 - Acquire Infrastructure
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1040 - Network Sniffing
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1555.003 - Credentials from Web Browsers
  • T1585.002 - Email Accounts
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1534 - Internal Spearphishing
  • T1588.002 - Tool
  • T1566 - Phishing
  • T1562.001 - Disable or Modify Tools
  • T1102.002 - Bidirectional Communication
  • T1656 - Impersonation
  • T1219.002 - Remote Desktop Software
  • T1588.005 - Exploits
MITREへのリンク →

APT3

Score: 18.93
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1566.002 - Spearphishing Link
  • T1555.003 - Credentials from Web Browsers
  • T1016 - System Network Configuration Discovery
  • T1546.008 - Accessibility Features
  • T1083 - File and Directory Discovery
  • T1203 - Exploitation for Client Execution
  • T1095 - Non-Application Layer Protocol
  • T1036.010 - Masquerade Account Name
MITREへのリンク →

FIN8

Score: 10.18
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1566.002 - Spearphishing Link
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Ke3chang

Score: 19.92
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1020 - Automated Exfiltration
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1078 - Valid Accounts
MITREへのリンク →

Lotus Blossom

Score: 11.99
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1134 - Access Token Manipulation
  • T1090.001 - Internal Proxy
MITREへのリンク →

FIN13

Score: 30.61
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1589 - Gather Victim Identity Information
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1657 - Financial Theft
  • T1134.003 - Make and Impersonate Token
  • T1588.002 - Tool
  • T1556 - Modify Authentication Process
  • T1090.001 - Internal Proxy
MITREへのリンク →

Earth Lusca

Score: 23.83
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1588.001 - Malware
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
MITREへのリンク →

Magic Hound

Score: 43.48
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1027.013 - Encrypted/Encoded File
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1589 - Gather Victim Identity Information
  • T1562.004 - Disable or Modify System Firewall
  • T1585.002 - Email Accounts
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1592.002 - Software
  • T1589.001 - Credentials
  • T1102.002 - Bidirectional Communication
  • T1036.010 - Masquerade Account Name
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Aquatic Panda

Score: 6.70
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

INC Ransom

Score: 17.88
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1190 - Exploit Public-Facing Application
  • T1219 - Remote Access Tools
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1566 - Phishing
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Akira

Score: 16.81
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1558 - Steal or Forge Kerberos Tickets
  • T1219 - Remote Access Tools
  • T1657 - Financial Theft
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

ToddyCat

Score: 11.89
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1095 - Non-Application Layer Protocol
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Ember Bear

Score: 29.81
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1491.002 - External Defacement
  • T1003.002 - Security Account Manager
  • T1195 - Supply Chain Compromise
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1588.001 - Malware
  • T1562.001 - Disable or Modify Tools
  • T1203 - Exploitation for Client Execution
  • T1095 - Non-Application Layer Protocol
  • T1588.005 - Exploits
MITREへのリンク →

Indrik Spider

Score: 15.81
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1587.001 - Malware
  • T1585.002 - Email Accounts
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1584.004 - Server
MITREへのリンク →

Contagious Interview

Score: 46.27
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1588.007 - Artificial Intelligence
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1589 - Gather Victim Identity Information
  • T1681 - Search Threat Vendor Data
  • T1585.002 - Email Accounts
  • T1083 - File and Directory Discovery
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1656 - Impersonation
  • T1219.002 - Remote Desktop Software
  • T1204.004 - Malicious Copy and Paste
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Sandworm Team

Score: 57.25
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1491.002 - External Defacement
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1040 - Network Sniffing
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1190 - Exploit Public-Facing Application
  • T1219 - Remote Access Tools
  • T1036 - Masquerading
  • T1555.003 - Credentials from Web Browsers
  • T1585.002 - Email Accounts
  • T1083 - File and Directory Discovery
  • T1584.005 - Botnet
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1592.002 - Software
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1499 - Endpoint Denial of Service
  • T1584.004 - Server
MITREへのリンク →

Star Blizzard

Score: 18.58
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1589 - Gather Victim Identity Information
  • T1585.002 - Email Accounts
  • T1598.002 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1078 - Valid Accounts
MITREへのリンク →

Inception

Score: 14.90
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1555.003 - Credentials from Web Browsers
  • T1083 - File and Directory Discovery
  • T1102 - Web Service
  • T1218.005 - Mshta
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

Dark Caracal

Score: 7.18
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1083 - File and Directory Discovery
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Elderwood

Score: 6.30
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1566.002 - Spearphishing Link
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Darkhotel

Score: 7.62
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Transparent Tribe

Score: 9.33
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1566.002 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

APT18

Score: 4.32
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
MITREへのリンク →

Leviathan

Score: 32.97
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1584.008 - Network Devices
  • T1566.002 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1585.002 - Email Accounts
  • T1102.003 - One-Way Communication
  • T1534 - Internal Spearphishing
  • T1078 - Valid Accounts
  • T1587.004 - Exploits
  • T1589.001 - Credentials
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
MITREへのリンク →

Sidewinder

Score: 21.76
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1016 - System Network Configuration Discovery
  • T1020 - Automated Exfiltration
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1598.002 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

Lazarus Group

Score: 38.52
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1562.004 - Disable or Modify System Firewall
  • T1585.002 - Email Accounts
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1566.003 - Spearphishing via Service
  • T1090.001 - Internal Proxy
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Saint Bear

Score: 11.90
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1562.001 - Disable or Modify Tools
  • T1203 - Exploitation for Client Execution
  • T1656 - Impersonation
MITREへのリンク →

BITTER

Score: 8.58
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1095 - Non-Application Layer Protocol
MITREへのリンク →

TA505

Score: 14.51
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1555.003 - Credentials from Web Browsers
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Higaisa

Score: 7.49
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1016 - System Network Configuration Discovery
  • T1203 - Exploitation for Client Execution
  • T1090.001 - Internal Proxy
MITREへのリンク →

APT19

Score: 5.68
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1016 - System Network Configuration Discovery
  • T1588.002 - Tool
  • T1189 - Drive-by Compromise
MITREへのリンク →

Threat Group-3390

Score: 21.80
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1003.002 - Security Account Manager
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1608.002 - Upload Tool
  • T1016 - System Network Configuration Discovery
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

TA2541

Score: 14.47
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Malteiro

Score: 8.84
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1555 - Credentials from Password Stores
  • T1555.003 - Credentials from Web Browsers
  • T1657 - Financial Theft
MITREへのリンク →

Storm-1811

Score: 25.06
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1566.002 - Spearphishing Link
  • T1036 - Masquerading
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
  • T1566.004 - Spearphishing Voice
  • T1656 - Impersonation
  • T1036.010 - Masquerade Account Name
  • T1219.002 - Remote Desktop Software
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Blue Mockingbird

Score: 7.76
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1134 - Access Token Manipulation
MITREへのリンク →

Tropic Trooper

Score: 11.89
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1016 - System Network Configuration Discovery
  • T1020 - Automated Exfiltration
  • T1083 - File and Directory Discovery
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

Mofang

Score: 3.04
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1566.002 - Spearphishing Link
MITREへのリンク →

Moses Staff

Score: 9.82
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1016 - System Network Configuration Discovery
  • T1588.002 - Tool
MITREへのリンク →

TeamTNT

Score: 23.49
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1070.002 - Clear Linux or Mac System Logs
  • T1608.001 - Upload Malware
  • T1219 - Remote Access Tools
  • T1036 - Masquerading
  • T1562.004 - Disable or Modify System Firewall
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1102 - Web Service
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Metador

Score: 7.57
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1095 - Non-Application Layer Protocol
MITREへのリンク →

Putter Panda

Score: 3.39
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

OilRig

Score: 42.84
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1556.002 - Password Filter DLL
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1555 - Credentials from Password Stores
  • T1219 - Remote Access Tools
  • T1036 - Masquerading
  • T1562.004 - Disable or Modify System Firewall
  • T1555.003 - Credentials from Web Browsers
  • T1016 - System Network Configuration Discovery
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
  • T1137.004 - Outlook Home Page
  • T1555.004 - Windows Credential Manager
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT32

Score: 29.37
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1589 - Gather Victim Identity Information
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1102 - Web Service
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Moonstone Sleet

Score: 16.74
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1585.002 - Email Accounts
  • T1016 - System Network Configuration Discovery
  • T1486 - Data Encrypted for Impact
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

ZIRCONIUM

Score: 17.65
Matched TTPs:
  • T1584.008 - Network Devices
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1036 - Masquerading
  • T1555.003 - Credentials from Web Browsers
  • T1016 - System Network Configuration Discovery
  • T1583.006 - Web Services
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

Mustard Tempest

Score: 12.76
Matched TTPs:
  • T1583.008 - Malvertising
  • T1566.002 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1189 - Drive-by Compromise
MITREへのリンク →

Daggerfly

Score: 7.19
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
MITREへのリンク →

APT29

Score: 25.38
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1218.005 - Mshta
  • T1021.007 - Cloud Services
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Dragonfly

Score: 30.27
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1598.003 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1598.002 - Spearphishing Attachment
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
  • T1036.010 - Masquerade Account Name
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
MITREへのリンク →

Axiom

Score: 20.19
Matched TTPs:
  • T1583.002 - DNS Server
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1584.005 - Botnet
  • T1566 - Phishing
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

HEXANE

Score: 26.84
Matched TTPs:
  • T1583.002 - DNS Server
  • T1608.001 - Upload Malware
  • T1555 - Credentials from Password Stores
  • T1589 - Gather Victim Identity Information
  • T1555.003 - Credentials from Web Browsers
  • T1585.002 - Email Accounts
  • T1016 - System Network Configuration Discovery
  • T1534 - Internal Spearphishing
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1518 - Software Discovery
MITREへのリンク →

LuminousMoth

Score: 17.00
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1083 - File and Directory Discovery
  • T1608.005 - Link Target
  • T1588.002 - Tool
MITREへのリンク →

Salt Typhoon

Score: 13.41
Matched TTPs:
  • T1587.001 - Malware
  • T1070.002 - Clear Linux or Mac System Logs
  • T1040 - Network Sniffing
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1588.002 - Tool
MITREへのリンク →

Aoqin Dragon

Score: 7.92
Matched TTPs:
  • T1587.001 - Malware
  • T1036 - Masquerading
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

FIN7

Score: 34.70
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1219 - Remote Access Tools
  • T1562.004 - Disable or Modify System Firewall
  • T1674 - Input Injection
  • T1218.005 - Mshta
  • T1608.005 - Link Target
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

Scattered Spider

Score: 54.27
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1598.003 - Spearphishing Link
  • T1070.008 - Clear Mailbox Data
  • T1589 - Gather Victim Identity Information
  • T1598.004 - Spearphishing Voice
  • T1016 - System Network Configuration Discovery
  • T1588.001 - Malware
  • T1083 - File and Directory Discovery
  • T1657 - Financial Theft
  • T1021.007 - Cloud Services
  • T1204 - User Execution
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1656 - Impersonation
  • T1213.003 - Code Repositories
  • T1219.002 - Remote Desktop Software
  • T1538 - Cloud Service Dashboard
MITREへのリンク →

Storm-0501

Score: 17.24
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1021.007 - Cloud Services
  • T1486 - Data Encrypted for Impact
  • T1219.002 - Remote Desktop Software
MITREへのリンク →

BlackTech

Score: 5.26
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Confucius

Score: 8.59
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Machete

Score: 3.21
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1189 - Drive-by Compromise
MITREへのリンク →

Evilnum

Score: 7.04
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1555 - Credentials from Password Stores
  • T1219.002 - Remote Desktop Software
MITREへのリンク →

EXOTIC LILY

Score: 12.25
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1585.002 - Email Accounts
  • T1102 - Web Service
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Molerats

Score: 3.50
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1555.003 - Credentials from Web Browsers
MITREへのリンク →

Windshift

Score: 10.67
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1036 - Masquerading
  • T1189 - Drive-by Compromise
  • T1518 - Software Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Cobalt Group

Score: 10.51
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1219 - Remote Access Tools
  • T1218.003 - CMSTP
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

FIN4

Score: 7.00
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1056.002 - GUI Input Capture
  • T1078 - Valid Accounts
MITREへのリンク →

Patchwork

Score: 11.37
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1555.003 - Credentials from Web Browsers
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

LazyScripter

Score: 14.94
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1588.001 - Malware
  • T1102 - Web Service
  • T1218.005 - Mshta
  • T1583.006 - Web Services
MITREへのリンク →

APT42

Score: 19.77
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1070.008 - Clear Mailbox Data
  • T1555.003 - Credentials from Web Browsers
  • T1585.002 - Email Accounts
  • T1016 - System Network Configuration Discovery
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1656 - Impersonation
MITREへのリンク →

Rocke

Score: 11.75
Matched TTPs:
  • T1070.002 - Clear Linux or Mac System Logs
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1102 - Web Service
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Silent Librarian

Score: 10.86
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1585.002 - Email Accounts
  • T1608.005 - Link Target
  • T1588.002 - Tool
  • T1078 - Valid Accounts
MITREへのリンク →

CURIUM

Score: 15.69
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1585.002 - Email Accounts
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Velvet Ant

Score: 11.40
Matched TTPs:
  • T1040 - Network Sniffing
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1090.001 - Internal Proxy
MITREへのリンク →

DarkVishnya

Score: 6.48
Matched TTPs:
  • T1040 - Network Sniffing
  • T1219 - Remote Access Tools
  • T1588.002 - Tool
MITREへのリンク →

Strider

Score: 7.06
Matched TTPs:
  • T1556.002 - Password Filter DLL
  • T1090.001 - Internal Proxy
MITREへのリンク →

Gamaredon Group

Score: 36.47
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1020 - Automated Exfiltration
  • T1083 - File and Directory Discovery
  • T1102 - Web Service
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1102.003 - One-Way Communication
  • T1534 - Internal Spearphishing
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1001 - Data Obfuscation
  • T1039 - Data from Network Shared Drive
  • T1102.002 - Bidirectional Communication
  • T1095 - Non-Application Layer Protocol
MITREへのリンク →

SideCopy

Score: 12.15
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1218.005 - Mshta
  • T1598.002 - Spearphishing Attachment
  • T1518 - Software Discovery
MITREへのリンク →

BlackByte

Score: 19.54
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1219 - Remote Access Tools
  • T1562.004 - Disable or Modify System Firewall
  • T1016 - System Network Configuration Discovery
  • T1134.003 - Make and Impersonate Token
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

BackdoorDiplomacy

Score: 7.44
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1095 - Non-Application Layer Protocol
MITREへのリンク →

GOLD SOUTHFIELD

Score: 7.35
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1219 - Remote Access Tools
  • T1566 - Phishing
MITREへのリンク →

Medusa Group

Score: 34.70
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1219 - Remote Access Tools
  • T1608.002 - Upload Tool
  • T1562.004 - Disable or Modify System Firewall
  • T1585.002 - Email Accounts
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1650 - Acquire Access
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Cinnamon Tempest

Score: 6.27
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1078 - Valid Accounts
MITREへのリンク →

Winter Vivern

Score: 18.17
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1056.003 - Web Portal Capture
  • T1020 - Automated Exfiltration
  • T1083 - File and Directory Discovery
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
MITREへのリンク →

Volatile Cedar

Score: 5.60
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1595.003 - Wordlist Scanning
MITREへのリンク →

Leafminer

Score: 8.63
Matched TTPs:
  • T1555 - Credentials from Password Stores
  • T1555.003 - Credentials from Web Browsers
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1189 - Drive-by Compromise
MITREへのリンク →

Stealth Falcon

Score: 9.81
Matched TTPs:
  • T1555 - Credentials from Password Stores
  • T1555.003 - Credentials from Web Browsers
  • T1016 - System Network Configuration Discovery
  • T1555.004 - Windows Credential Manager
MITREへのリンク →

FIN6

Score: 20.35
Matched TTPs:
  • T1555 - Credentials from Password Stores
  • T1555.003 - Credentials from Web Browsers
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1095 - Non-Application Layer Protocol
  • T1134 - Access Token Manipulation
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Carbanak

Score: 9.60
Matched TTPs:
  • T1219 - Remote Access Tools
  • T1562.004 - Disable or Modify System Firewall
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

TA551

Score: 4.53
Matched TTPs:
  • T1036 - Masquerading
  • T1218.005 - Mshta
MITREへのリンク →

PLATINUM

Score: 6.62
Matched TTPs:
  • T1036 - Masquerading
  • T1095 - Non-Application Layer Protocol
  • T1189 - Drive-by Compromise
MITREへのリンク →

MoustachedBouncer

Score: 4.54
Matched TTPs:
  • T1659 - Content Injection
MITREへのリンク →

LAPSUS$

Score: 28.30
Matched TTPs:
  • T1589 - Gather Victim Identity Information
  • T1555.003 - Credentials from Web Browsers
  • T1598.004 - Spearphishing Voice
  • T1588.001 - Malware
  • T1204 - User Execution
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1589.001 - Credentials
  • T1656 - Impersonation
  • T1213.003 - Code Repositories
MITREへのリンク →

APT38

Score: 16.35
Matched TTPs:
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1189 - Drive-by Compromise
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

APT37

Score: 11.33
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Ajax Security Team

Score: 4.58
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

admin@338

Score: 4.26
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Deep Panda

Score: 3.29
Matched TTPs:
  • T1546.008 - Accessibility Features
MITREへのリンク →

Andariel

Score: 9.56
Matched TTPs:
  • T1588.001 - Malware
  • T1592.002 - Software
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Windigo

Score: 5.81
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1189 - Drive-by Compromise
  • T1518 - Software Discovery
MITREへのリンク →

AppleJeus

Score: 5.81
Matched TTPs:
  • T1657 - Financial Theft
  • T1566 - Phishing
MITREへのリンク →

Water Galura

Score: 4.86
Matched TTPs:
  • T1657 - Financial Theft
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

POLONIUM

Score: 6.68
Matched TTPs:
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

Thrip

Score: 3.78
Matched TTPs:
  • T1588.002 - Tool
  • T1219.002 - Remote Desktop Software
MITREへのリンク →

APT12

Score: 3.89
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

RTM

Score: 4.69
Matched TTPs:
  • T1219.002 - Remote Desktop Software
  • T1189 - Drive-by Compromise
MITREへのリンク →

Equation

Score: 4.13
Matched TTPs:
  • T1480.001 - Environmental Keying
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Sandworm Team

Score: 0.70
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1499 - Endpoint Denial of Service
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1102.002 - Bidirectional Communication
  • T1592.002 - Software
  • T1195 - Supply Chain Compromise
  • T1040 - Network Sniffing
  • T1555.003 - Credentials from Web Browsers
  • T1566.002 - Spearphishing Link
  • T1583 - Acquire Infrastructure
  • T1584.004 - Server
  • T1203 - Exploitation for Client Execution
  • T1584.005 - Botnet
  • T1598.003 - Spearphishing Link
  • T1491.002 - External Defacement
  • T1036 - Masquerading
  • T1083 - File and Directory Discovery
  • T1587.001 - Malware
  • T1585.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1219 - Remote Access Tools
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Kimsuky

Score: 0.68
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1656 - Impersonation
  • T1588.002 - Tool
  • T1219.002 - Remote Desktop Software
  • T1562.001 - Disable or Modify Tools
  • T1102.002 - Bidirectional Communication
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1040 - Network Sniffing
  • T1566 - Phishing
  • T1534 - Internal Spearphishing
  • T1555.003 - Credentials from Web Browsers
  • T1566.002 - Spearphishing Link
  • T1583 - Acquire Infrastructure
  • T1588.005 - Exploits
  • T1016 - System Network Configuration Discovery
  • T1657 - Financial Theft
  • T1598.003 - Spearphishing Link
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1587.001 - Malware
  • T1560.001 - Archive via Utility
  • T1585.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
MITREへのリンク →

Scattered Spider

Score: 0.66
Matched TTPs:
  • T1656 - Impersonation
  • T1588.002 - Tool
  • T1589 - Gather Victim Identity Information
  • T1219.002 - Remote Desktop Software
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1538 - Cloud Service Dashboard
  • T1598.004 - Spearphishing Voice
  • T1016 - System Network Configuration Discovery
  • T1657 - Financial Theft
  • T1598.003 - Spearphishing Link
  • T1484.002 - Trust Modification
  • T1213.003 - Code Repositories
  • T1083 - File and Directory Discovery
  • T1204 - User Execution
  • T1588.001 - Malware
  • T1486 - Data Encrypted for Impact
  • T1021.007 - Cloud Services
  • T1070.008 - Clear Mailbox Data
MITREへのリンク →

Contagious Interview

Score: 0.57
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1656 - Impersonation
  • T1083 - File and Directory Discovery
  • T1587.001 - Malware
  • T1588.002 - Tool
  • T1657 - Financial Theft
  • T1589 - Gather Victim Identity Information
  • T1219.002 - Remote Desktop Software
  • T1585.002 - Email Accounts
  • T1562.001 - Disable or Modify Tools
  • T1566.003 - Spearphishing via Service
  • T1583.006 - Web Services
  • T1204.004 - Malicious Copy and Paste
  • T1583 - Acquire Infrastructure
  • T1027.013 - Encrypted/Encoded File
  • T1588.007 - Artificial Intelligence
  • T1036 - Masquerading
  • T1681 - Search Threat Vendor Data
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る