Trusted Design

ClickFix in action: how fake captcha can encrypt an entire company

概要

The report details a malware attack on a large Polish organization involving fake CAPTCHA techniques. It describes the initial infection vector, where users were tricked into running malicious code through a Windows+R shortcut. The analysis covers two main malware families: Latrodectus (version 2.3) and Supper. The report provides technical details on the malware's functionality, communication protocols, and persistence mechanisms. It also includes indicators of compromise, such as C2 server IP addresses and file hashes. The authors emphasize the importance of employee education and monitoring for unusual events to mitigate such threats.

Created: 2026-03-21

Indicators

類似Pulses

類似するPulseは見つかりませんでした。

このPulseに関連する脅威アクター (事実ベース)

Mustang Panda

Score: 27.48
Matched TTPs:
  • T1557 - Adversary-in-the-Middle
  • T1560.003 - Archive via Custom Method
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1608 - Stage Capabilities
  • T1203 - Exploitation for Client Execution
  • T1219.002 - Remote Desktop Software
  • T1204.001 - Malicious Link
MITREへのリンク →

Kimsuky

Score: 45.45
Matched TTPs:
  • T1557 - Adversary-in-the-Middle
  • T1560.003 - Archive via Custom Method
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1007 - System Service Discovery
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1555.003 - Credentials from Web Browsers
  • T1589.002 - Email Addresses
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
  • T1218.005 - Mshta
  • T1071.002 - File Transfer Protocols
  • T1562.001 - Disable or Modify Tools
  • T1218.010 - Regsvr32
  • T1102.002 - Bidirectional Communication
  • T1219.002 - Remote Desktop Software
  • T1204.001 - Malicious Link
MITREへのリンク →

Sea Turtle

Score: 20.08
Matched TTPs:
  • T1557 - Adversary-in-the-Middle
  • T1583.002 - DNS Server
  • T1114.001 - Local Email Collection
  • T1213.006 - Databases
  • T1190 - Exploit Public-Facing Application
  • T1583.003 - Virtual Private Server
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Contagious Interview

Score: 28.17
Matched TTPs:
  • T1588.007 - Artificial Intelligence
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1589 - Gather Victim Identity Information
  • T1583.003 - Virtual Private Server
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1219.002 - Remote Desktop Software
  • T1204.004 - Malicious Copy and Paste
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN6

Score: 14.47
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1213.006 - Databases
  • T1555.003 - Credentials from Web Browsers
  • T1562.001 - Disable or Modify Tools
  • T1134 - Access Token Manipulation
MITREへのリンク →

CopyKittens

Score: 3.15
Matched TTPs:
  • T1560.003 - Archive via Custom Method
MITREへのリンク →

UNC3886

Score: 20.08
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1587.004 - Exploits
  • T1203 - Exploitation for Client Execution
  • T1124 - System Time Discovery
MITREへのリンク →

Lotus Blossom

Score: 8.30
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1083 - File and Directory Discovery
  • T1134 - Access Token Manipulation
MITREへのリンク →

Lazarus Group

Score: 28.62
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1587.001 - Malware
  • T1562.004 - Disable or Modify System Firewall
  • T1110.003 - Password Spraying
  • T1589.002 - Email Addresses
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1491.001 - Internal Defacement
  • T1562.001 - Disable or Modify Tools
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1124 - System Time Discovery
MITREへのリンク →

Daggerfly

Score: 3.95
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1204.001 - Malicious Link
MITREへのリンク →

GALLIUM

Score: 4.06
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
MITREへのリンク →

APT29

Score: 25.54
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1110.003 - Password Spraying
  • T1546.008 - Accessibility Features
  • T1649 - Steal or Forge Authentication Certificates
  • T1218.005 - Mshta
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN13

Score: 19.23
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1589 - Gather Victim Identity Information
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
  • T1134.003 - Make and Impersonate Token
MITREへのリンク →

Dragonfly

Score: 25.55
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1598.003 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1583.003 - Virtual Private Server
  • T1083 - File and Directory Discovery
  • T1598.002 - Spearphishing Attachment
  • T1071.002 - File Transfer Protocols
  • T1187 - Forced Authentication
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Ke3chang

Score: 13.82
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1583.005 - Botnet
  • T1007 - System Service Discovery
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
MITREへのリンク →

Agrius

Score: 10.79
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1110.003 - Password Spraying
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

APT41

Score: 26.13
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1555.003 - Credentials from Web Browsers
  • T1546.008 - Accessibility Features
  • T1083 - File and Directory Discovery
  • T1071.002 - File Transfer Protocols
  • T1486 - Data Encrypted for Impact
  • T1203 - Exploitation for Client Execution
  • T1213.003 - Code Repositories
  • T1596.005 - Scan Databases
MITREへのリンク →

APT5

Score: 9.21
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
MITREへのリンク →

menuPass

Score: 7.55
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1083 - File and Directory Discovery
MITREへのリンク →

Threat Group-3390

Score: 7.53
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Wizard Spider

Score: 10.29
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1518.002 - Backup Software Discovery
  • T1562.001 - Disable or Modify Tools
  • T1204.001 - Malicious Link
MITREへのリンク →

Ember Bear

Score: 21.46
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1110.003 - Password Spraying
  • T1583.003 - Virtual Private Server
  • T1552.001 - Credentials In Files
  • T1562.001 - Disable or Modify Tools
  • T1203 - Exploitation for Client Execution
  • T1595.001 - Scanning IP Blocks
MITREへのリンク →

Axiom

Score: 12.62
Matched TTPs:
  • T1583.002 - DNS Server
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1583.003 - Virtual Private Server
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

HEXANE

Score: 18.47
Matched TTPs:
  • T1583.002 - DNS Server
  • T1608.001 - Upload Malware
  • T1589 - Gather Victim Identity Information
  • T1555.003 - Credentials from Web Browsers
  • T1110.003 - Password Spraying
  • T1589.002 - Email Addresses
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

RedCurl

Score: 12.62
Matched TTPs:
  • T1114.001 - Local Email Collection
  • T1587.001 - Malware
  • T1555.003 - Credentials from Web Browsers
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
  • T1204.001 - Malicious Link
MITREへのリンク →

APT1

Score: 5.81
Matched TTPs:
  • T1114.001 - Local Email Collection
  • T1007 - System Service Discovery
MITREへのリンク →

Chimera

Score: 21.52
Matched TTPs:
  • T1114.001 - Local Email Collection
  • T1007 - System Service Discovery
  • T1110.003 - Password Spraying
  • T1083 - File and Directory Discovery
  • T1110.004 - Credential Stuffing
  • T1556.001 - Domain Controller Authentication
  • T1124 - System Time Discovery
MITREへのリンク →

Magic Hound

Score: 27.82
Matched TTPs:
  • T1114.001 - Local Email Collection
  • T1598.003 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1589 - Gather Victim Identity Information
  • T1562.004 - Disable or Modify System Firewall
  • T1589.002 - Email Addresses
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1573 - Encrypted Channel
  • T1102.002 - Bidirectional Communication
  • T1204.001 - Malicious Link
MITREへのリンク →

Winter Vivern

Score: 20.28
Matched TTPs:
  • T1114.001 - Local Email Collection
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1056.003 - Web Portal Capture
  • T1583.003 - Virtual Private Server
  • T1083 - File and Directory Discovery
  • T1584.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

Moonstone Sleet

Score: 13.91
Matched TTPs:
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1589.002 - Email Addresses
  • T1583.003 - Virtual Private Server
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Indrik Spider

Score: 11.28
Matched TTPs:
  • T1587.001 - Malware
  • T1007 - System Service Discovery
  • T1552.001 - Credentials In Files
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

OilRig

Score: 27.22
Matched TTPs:
  • T1587.001 - Malware
  • T1007 - System Service Discovery
  • T1556.002 - Password Filter DLL
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1562.004 - Disable or Modify System Firewall
  • T1555.003 - Credentials from Web Browsers
  • T1552.001 - Credentials In Files
  • T1203 - Exploitation for Client Execution
  • T1137.004 - Outlook Home Page
  • T1204.001 - Malicious Link
MITREへのリンク →

LuminousMoth

Score: 10.57
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1083 - File and Directory Discovery
  • T1608.005 - Link Target
  • T1204.001 - Malicious Link
MITREへのリンク →

Sandworm Team

Score: 31.81
Matched TTPs:
  • T1587.001 - Malware
  • T1213.006 - Databases
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1555.003 - Credentials from Web Browsers
  • T1589.002 - Email Addresses
  • T1083 - File and Directory Discovery
  • T1486 - Data Encrypted for Impact
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1499 - Endpoint Denial of Service
  • T1204.001 - Malicious Link
MITREへのリンク →

Salt Typhoon

Score: 10.44
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1602.002 - Network Device Configuration Dump
  • T1562.004 - Disable or Modify System Firewall
MITREへのリンク →

Play

Score: 6.66
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Aoqin Dragon

Score: 7.07
Matched TTPs:
  • T1587.001 - Malware
  • T1036 - Masquerading
  • T1083 - File and Directory Discovery
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Moses Staff

Score: 5.91
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
MITREへのリンク →

Turla

Score: 25.44
Matched TTPs:
  • T1587.001 - Malware
  • T1213.006 - Databases
  • T1007 - System Service Discovery
  • T1584.003 - Virtual Private Server
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1584.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1204.001 - Malicious Link
  • T1124 - System Time Discovery
MITREへのリンク →

TeamTNT

Score: 20.87
Matched TTPs:
  • T1587.001 - Malware
  • T1007 - System Service Discovery
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
  • T1562.001 - Disable or Modify Tools
  • T1595.001 - Scanning IP Blocks
MITREへのリンク →

FIN7

Score: 27.29
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1674 - Input Injection
  • T1218.005 - Mshta
  • T1608.005 - Link Target
  • T1486 - Data Encrypted for Impact
  • T1102.002 - Bidirectional Communication
  • T1204.001 - Malicious Link
  • T1124 - System Time Discovery
MITREへのリンク →

Medusa Group

Score: 13.79
Matched TTPs:
  • T1652 - Device Driver Discovery
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Scattered Spider

Score: 32.52
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1598.003 - Spearphishing Link
  • T1589 - Gather Victim Identity Information
  • T1598.004 - Spearphishing Voice
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
  • T1204 - User Execution
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1213.003 - Code Repositories
  • T1219.002 - Remote Desktop Software
MITREへのリンク →

Storm-0501

Score: 13.62
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1190 - Exploit Public-Facing Application
  • T1486 - Data Encrypted for Impact
  • T1218.010 - Regsvr32
  • T1219.002 - Remote Desktop Software
MITREへのリンク →

Sidewinder

Score: 15.17
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1598.002 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
  • T1124 - System Time Discovery
MITREへのリンク →

Silent Librarian

Score: 11.57
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1110.003 - Password Spraying
  • T1589.002 - Email Addresses
  • T1608.005 - Link Target
MITREへのリンク →

ZIRCONIUM

Score: 13.05
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1036 - Masquerading
  • T1555.003 - Credentials from Web Browsers
  • T1102.002 - Bidirectional Communication
  • T1204.001 - Malicious Link
  • T1124 - System Time Discovery
MITREへのリンク →

APT32

Score: 21.31
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1589 - Gather Victim Identity Information
  • T1589.002 - Email Addresses
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

APT28

Score: 17.93
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1110.003 - Password Spraying
  • T1583.003 - Virtual Private Server
  • T1083 - File and Directory Discovery
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Star Blizzard

Score: 10.98
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1589 - Gather Victim Identity Information
  • T1598.002 - Spearphishing Attachment
MITREへのリンク →

CURIUM

Score: 11.20
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1583.003 - Virtual Private Server
  • T1584.006 - Web Services
  • T1124 - System Time Discovery
MITREへのリンク →

Patchwork

Score: 8.66
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1555.003 - Credentials from Web Browsers
  • T1083 - File and Directory Discovery
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

HAFNIUM

Score: 14.41
Matched TTPs:
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1110.003 - Password Spraying
  • T1589.002 - Email Addresses
  • T1583.003 - Virtual Private Server
  • T1083 - File and Directory Discovery
MITREへのリンク →

BRONZE BUTLER

Score: 11.89
Matched TTPs:
  • T1007 - System Service Discovery
  • T1036 - Masquerading
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1203 - Exploitation for Client Execution
  • T1124 - System Time Discovery
MITREへのリンク →

Aquatic Panda

Score: 4.32
Matched TTPs:
  • T1007 - System Service Discovery
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Earth Lusca

Score: 13.29
Matched TTPs:
  • T1007 - System Service Discovery
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1218.005 - Mshta
  • T1584.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

Volt Typhoon

Score: 27.50
Matched TTPs:
  • T1007 - System Service Discovery
  • T1584.003 - Virtual Private Server
  • T1190 - Exploit Public-Facing Application
  • T1589 - Gather Victim Identity Information
  • T1555.003 - Credentials from Web Browsers
  • T1589.002 - Email Addresses
  • T1083 - File and Directory Discovery
  • T1587.004 - Exploits
  • T1596.005 - Scan Databases
  • T1124 - System Time Discovery
MITREへのリンク →

admin@338

Score: 5.32
Matched TTPs:
  • T1007 - System Service Discovery
  • T1083 - File and Directory Discovery
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Strider

Score: 4.13
Matched TTPs:
  • T1556.002 - Password Filter DLL
MITREへのリンク →

TA2541

Score: 7.47
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1218.005 - Mshta
  • T1562.001 - Disable or Modify Tools
  • T1204.001 - Malicious Link
MITREへのリンク →

Mustard Tempest

Score: 3.33
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1204.001 - Malicious Link
MITREへのリンク →

LazyScripter

Score: 7.86
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1218.005 - Mshta
  • T1204.001 - Malicious Link
MITREへのリンク →

Gamaredon Group

Score: 26.21
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.003 - Virtual Private Server
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1491.001 - Internal Defacement
  • T1102.003 - One-Way Communication
  • T1562.001 - Disable or Modify Tools
  • T1001 - Data Obfuscation
  • T1102.002 - Bidirectional Communication
  • T1204.001 - Malicious Link
MITREへのリンク →

SideCopy

Score: 7.94
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1218.005 - Mshta
  • T1598.002 - Spearphishing Attachment
MITREへのリンク →

TA505

Score: 12.05
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1555.003 - Credentials from Web Browsers
  • T1552.001 - Credentials In Files
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1204.001 - Malicious Link
MITREへのリンク →

BlackByte

Score: 20.42
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1583.003 - Virtual Private Server
  • T1491.001 - Internal Defacement
  • T1134.003 - Make and Impersonate Token
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

BITTER

Score: 7.09
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Saint Bear

Score: 9.15
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1589.002 - Email Addresses
  • T1562.001 - Disable or Modify Tools
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

EXOTIC LILY

Score: 7.35
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1589.002 - Email Addresses
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

APT42

Score: 6.55
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1555.003 - Credentials from Web Browsers
  • T1583.003 - Virtual Private Server
MITREへのリンク →

Rocke

Score: 5.61
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

BlackTech

Score: 4.32
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Fox Kitten

Score: 8.58
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
MITREへのリンク →

ToddyCat

Score: 5.11
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
MITREへのリンク →

Blue Mockingbird

Score: 8.06
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1218.010 - Regsvr32
  • T1134 - Access Token Manipulation
MITREへのリンク →

Leviathan

Score: 15.05
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1102.003 - One-Way Communication
  • T1218.010 - Regsvr32
  • T1587.004 - Exploits
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

INC Ransom

Score: 5.61
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

MuddyWater

Score: 16.73
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1555.003 - Credentials from Web Browsers
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
  • T1218.005 - Mshta
  • T1562.001 - Disable or Modify Tools
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

APT39

Score: 6.53
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1102.002 - Bidirectional Communication
  • T1204.001 - Malicious Link
MITREへのリンク →

Akira

Score: 8.68
Matched TTPs:
  • T1558 - Steal or Forge Kerberos Tickets
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Windshift

Score: 3.55
Matched TTPs:
  • T1036 - Masquerading
  • T1204.001 - Malicious Link
MITREへのリンク →

Storm-1811

Score: 11.99
Matched TTPs:
  • T1036 - Masquerading
  • T1486 - Data Encrypted for Impact
  • T1566.004 - Spearphishing Voice
  • T1219.002 - Remote Desktop Software
MITREへのリンク →

TA551

Score: 9.80
Matched TTPs:
  • T1036 - Masquerading
  • T1589.002 - Email Addresses
  • T1218.005 - Mshta
  • T1218.010 - Regsvr32
MITREへのリンク →

PLATINUM

Score: 6.72
Matched TTPs:
  • T1036 - Masquerading
  • T1056.004 - Credential API Hooking
MITREへのリンク →

LAPSUS$

Score: 22.14
Matched TTPs:
  • T1589 - Gather Victim Identity Information
  • T1555.003 - Credentials from Web Browsers
  • T1589.002 - Email Addresses
  • T1598.004 - Spearphishing Voice
  • T1583.003 - Virtual Private Server
  • T1204 - User Execution
  • T1213.003 - Code Repositories
MITREへのリンク →

Carbanak

Score: 4.74
Matched TTPs:
  • T1562.004 - Disable or Modify System Firewall
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

APT38

Score: 11.48
Matched TTPs:
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1204.001 - Malicious Link
MITREへのリンク →

Velvet Ant

Score: 5.44
Matched TTPs:
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

APT3

Score: 12.01
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1546.008 - Accessibility Features
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

APT33

Score: 10.18
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1110.003 - Password Spraying
  • T1552.001 - Credentials In Files
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Leafminer

Score: 8.62
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1110.003 - Password Spraying
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
MITREへのリンク →

APT37

Score: 5.94
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Molerats

Score: 3.41
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1204.001 - Malicious Link
MITREへのリンク →

Inception

Score: 9.93
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Deep Panda

Score: 6.03
Matched TTPs:
  • T1546.008 - Accessibility Features
  • T1218.010 - Regsvr32
MITREへのリンク →

Tropic Trooper

Score: 6.41
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Darkhotel

Score: 5.38
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1203 - Exploitation for Client Execution
  • T1124 - System Time Discovery
MITREへのリンク →

Confucius

Score: 6.49
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

SilverTerrier

Score: 3.62
Matched TTPs:
  • T1071.002 - File Transfer Protocols
MITREへのリンク →

DarkHydrus

Score: 4.13
Matched TTPs:
  • T1187 - Forced Authentication
MITREへのリンク →

FIN8

Score: 3.70
Matched TTPs:
  • T1486 - Data Encrypted for Impact
  • T1204.001 - Malicious Link
MITREへのリンク →

Cobalt Group

Score: 5.60
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

APT12

Score: 3.89
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

The White Company

Score: 4.09
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1124 - System Time Discovery
MITREへのリンク →

Higaisa

Score: 4.09
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1124 - System Time Discovery
MITREへのリンク →

Evilnum

Score: 4.29
Matched TTPs:
  • T1219.002 - Remote Desktop Software
  • T1204.001 - Malicious Link
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.70
Matched TTPs:
  • T1562.001 - Disable or Modify Tools
  • T1552.001 - Credentials In Files
  • T1587.001 - Malware
  • T1102.002 - Bidirectional Communication
  • T1071.002 - File Transfer Protocols
  • T1218.005 - Mshta
  • T1218.010 - Regsvr32
  • T1589.002 - Email Addresses
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1608.001 - Upload Malware
  • T1219.002 - Remote Desktop Software
  • T1204.001 - Malicious Link
  • T1557 - Adversary-in-the-Middle
  • T1598.003 - Spearphishing Link
  • T1007 - System Service Discovery
  • T1555.003 - Credentials from Web Browsers
  • T1560.003 - Archive via Custom Method
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る