Trusted Design

Henry IV, Hotspur, Hal, and hallucinations

概要

This article draws parallels between Shakespeare's Henry IV and modern cybersecurity challenges, particularly focusing on the adoption of AI. It emphasizes the importance of taking calculated risks, learning from failures, and surrounding oneself with knowledgeable peers. The piece also highlights a new campaign by UAT-10027 using the 'Dohdoor' backdoor, which leverages DNS-over-HTTPS for stealthy communications and targets education and healthcare sectors in the US. The author encourages security teams to stay vigilant, update detection tools, and monitor for unusual activities to combat sophisticated threats.

Created: 2026-02-27

Indicators

類似Pulses

類似するPulseは見つかりませんでした。

このPulseに関連する脅威アクター (事実ベース)

APT28

Score: 25.39
Matched TTPs:
  • T1110.001 - Password Guessing
  • T1542.003 - Bootkit
  • T1598.003 - Spearphishing Link
  • T1583.003 - Virtual Private Server
  • T1083 - File and Directory Discovery
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1078 - Valid Accounts
  • T1068 - Exploitation for Privilege Escalation
  • T1059.003 - Windows Command Shell
  • T1204.001 - Malicious Link
MITREへのリンク →

APT29

Score: 33.99
Matched TTPs:
  • T1110.001 - Password Guessing
  • T1003.002 - Security Account Manager
  • T1546.008 - Accessibility Features
  • T1550.003 - Pass the Ticket
  • T1218.005 - Mshta
  • T1021.007 - Cloud Services
  • T1583.006 - Web Services
  • T1078 - Valid Accounts
  • T1068 - Exploitation for Privilege Escalation
  • T1027.006 - HTML Smuggling
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

LAPSUS$

Score: 39.05
Matched TTPs:
  • T1597.002 - Purchase Technical Data
  • T1589 - Gather Victim Identity Information
  • T1598.004 - Spearphishing Voice
  • T1090 - Proxy
  • T1583.003 - Virtual Private Server
  • T1078 - Valid Accounts
  • T1068 - Exploitation for Privilege Escalation
  • T1584.002 - DNS Server
  • T1591.004 - Identify Roles
  • T1213.003 - Code Repositories
  • T1111 - Multi-Factor Authentication Interception
  • T1213.005 - Messaging Applications
MITREへのリンク →

Contagious Interview

Score: 31.22
Matched TTPs:
  • T1588.007 - Artificial Intelligence
  • T1608.001 - Upload Malware
  • T1589 - Gather Victim Identity Information
  • T1681 - Search Threat Vendor Data
  • T1090 - Proxy
  • T1583.003 - Virtual Private Server
  • T1083 - File and Directory Discovery
  • T1583.006 - Web Services
  • T1059.004 - Unix Shell
  • T1562.001 - Disable or Modify Tools
  • T1059.003 - Windows Command Shell
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Daggerfly

Score: 3.95
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1204.001 - Malicious Link
MITREへのリンク →

GALLIUM

Score: 4.97
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1078 - Valid Accounts
  • T1059.003 - Windows Command Shell
MITREへのリンク →

FIN13

Score: 10.30
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1589 - Gather Victim Identity Information
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Dragonfly

Score: 20.84
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1598.003 - Spearphishing Link
  • T1562.004 - Disable or Modify System Firewall
  • T1583.003 - Virtual Private Server
  • T1083 - File and Directory Discovery
  • T1598.002 - Spearphishing Attachment
  • T1071.002 - File Transfer Protocols
  • T1078 - Valid Accounts
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Ke3chang

Score: 10.12
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1583.005 - Botnet
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Agrius

Score: 5.34
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1562.001 - Disable or Modify Tools
  • T1059.003 - Windows Command Shell
MITREへのリンク →

APT41

Score: 40.78
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1542.003 - Bootkit
  • T1546.008 - Accessibility Features
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1071.002 - File Transfer Protocols
  • T1059.004 - Unix Shell
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1595.003 - Wordlist Scanning
  • T1213.003 - Code Repositories
  • T1059.003 - Windows Command Shell
  • T1596.005 - Scan Databases
  • T1480.001 - Environmental Keying
MITREへのリンク →

APT5

Score: 8.69
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1583.005 - Botnet
  • T1083 - File and Directory Discovery
  • T1059.003 - Windows Command Shell
MITREへのリンク →

menuPass

Score: 6.27
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Threat Group-3390

Score: 9.04
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1608.001 - Upload Malware
  • T1078 - Valid Accounts
  • T1068 - Exploitation for Privilege Escalation
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Wizard Spider

Score: 12.67
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1518.002 - Backup Software Discovery
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1059.003 - Windows Command Shell
  • T1204.001 - Malicious Link
MITREへのリンク →

Ember Bear

Score: 9.44
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1583.003 - Virtual Private Server
  • T1552.001 - Credentials In Files
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Sea Turtle

Score: 14.76
Matched TTPs:
  • T1583.002 - DNS Server
  • T1583.003 - Virtual Private Server
  • T1059.004 - Unix Shell
  • T1078 - Valid Accounts
  • T1584.002 - DNS Server
MITREへのリンク →

Axiom

Score: 14.70
Matched TTPs:
  • T1583.002 - DNS Server
  • T1546.008 - Accessibility Features
  • T1583.003 - Virtual Private Server
  • T1584.005 - Botnet
  • T1078 - Valid Accounts
MITREへのリンク →

HEXANE

Score: 18.74
Matched TTPs:
  • T1583.002 - DNS Server
  • T1608.001 - Upload Malware
  • T1589 - Gather Victim Identity Information
  • T1534 - Internal Spearphishing
  • T1591.004 - Identify Roles
  • T1518 - Software Discovery
MITREへのリンク →

Lazarus Group

Score: 21.82
Matched TTPs:
  • T1542.003 - Bootkit
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1059.003 - Windows Command Shell
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Medusa Group

Score: 16.71
Matched TTPs:
  • T1652 - Device Driver Discovery
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1583.006 - Web Services
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Scattered Spider

Score: 41.84
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1598.003 - Spearphishing Link
  • T1589 - Gather Victim Identity Information
  • T1598.004 - Spearphishing Voice
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
  • T1021.007 - Cloud Services
  • T1059.004 - Unix Shell
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1068 - Exploitation for Privilege Escalation
  • T1486 - Data Encrypted for Impact
  • T1213.003 - Code Repositories
  • T1213.005 - Messaging Applications
MITREへのリンク →

Storm-0501

Score: 13.06
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1021.007 - Cloud Services
  • T1486 - Data Encrypted for Impact
  • T1218.010 - Regsvr32
MITREへのリンク →

Sidewinder

Score: 13.83
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1598.002 - Spearphishing Attachment
  • T1518 - Software Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

Mustang Panda

Score: 15.14
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1059.003 - Windows Command Shell
  • T1518 - Software Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

Sandworm Team

Score: 25.20
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1584.005 - Botnet
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1592.002 - Software
  • T1499 - Endpoint Denial of Service
  • T1204.001 - Malicious Link
MITREへのリンク →

Silent Librarian

Score: 7.73
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.005 - Link Target
  • T1078 - Valid Accounts
MITREへのリンク →

ZIRCONIUM

Score: 8.88
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1583.006 - Web Services
  • T1068 - Exploitation for Privilege Escalation
  • T1059.003 - Windows Command Shell
  • T1204.001 - Malicious Link
MITREへのリンク →

APT32

Score: 24.01
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1589 - Gather Victim Identity Information
  • T1550.003 - Pass the Ticket
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1068 - Exploitation for Privilege Escalation
  • T1218.010 - Regsvr32
  • T1059.003 - Windows Command Shell
  • T1204.001 - Malicious Link
MITREへのリンク →

Kimsuky

Score: 35.96
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1071.002 - File Transfer Protocols
  • T1534 - Internal Spearphishing
  • T1562.001 - Disable or Modify Tools
  • T1218.010 - Regsvr32
  • T1059.003 - Windows Command Shell
  • T1111 - Multi-Factor Authentication Interception
  • T1204.001 - Malicious Link
MITREへのリンク →

Magic Hound

Score: 26.20
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1589 - Gather Victim Identity Information
  • T1562.004 - Disable or Modify System Firewall
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1583.006 - Web Services
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1592.002 - Software
  • T1059.003 - Windows Command Shell
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Star Blizzard

Score: 12.41
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1589 - Gather Victim Identity Information
  • T1598.002 - Spearphishing Attachment
  • T1078 - Valid Accounts
MITREへのリンク →

Moonstone Sleet

Score: 15.10
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.003 - Virtual Private Server
  • T1591 - Gather Victim Org Information
  • T1486 - Data Encrypted for Impact
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

CURIUM

Score: 11.13
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1583.003 - Virtual Private Server
  • T1584.006 - Web Services
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Patchwork

Score: 6.07
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1083 - File and Directory Discovery
  • T1059.003 - Windows Command Shell
  • T1204.001 - Malicious Link
MITREへのリンク →

HAFNIUM

Score: 16.35
Matched TTPs:
  • T1583.005 - Botnet
  • T1583.003 - Virtual Private Server
  • T1083 - File and Directory Discovery
  • T1584.005 - Botnet
  • T1583.006 - Web Services
  • T1068 - Exploitation for Privilege Escalation
  • T1059.003 - Windows Command Shell
MITREへのリンク →

TA2541

Score: 9.48
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1562.001 - Disable or Modify Tools
  • T1204.001 - Malicious Link
MITREへのリンク →

Earth Lusca

Score: 13.65
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1090 - Proxy
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1584.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

LuminousMoth

Score: 8.48
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1083 - File and Directory Discovery
  • T1608.005 - Link Target
  • T1204.001 - Malicious Link
MITREへのリンク →

Mustard Tempest

Score: 3.33
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1204.001 - Malicious Link
MITREへのリンク →

OilRig

Score: 15.19
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1562.004 - Disable or Modify System Firewall
  • T1552.001 - Credentials In Files
  • T1078 - Valid Accounts
  • T1068 - Exploitation for Privilege Escalation
  • T1059.003 - Windows Command Shell
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

TeamTNT

Score: 13.72
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
  • T1059.004 - Unix Shell
  • T1562.001 - Disable or Modify Tools
  • T1059.003 - Windows Command Shell
MITREへのリンク →

LazyScripter

Score: 8.64
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1059.003 - Windows Command Shell
  • T1204.001 - Malicious Link
MITREへのリンク →

Gamaredon Group

Score: 20.22
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1090 - Proxy
  • T1583.003 - Virtual Private Server
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1534 - Internal Spearphishing
  • T1562.001 - Disable or Modify Tools
  • T1059.003 - Windows Command Shell
  • T1204.001 - Malicious Link
MITREへのリンク →

SideCopy

Score: 10.68
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1218.005 - Mshta
  • T1598.002 - Spearphishing Attachment
  • T1518 - Software Discovery
MITREへのリンク →

TA505

Score: 10.95
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1552.001 - Credentials In Files
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1059.003 - Windows Command Shell
  • T1204.001 - Malicious Link
MITREへのリンク →

BlackByte

Score: 15.45
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1562.004 - Disable or Modify System Firewall
  • T1583.003 - Virtual Private Server
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1068 - Exploitation for Privilege Escalation
  • T1486 - Data Encrypted for Impact
  • T1059.003 - Windows Command Shell
MITREへのリンク →

BITTER

Score: 4.07
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1068 - Exploitation for Privilege Escalation
MITREへのリンク →

Saint Bear

Score: 8.10
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1562.001 - Disable or Modify Tools
  • T1059.003 - Windows Command Shell
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN7

Score: 25.50
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1562.004 - Disable or Modify System Firewall
  • T1218.005 - Mshta
  • T1608.005 - Link Target
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1591.004 - Identify Roles
  • T1059.003 - Windows Command Shell
  • T1204.001 - Malicious Link
MITREへのリンク →

EXOTIC LILY

Score: 5.86
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT42

Score: 8.12
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.003 - Virtual Private Server
  • T1111 - Multi-Factor Authentication Interception
MITREへのリンク →

Akira

Score: 10.10
Matched TTPs:
  • T1558 - Steal or Forge Kerberos Tickets
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

MuddyWater

Score: 19.17
Matched TTPs:
  • T1218.003 - CMSTP
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1562.001 - Disable or Modify Tools
  • T1059.003 - Windows Command Shell
  • T1518 - Software Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

Cobalt Group

Score: 11.29
Matched TTPs:
  • T1218.003 - CMSTP
  • T1068 - Exploitation for Privilege Escalation
  • T1218.010 - Regsvr32
  • T1059.003 - Windows Command Shell
  • T1204.001 - Malicious Link
MITREへのリンク →

Salt Typhoon

Score: 6.88
Matched TTPs:
  • T1602.002 - Network Device Configuration Dump
  • T1562.004 - Disable or Modify System Firewall
MITREへのリンク →

Volt Typhoon

Score: 35.13
Matched TTPs:
  • T1589 - Gather Victim Identity Information
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1584.005 - Botnet
  • T1591 - Gather Victim Org Information
  • T1059.004 - Unix Shell
  • T1078 - Valid Accounts
  • T1068 - Exploitation for Privilege Escalation
  • T1587.004 - Exploits
  • T1591.004 - Identify Roles
  • T1059.003 - Windows Command Shell
  • T1518 - Software Discovery
  • T1596.005 - Scan Databases
MITREへのリンク →

Carbanak

Score: 3.77
Matched TTPs:
  • T1562.004 - Disable or Modify System Firewall
  • T1078 - Valid Accounts
MITREへのリンク →

Rocke

Score: 6.97
Matched TTPs:
  • T1562.004 - Disable or Modify System Firewall
  • T1059.004 - Unix Shell
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

ToddyCat

Score: 7.12
Matched TTPs:
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1059.003 - Windows Command Shell
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

UNC3886

Score: 20.72
Matched TTPs:
  • T1562.004 - Disable or Modify System Firewall
  • T1681 - Search Threat Vendor Data
  • T1083 - File and Directory Discovery
  • T1059.004 - Unix Shell
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1068 - Exploitation for Privilege Escalation
  • T1587.004 - Exploits
  • T1059.003 - Windows Command Shell
MITREへのリンク →

APT38

Score: 16.97
Matched TTPs:
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1565.002 - Transmitted Data Manipulation
  • T1059.003 - Windows Command Shell
  • T1204.001 - Malicious Link
MITREへのリンク →

Velvet Ant

Score: 8.27
Matched TTPs:
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1059.004 - Unix Shell
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

APT3

Score: 9.42
Matched TTPs:
  • T1546.008 - Accessibility Features
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
  • T1059.003 - Windows Command Shell
  • T1204.001 - Malicious Link
MITREへのリンク →

Deep Panda

Score: 6.03
Matched TTPs:
  • T1546.008 - Accessibility Features
  • T1218.010 - Regsvr32
MITREへのリンク →

Fox Kitten

Score: 15.67
Matched TTPs:
  • T1546.008 - Accessibility Features
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
  • T1078 - Valid Accounts
  • T1059.003 - Windows Command Shell
  • T1213.005 - Messaging Applications
MITREへのリンク →

Turla

Score: 15.48
Matched TTPs:
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1583.006 - Web Services
  • T1562.001 - Disable or Modify Tools
  • T1584.006 - Web Services
  • T1068 - Exploitation for Privilege Escalation
  • T1059.003 - Windows Command Shell
  • T1204.001 - Malicious Link
MITREへのリンク →

Blue Mockingbird

Score: 6.04
Matched TTPs:
  • T1090 - Proxy
  • T1218.010 - Regsvr32
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Cinnamon Tempest

Score: 4.72
Matched TTPs:
  • T1090 - Proxy
  • T1078 - Valid Accounts
  • T1059.003 - Windows Command Shell
MITREへのリンク →

MoustachedBouncer

Score: 4.44
Matched TTPs:
  • T1090 - Proxy
  • T1068 - Exploitation for Privilege Escalation
MITREへのリンク →

Windigo

Score: 6.39
Matched TTPs:
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1518 - Software Discovery
MITREへのリンク →

POLONIUM

Score: 5.78
Matched TTPs:
  • T1090 - Proxy
  • T1583.006 - Web Services
  • T1078 - Valid Accounts
MITREへのリンク →

Winter Vivern

Score: 9.76
Matched TTPs:
  • T1583.003 - Virtual Private Server
  • T1083 - File and Directory Discovery
  • T1584.006 - Web Services
  • T1059.003 - Windows Command Shell
  • T1204.001 - Malicious Link
MITREへのリンク →

BRONZE BUTLER

Score: 10.64
Matched TTPs:
  • T1550.003 - Pass the Ticket
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1059.003 - Windows Command Shell
  • T1518 - Software Discovery
MITREへのリンク →

Inception

Score: 9.13
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1218.010 - Regsvr32
  • T1518 - Software Discovery
MITREへのリンク →

RedCurl

Score: 6.14
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
  • T1059.003 - Windows Command Shell
  • T1204.001 - Malicious Link
MITREへのリンク →

Chimera

Score: 11.84
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
  • T1110.004 - Credential Stuffing
  • T1059.003 - Windows Command Shell
  • T1111 - Multi-Factor Authentication Interception
MITREへのリンク →

Tropic Trooper

Score: 5.00
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1059.003 - Windows Command Shell
  • T1518 - Software Discovery
MITREへのリンク →

Dark Caracal

Score: 4.78
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1059.003 - Windows Command Shell
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT39

Score: 4.08
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
  • T1204.001 - Malicious Link
MITREへのリンク →

Play

Score: 5.48
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Confucius

Score: 7.01
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

APT18

Score: 3.68
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Leafminer

Score: 3.82
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
MITREへのリンク →

APT33

Score: 7.40
Matched TTPs:
  • T1552.001 - Credentials In Files
  • T1078 - Valid Accounts
  • T1068 - Exploitation for Privilege Escalation
  • T1204.001 - Malicious Link
MITREへのリンク →

Indrik Spider

Score: 9.04
Matched TTPs:
  • T1552.001 - Credentials In Files
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1059.003 - Windows Command Shell
MITREへのリンク →

TA551

Score: 6.04
Matched TTPs:
  • T1218.005 - Mshta
  • T1218.010 - Regsvr32
  • T1059.003 - Windows Command Shell
MITREへのリンク →

TA578

Score: 3.37
Matched TTPs:
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

SilverTerrier

Score: 3.62
Matched TTPs:
  • T1071.002 - File Transfer Protocols
MITREへのリンク →

Leviathan

Score: 13.00
Matched TTPs:
  • T1534 - Internal Spearphishing
  • T1078 - Valid Accounts
  • T1218.010 - Regsvr32
  • T1587.004 - Exploits
  • T1204.001 - Malicious Link
MITREへのリンク →

Aquatic Panda

Score: 5.58
Matched TTPs:
  • T1059.004 - Unix Shell
  • T1562.001 - Disable or Modify Tools
  • T1059.003 - Windows Command Shell
MITREへのリンク →

INC Ransom

Score: 6.52
Matched TTPs:
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1059.003 - Windows Command Shell
MITREへのリンク →

FIN6

Score: 8.79
Matched TTPs:
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1068 - Exploitation for Privilege Escalation
  • T1059.003 - Windows Command Shell
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

FIN8

Score: 8.18
Matched TTPs:
  • T1078 - Valid Accounts
  • T1068 - Exploitation for Privilege Escalation
  • T1486 - Data Encrypted for Impact
  • T1059.003 - Windows Command Shell
  • T1204.001 - Malicious Link
MITREへのリンク →

APT37

Score: 5.09
Matched TTPs:
  • T1036.001 - Invalid Code Signature
  • T1059.003 - Windows Command Shell
MITREへのリンク →

Windshift

Score: 10.76
Matched TTPs:
  • T1036.001 - Invalid Code Signature
  • T1518 - Software Discovery
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Storm-1811

Score: 10.36
Matched TTPs:
  • T1486 - Data Encrypted for Impact
  • T1667 - Email Bombing
  • T1059.003 - Windows Command Shell
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Andariel

Score: 3.84
Matched TTPs:
  • T1592.002 - Software
MITREへのリンク →

Volatile Cedar

Score: 4.13
Matched TTPs:
  • T1595.003 - Wordlist Scanning
MITREへのリンク →

Equation

Score: 8.26
Matched TTPs:
  • T1564.005 - Hidden File System
  • T1480.001 - Environmental Keying
MITREへのリンク →

Strider

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Scattered Spider

Score: 0.70
Matched TTPs:
  • T1598.004 - Spearphishing Voice
  • T1059.004 - Unix Shell
  • T1213.005 - Messaging Applications
  • T1068 - Exploitation for Privilege Escalation
  • T1078 - Valid Accounts
  • T1090 - Proxy
  • T1562.001 - Disable or Modify Tools
  • T1484.002 - Trust Modification
  • T1589 - Gather Victim Identity Information
  • T1552.001 - Credentials In Files
  • T1083 - File and Directory Discovery
  • T1598.003 - Spearphishing Link
  • T1021.007 - Cloud Services
  • T1213.003 - Code Repositories
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

APT41

Score: 0.68
Matched TTPs:
  • T1059.004 - Unix Shell
  • T1078 - Valid Accounts
  • T1071.002 - File Transfer Protocols
  • T1596.005 - Scan Databases
  • T1090 - Proxy
  • T1542.003 - Bootkit
  • T1546.008 - Accessibility Features
  • T1480.001 - Environmental Keying
  • T1083 - File and Directory Discovery
  • T1059.003 - Windows Command Shell
  • T1003.002 - Security Account Manager
  • T1213.003 - Code Repositories
  • T1486 - Data Encrypted for Impact
  • T1595.003 - Wordlist Scanning
MITREへのリンク →

LAPSUS$

Score: 0.65
Matched TTPs:
  • T1598.004 - Spearphishing Voice
  • T1213.005 - Messaging Applications
  • T1068 - Exploitation for Privilege Escalation
  • T1597.002 - Purchase Technical Data
  • T1078 - Valid Accounts
  • T1090 - Proxy
  • T1583.003 - Virtual Private Server
  • T1589 - Gather Victim Identity Information
  • T1591.004 - Identify Roles
  • T1111 - Multi-Factor Authentication Interception
  • T1584.002 - DNS Server
  • T1213.003 - Code Repositories
MITREへのリンク →

Kimsuky

Score: 0.60
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1218.005 - Mshta
  • T1591 - Gather Victim Org Information
  • T1562.004 - Disable or Modify System Firewall
  • T1534 - Internal Spearphishing
  • T1071.002 - File Transfer Protocols
  • T1562.001 - Disable or Modify Tools
  • T1204.001 - Malicious Link
  • T1583.006 - Web Services
  • T1552.001 - Credentials In Files
  • T1083 - File and Directory Discovery
  • T1598.003 - Spearphishing Link
  • T1111 - Multi-Factor Authentication Interception
  • T1059.003 - Windows Command Shell
  • T1608.001 - Upload Malware
MITREへのリンク →

Volt Typhoon

Score: 0.59
Matched TTPs:
  • T1059.004 - Unix Shell
  • T1584.005 - Botnet
  • T1591 - Gather Victim Org Information
  • T1068 - Exploitation for Privilege Escalation
  • T1078 - Valid Accounts
  • T1596.005 - Scan Databases
  • T1587.004 - Exploits
  • T1090 - Proxy
  • T1589 - Gather Victim Identity Information
  • T1591.004 - Identify Roles
  • T1518 - Software Discovery
  • T1083 - File and Directory Discovery
  • T1059.003 - Windows Command Shell
MITREへのリンク →

APT29

Score: 0.57
Matched TTPs:
  • T1218.005 - Mshta
  • T1068 - Exploitation for Privilege Escalation
  • T1078 - Valid Accounts
  • T1550.003 - Pass the Ticket
  • T1546.008 - Accessibility Features
  • T1027.006 - HTML Smuggling
  • T1204.001 - Malicious Link
  • T1583.006 - Web Services
  • T1566.003 - Spearphishing via Service
  • T1021.007 - Cloud Services
  • T1110.001 - Password Guessing
  • T1003.002 - Security Account Manager
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る