Trusted Design

Abusing .arpa: The TLD That Isn't Supposed to Host Anything

概要

Threat actors have discovered a novel method to bypass security controls by abusing the .arpa top-level domain (TLD) in conjunction with IPv6 tunnels. They are exploiting a feature in DNS record management of certain providers to add IP address records for .arpa domains, allowing them to host phishing content on domains that should not resolve to an IP address. The phishing campaigns use spam emails impersonating major brands, with hyperlinked images leading to malicious websites through traffic distribution systems. This technique weaponizes trusted infrastructure essential for network operations, making it challenging for security tools to detect suspicious domains based on reputation, registration information, or policy blocklists.

Created: 2026-02-27

Indicators

類似Pulses

類似するPulseは見つかりませんでした。

このPulseに関連する脅威アクター (事実ベース)

Mustang Panda

Score: 37.52
Matched TTPs:
  • T1037 - Boot or Logon Initialization Scripts
  • T1596.001 - DNS/Passive DNS
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1024 - Custom Cryptographic Protocol
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1183 - Image File Execution Options Injection
  • T1590.006 - Network Security Appliances
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1218.012 - Verclsid
  • T1569.001 - Launchctl
  • T1608.005 - Link Target
  • T1102.003 - One-Way Communication
  • T1218.010 - Regsvr32
MITREへのリンク →

Kimsuky

Score: 87.91
Matched TTPs:
  • T1037 - Boot or Logon Initialization Scripts
  • T1033 - System Owner/User Discovery
  • T1114 - Email Collection
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1583.005 - Botnet
  • T1024 - Custom Cryptographic Protocol
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1152 - Launchctl
  • T1183 - Image File Execution Options Injection
  • T1134.002 - Create Process with Token
  • T1590.006 - Network Security Appliances
  • T1546.008 - Accessibility Features
  • T1219.001 - IDE Tunneling
  • T1588.001 - Malware
  • T1051 - Shared Webroot
  • T1218.012 - Verclsid
  • T1608.005 - Link Target
  • T1057 - Process Discovery
  • T1041 - Exfiltration Over C2 Channel
  • T1055.014 - VDSO Hijacking
  • T1102.003 - One-Way Communication
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1597 - Search Closed Sources
  • T1547.002 - Authentication Package
  • T1030 - Data Transfer Size Limits
  • T1197 - BITS Jobs
  • T1656 - Impersonation
  • T1008 - Fallback Channels
  • T1053.002 - At
MITREへのリンク →

Sea Turtle

Score: 31.87
Matched TTPs:
  • T1037 - Boot or Logon Initialization Scripts
  • T1033 - System Owner/User Discovery
  • T1596.001 - DNS/Passive DNS
  • T1499.003 - Application Exhaustion Flood
  • T1063 - Security Software Discovery
  • T1098.007 - Additional Local or Domain Groups
  • T1175 - Component Object Model and Distributed COM
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1157 - Dylib Hijacking
  • T1218.010 - Regsvr32
  • T1137.004 - Outlook Home Page
MITREへのリンク →

Ember Bear

Score: 24.28
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1584.008 - Network Devices
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1175 - Component Object Model and Distributed COM
  • T1051 - Shared Webroot
  • T1597 - Search Closed Sources
  • T1218.010 - Regsvr32
  • T1656 - Impersonation
  • T1519 - Emond
MITREへのリンク →

Indrik Spider

Score: 22.37
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1183 - Image File Execution Options Injection
  • T1051 - Shared Webroot
  • T1552.008 - Chat Messages
  • T1597 - Search Closed Sources
  • T1157 - Dylib Hijacking
  • T1027 - Obfuscated Files or Information
  • T1166 - Setuid and Setgid
  • T1546.016 - Installer Packages
MITREへのリンク →

Agrius

Score: 9.71
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1584.008 - Network Devices
  • T1597 - Search Closed Sources
  • T1166 - Setuid and Setgid
MITREへのリンク →

Contagious Interview

Score: 47.20
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1044 - File System Permissions Weakness
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1547.005 - Security Support Provider
  • T1021.006 - Windows Remote Management
  • T1183 - Image File Execution Options Injection
  • T1045 - Software Packing
  • T1175 - Component Object Model and Distributed COM
  • T1219.001 - IDE Tunneling
  • T1608.005 - Link Target
  • T1102.003 - One-Way Communication
  • T1597 - Search Closed Sources
  • T1030 - Data Transfer Size Limits
  • T1656 - Impersonation
  • T1059.006 - Python
  • T1547.008 - LSASS Driver
MITREへのリンク →

Sandworm Team

Score: 74.98
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1114 - Email Collection
  • T1063 - Security Software Discovery
  • T1484.002 - Trust Modification
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1583.005 - Botnet
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1183 - Image File Execution Options Injection
  • T1134.002 - Create Process with Token
  • T1193 - Spearphishing Attachment
  • T1045 - Software Packing
  • T1546.008 - Accessibility Features
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1049 - System Network Connections Discovery
  • T1102.003 - One-Way Communication
  • T1157 - Dylib Hijacking
  • T1027 - Obfuscated Files or Information
  • T1187 - Forced Authentication
  • T1547.002 - Authentication Package
  • T1218.010 - Regsvr32
  • T1166 - Setuid and Setgid
  • T1075 - Pass the Hash
  • T1546.016 - Installer Packages
  • T1111 - Multi-Factor Authentication Interception
MITREへのリンク →

Star Blizzard

Score: 25.20
Matched TTPs:
  • T1033 - System Owner/User Discovery
  • T1566.002 - Spearphishing Link
  • T1024 - Custom Cryptographic Protocol
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1547.005 - Security Support Provider
  • T1183 - Image File Execution Options Injection
  • T1657 - Financial Theft
  • T1102.003 - One-Way Communication
  • T1157 - Dylib Hijacking
MITREへのリンク →

Volt Typhoon

Score: 65.99
Matched TTPs:
  • T1148 - HISTCONTROL
  • T1685.001 - Disable or Modify Windows Event Log
  • T1114 - Email Collection
  • T1553.002 - Code Signing
  • T1176 - Software Extensions
  • T1547.005 - Security Support Provider
  • T1134.002 - Create Process with Token
  • T1590.006 - Network Security Appliances
  • T1045 - Software Packing
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1049 - System Network Connections Discovery
  • T1057 - Process Discovery
  • T1552.008 - Chat Messages
  • T1102.003 - One-Way Communication
  • T1157 - Dylib Hijacking
  • T1039 - Data from Network Shared Drive
  • T1488 - Disk Content Wipe
  • T1166 - Setuid and Setgid
  • T1065 - Uncommonly Used Port
  • T1546.016 - Installer Packages
  • T1574.002 - DLL Side-Loading
MITREへのリンク →

Andariel

Score: 10.92
Matched TTPs:
  • T1171 - LLMNR/NBT-NS Poisoning and Relay
  • T1055.004 - Asynchronous Procedure Call
  • T1187 - Forced Authentication
  • T1218.010 - Regsvr32
MITREへのリンク →

Magic Hound

Score: 62.35
Matched TTPs:
  • T1171 - LLMNR/NBT-NS Poisoning and Relay
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1024 - Custom Cryptographic Protocol
  • T1098.007 - Additional Local or Domain Groups
  • T1547.005 - Security Support Provider
  • T1009 - Binary Padding
  • T1183 - Image File Execution Options Injection
  • T1134.002 - Create Process with Token
  • T1590.006 - Network Security Appliances
  • T1045 - Software Packing
  • T1504 - PowerShell Profile
  • T1219.001 - IDE Tunneling
  • T1588.001 - Malware
  • T1055.004 - Asynchronous Procedure Call
  • T1608.005 - Link Target
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
  • T1187 - Forced Authentication
  • T1592.003 - Firmware
  • T1547.002 - Authentication Package
  • T1166 - Setuid and Setgid
  • T1098.002 - Additional Email Delegate Permissions
  • T1547.008 - LSASS Driver
  • T1053.002 - At
MITREへのリンク →

HAFNIUM

Score: 31.62
Matched TTPs:
  • T1171 - LLMNR/NBT-NS Poisoning and Relay
  • T1027.008 - Stripped Payloads
  • T1134.002 - Create Process with Token
  • T1590.006 - Network Security Appliances
  • T1059 - Command and Scripting Interpreter
  • T1175 - Component Object Model and Distributed COM
  • T1219.001 - IDE Tunneling
  • T1049 - System Network Connections Discovery
  • T1608.005 - Link Target
  • T1552.008 - Chat Messages
  • T1039 - Data from Network Shared Drive
MITREへのリンク →

APT41

Score: 49.01
Matched TTPs:
  • T1539 - Steal Web Session Cookie
  • T1584.008 - Network Devices
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1590.006 - Network Security Appliances
  • T1177 - LSASS Driver
  • T1045 - Software Packing
  • T1219.001 - IDE Tunneling
  • T1588.001 - Malware
  • T1055.004 - Asynchronous Procedure Call
  • T1041 - Exfiltration Over C2 Channel
  • T1157 - Dylib Hijacking
  • T1027 - Obfuscated Files or Information
  • T1218.010 - Regsvr32
  • T1002 - Data Compressed
  • T1030 - Data Transfer Size Limits
  • T1564.003 - Hidden Window
  • T1574.002 - DLL Side-Loading
  • T1008 - Fallback Channels
MITREへのリンク →

TA551

Score: 9.00
Matched TTPs:
  • T1539 - Steal Web Session Cookie
  • T1134.002 - Create Process with Token
  • T1218.012 - Verclsid
MITREへのリンク →

APT28

Score: 45.38
Matched TTPs:
  • T1685.001 - Disable or Modify Windows Event Log
  • T1566.002 - Spearphishing Link
  • T1583.005 - Botnet
  • T1024 - Custom Cryptographic Protocol
  • T1098.007 - Additional Local or Domain Groups
  • T1152 - Launchctl
  • T1175 - Component Object Model and Distributed COM
  • T1219.001 - IDE Tunneling
  • T1608.005 - Link Target
  • T1057 - Process Discovery
  • T1157 - Dylib Hijacking
  • T1039 - Data from Network Shared Drive
  • T1592.003 - Firmware
  • T1547.002 - Authentication Package
  • T1218.010 - Regsvr32
  • T1197 - BITS Jobs
  • T1146 - Clear Command History
MITREへのリンク →

ZIRCONIUM

Score: 26.69
Matched TTPs:
  • T1685.001 - Disable or Modify Windows Event Log
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1098.007 - Additional Local or Domain Groups
  • T1590.006 - Network Security Appliances
  • T1588.001 - Malware
  • T1608.005 - Link Target
  • T1039 - Data from Network Shared Drive
  • T1547.002 - Authentication Package
  • T1197 - BITS Jobs
  • T1608.006 - SEO Poisoning
MITREへのリンク →

Leviathan

Score: 36.46
Matched TTPs:
  • T1685.001 - Disable or Modify Windows Event Log
  • T1484.002 - Trust Modification
  • T1543.003 - Windows Service
  • T1024 - Custom Cryptographic Protocol
  • T1098.007 - Additional Local or Domain Groups
  • T1183 - Image File Execution Options Injection
  • T1554 - Compromise Host Software Binary
  • T1055.014 - VDSO Hijacking
  • T1157 - Dylib Hijacking
  • T1488 - Disk Content Wipe
  • T1592.003 - Firmware
  • T1218.010 - Regsvr32
  • T1546.016 - Installer Packages
MITREへのリンク →

Mustard Tempest

Score: 14.28
Matched TTPs:
  • T1682 - Query Public AI Services
  • T1543.003 - Windows Service
  • T1115 - Clipboard Data
  • T1091 - Replication Through Removable Media
  • T1053.002 - At
MITREへのリンク →

Daggerfly

Score: 5.43
Matched TTPs:
  • T1584.008 - Network Devices
  • T1546.016 - Installer Packages
MITREへのリンク →

GALLIUM

Score: 7.22
Matched TTPs:
  • T1584.008 - Network Devices
  • T1590.006 - Network Security Appliances
  • T1055.004 - Asynchronous Procedure Call
  • T1157 - Dylib Hijacking
MITREへのリンク →

APT29

Score: 43.47
Matched TTPs:
  • T1584.008 - Network Devices
  • T1543.003 - Windows Service
  • T1202 - Indirect Command Execution
  • T1024 - Custom Cryptographic Protocol
  • T1177 - LSASS Driver
  • T1568 - Dynamic Resolution
  • T1218.012 - Verclsid
  • T1218.005 - Mshta
  • T1608.005 - Link Target
  • T1157 - Dylib Hijacking
  • T1039 - Data from Network Shared Drive
  • T1218.010 - Regsvr32
  • T1218.009 - Regsvcs/Regasm
  • T1608.006 - SEO Poisoning
  • T1547.008 - LSASS Driver
MITREへのリンク →

FIN13

Score: 18.49
Matched TTPs:
  • T1584.008 - Network Devices
  • T1553.002 - Code Signing
  • T1547.005 - Security Support Provider
  • T1590.006 - Network Security Appliances
  • T1219.001 - IDE Tunneling
  • T1588.001 - Malware
  • T1055.004 - Asynchronous Procedure Call
  • T1051 - Shared Webroot
MITREへのリンク →

Dragonfly

Score: 38.21
Matched TTPs:
  • T1584.008 - Network Devices
  • T1566.002 - Spearphishing Link
  • T1115 - Clipboard Data
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1193 - Spearphishing Attachment
  • T1590.006 - Network Security Appliances
  • T1175 - Component Object Model and Distributed COM
  • T1219.001 - IDE Tunneling
  • T1657 - Financial Theft
  • T1041 - Exfiltration Over C2 Channel
  • T1157 - Dylib Hijacking
  • T1531 - Account Access Removal
  • T1218.010 - Regsvr32
  • T1546.016 - Installer Packages
MITREへのリンク →

Ke3chang

Score: 15.11
Matched TTPs:
  • T1584.008 - Network Devices
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1027.008 - Stripped Payloads
  • T1590.006 - Network Security Appliances
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1157 - Dylib Hijacking
MITREへのリンク →

APT5

Score: 11.76
Matched TTPs:
  • T1584.008 - Network Devices
  • T1027.008 - Stripped Payloads
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1166 - Setuid and Setgid
MITREへのリンク →

menuPass

Score: 10.04
Matched TTPs:
  • T1584.008 - Network Devices
  • T1098.007 - Additional Local or Domain Groups
  • T1590.006 - Network Security Appliances
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1157 - Dylib Hijacking
MITREへのリンク →

Threat Group-3390

Score: 17.33
Matched TTPs:
  • T1584.008 - Network Devices
  • T1115 - Clipboard Data
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1590.006 - Network Security Appliances
  • T1055.004 - Asynchronous Procedure Call
  • T1157 - Dylib Hijacking
  • T1039 - Data from Network Shared Drive
  • T1218.010 - Regsvr32
MITREへのリンク →

Wizard Spider

Score: 23.56
Matched TTPs:
  • T1584.008 - Network Devices
  • T1543.003 - Windows Service
  • T1038 - DLL Search Order Hijacking
  • T1183 - Image File Execution Options Injection
  • T1590.006 - Network Security Appliances
  • T1588.001 - Malware
  • T1597 - Search Closed Sources
  • T1157 - Dylib Hijacking
  • T1166 - Setuid and Setgid
  • T1556.009 - Conditional Access Policies
MITREへのリンク →

Silent Librarian

Score: 24.34
Matched TTPs:
  • T1114 - Email Collection
  • T1596.001 - DNS/Passive DNS
  • T1566.002 - Spearphishing Link
  • T1098.007 - Additional Local or Domain Groups
  • T1183 - Image File Execution Options Injection
  • T1134.002 - Create Process with Token
  • T1546.008 - Accessibility Features
  • T1584.005 - Botnet
  • T1157 - Dylib Hijacking
MITREへのリンク →

EXOTIC LILY

Score: 17.05
Matched TTPs:
  • T1114 - Email Collection
  • T1543.003 - Windows Service
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1183 - Image File Execution Options Injection
  • T1134.002 - Create Process with Token
  • T1218.010 - Regsvr32
  • T1547.008 - LSASS Driver
MITREへのリンク →

TA578

Score: 5.30
Matched TTPs:
  • T1114 - Email Collection
  • T1608.005 - Link Target
MITREへのリンク →

Lazarus Group

Score: 47.44
Matched TTPs:
  • T1596.001 - DNS/Passive DNS
  • T1543.003 - Windows Service
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1183 - Image File Execution Options Injection
  • T1134.002 - Create Process with Token
  • T1590.006 - Network Security Appliances
  • T1219.001 - IDE Tunneling
  • T1588.001 - Malware
  • T1055.004 - Asynchronous Procedure Call
  • T1218.012 - Verclsid
  • T1608.005 - Link Target
  • T1606.001 - Web Cookies
  • T1057 - Process Discovery
  • T1597 - Search Closed Sources
  • T1157 - Dylib Hijacking
  • T1547.002 - Authentication Package
  • T1218.010 - Regsvr32
  • T1546.016 - Installer Packages
  • T1547.008 - LSASS Driver
  • T1216 - System Script Proxy Execution
MITREへのリンク →

UNC3886

Score: 31.25
Matched TTPs:
  • T1596.001 - DNS/Passive DNS
  • T1689 - Downgrade Attack
  • T1583.005 - Botnet
  • T1009 - Binary Padding
  • T1021.006 - Windows Remote Management
  • T1219.001 - IDE Tunneling
  • T1588.001 - Malware
  • T1597 - Search Closed Sources
  • T1157 - Dylib Hijacking
  • T1039 - Data from Network Shared Drive
  • T1488 - Disk Content Wipe
  • T1218.010 - Regsvr32
MITREへのリンク →

LuminousMoth

Score: 14.75
Matched TTPs:
  • T1596.001 - DNS/Passive DNS
  • T1543.003 - Windows Service
  • T1115 - Clipboard Data
  • T1091 - Replication Through Removable Media
  • T1219.001 - IDE Tunneling
  • T1584.005 - Botnet
MITREへのリンク →

BlackTech

Score: 6.09
Matched TTPs:
  • T1596.001 - DNS/Passive DNS
  • T1543.003 - Windows Service
  • T1218.010 - Regsvr32
MITREへのリンク →

Axiom

Score: 19.48
Matched TTPs:
  • T1499.003 - Application Exhaustion Flood
  • T1177 - LSASS Driver
  • T1175 - Component Object Model and Distributed COM
  • T1049 - System Network Connections Discovery
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1157 - Dylib Hijacking
  • T1218.010 - Regsvr32
MITREへのリンク →

HEXANE

Score: 30.59
Matched TTPs:
  • T1499.003 - Application Exhaustion Flood
  • T1024 - Custom Cryptographic Protocol
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1547.005 - Security Support Provider
  • T1183 - Image File Execution Options Injection
  • T1134.002 - Create Process with Token
  • T1590.006 - Network Security Appliances
  • T1055.004 - Asynchronous Procedure Call
  • T1055.014 - VDSO Hijacking
  • T1547.002 - Authentication Package
  • T1065 - Uncommonly Used Port
MITREへのリンク →

Chimera

Score: 25.71
Matched TTPs:
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1590.006 - Network Security Appliances
  • T1504 - PowerShell Profile
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1157 - Dylib Hijacking
  • T1055.012 - Process Hollowing
  • T1592.003 - Firmware
  • T1166 - Setuid and Setgid
  • T1059.003 - Windows Command Shell
MITREへのリンク →

LazyScripter

Score: 12.04
Matched TTPs:
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1543.003 - Windows Service
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1218.012 - Verclsid
  • T1608.005 - Link Target
MITREへのリンク →

Cobalt Group

Score: 11.91
Matched TTPs:
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1543.003 - Windows Service
  • T1518.002 - Backup Software Discovery
  • T1039 - Data from Network Shared Drive
  • T1218.010 - Regsvr32
MITREへのリンク →

OilRig

Score: 40.25
Matched TTPs:
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1543.003 - Windows Service
  • T1024 - Custom Cryptographic Protocol
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1590.006 - Network Security Appliances
  • T1055.004 - Asynchronous Procedure Call
  • T1051 - Shared Webroot
  • T1157 - Dylib Hijacking
  • T1039 - Data from Network Shared Drive
  • T1055.012 - Process Hollowing
  • T1218.010 - Regsvr32
  • T1592.002 - Software
  • T1166 - Setuid and Setgid
  • T1556.009 - Conditional Access Policies
  • T1547.008 - LSASS Driver
MITREへのリンク →

APT39

Score: 9.31
Matched TTPs:
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1543.003 - Windows Service
  • T1219.001 - IDE Tunneling
  • T1157 - Dylib Hijacking
  • T1547.002 - Authentication Package
MITREへのリンク →

Tropic Trooper

Score: 8.74
Matched TTPs:
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1590.006 - Network Security Appliances
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1218.010 - Regsvr32
MITREへのリンク →

APT18

Score: 5.47
Matched TTPs:
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1219.001 - IDE Tunneling
  • T1157 - Dylib Hijacking
MITREへのリンク →

FIN7

Score: 36.42
Matched TTPs:
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1543.003 - Windows Service
  • T1115 - Clipboard Data
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1588.001 - Malware
  • T1218.012 - Verclsid
  • T1584.005 - Botnet
  • T1608.005 - Link Target
  • T1057 - Process Discovery
  • T1157 - Dylib Hijacking
  • T1027 - Obfuscated Files or Information
  • T1547.002 - Authentication Package
  • T1065 - Uncommonly Used Port
MITREへのリンク →

Scattered Spider

Score: 48.76
Matched TTPs:
  • T1685.004 - Disable or Modify Linux Audit System Log
  • T1566.002 - Spearphishing Link
  • T1098.007 - Additional Local or Domain Groups
  • T1583.001 - Domains
  • T1547.005 - Security Support Provider
  • T1019 - System Firmware
  • T1590.006 - Network Security Appliances
  • T1045 - Software Packing
  • T1219.001 - IDE Tunneling
  • T1051 - Shared Webroot
  • T1218.005 - Mshta
  • T1597 - Search Closed Sources
  • T1157 - Dylib Hijacking
  • T1039 - Data from Network Shared Drive
  • T1027 - Obfuscated Files or Information
  • T1030 - Data Transfer Size Limits
  • T1197 - BITS Jobs
  • T1564.003 - Hidden Window
MITREへのリンク →

Storm-0501

Score: 15.34
Matched TTPs:
  • T1685.004 - Disable or Modify Linux Audit System Log
  • T1504 - PowerShell Profile
  • T1588.001 - Malware
  • T1218.005 - Mshta
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

FIN6

Score: 13.56
Matched TTPs:
  • T1063 - Security Software Discovery
  • T1588.001 - Malware
  • T1597 - Search Closed Sources
  • T1157 - Dylib Hijacking
  • T1039 - Data from Network Shared Drive
  • T1547.008 - LSASS Driver
MITREへのリンク →

Turla

Score: 38.27
Matched TTPs:
  • T1063 - Security Software Discovery
  • T1543.003 - Windows Service
  • T1176 - Software Extensions
  • T1590.006 - Network Security Appliances
  • T1045 - Software Packing
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1608.005 - Link Target
  • T1597 - Search Closed Sources
  • T1218.001 - Compiled HTML File
  • T1039 - Data from Network Shared Drive
  • T1055.012 - Process Hollowing
  • T1547.002 - Authentication Package
  • T1556.009 - Conditional Access Policies
  • T1546.016 - Installer Packages
MITREへのリンク →

MuddyWater

Score: 22.65
Matched TTPs:
  • T1543.003 - Windows Service
  • T1518.002 - Backup Software Discovery
  • T1590.006 - Network Security Appliances
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1051 - Shared Webroot
  • T1218.012 - Verclsid
  • T1608.005 - Link Target
  • T1597 - Search Closed Sources
  • T1547.002 - Authentication Package
  • T1218.010 - Regsvr32
MITREへのリンク →

Confucius

Score: 8.59
Matched TTPs:
  • T1543.003 - Windows Service
  • T1219.001 - IDE Tunneling
  • T1218.012 - Verclsid
  • T1608.005 - Link Target
  • T1218.010 - Regsvr32
MITREへのリンク →

Sidewinder

Score: 14.13
Matched TTPs:
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1590.006 - Network Security Appliances
  • T1219.001 - IDE Tunneling
  • T1218.012 - Verclsid
  • T1657 - Financial Theft
  • T1218.010 - Regsvr32
MITREへのリンク →

Transparent Tribe

Score: 10.78
Matched TTPs:
  • T1543.003 - Windows Service
  • T1115 - Clipboard Data
  • T1098.007 - Additional Local or Domain Groups
  • T1218.010 - Regsvr32
  • T1053.002 - At
MITREへのリンク →

FIN8

Score: 10.24
Matched TTPs:
  • T1543.003 - Windows Service
  • T1504 - PowerShell Profile
  • T1157 - Dylib Hijacking
  • T1039 - Data from Network Shared Drive
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

APT32

Score: 30.42
Matched TTPs:
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1115 - Clipboard Data
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1547.005 - Security Support Provider
  • T1134.002 - Create Process with Token
  • T1590.006 - Network Security Appliances
  • T1219.001 - IDE Tunneling
  • T1588.001 - Malware
  • T1055.004 - Asynchronous Procedure Call
  • T1218.012 - Verclsid
  • T1608.005 - Link Target
  • T1039 - Data from Network Shared Drive
  • T1218.010 - Regsvr32
MITREへのリンク →

APT3

Score: 15.54
Matched TTPs:
  • T1543.003 - Windows Service
  • T1590.006 - Network Security Appliances
  • T1177 - LSASS Driver
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1051 - Shared Webroot
  • T1218.010 - Regsvr32
  • T1166 - Setuid and Setgid
MITREへのリンク →

APT1

Score: 11.74
Matched TTPs:
  • T1543.003 - Windows Service
  • T1098.007 - Additional Local or Domain Groups
  • T1183 - Image File Execution Options Injection
  • T1590.006 - Network Security Appliances
  • T1055.004 - Asynchronous Procedure Call
  • T1053.002 - At
MITREへのリンク →

APT33

Score: 12.02
Matched TTPs:
  • T1543.003 - Windows Service
  • T1583.005 - Botnet
  • T1051 - Shared Webroot
  • T1157 - Dylib Hijacking
  • T1039 - Data from Network Shared Drive
  • T1218.010 - Regsvr32
MITREへのリンク →

Windshift

Score: 3.97
Matched TTPs:
  • T1543.003 - Windows Service
  • T1547.008 - LSASS Driver
MITREへのリンク →

TA2541

Score: 11.09
Matched TTPs:
  • T1543.003 - Windows Service
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1218.012 - Verclsid
  • T1608.005 - Link Target
  • T1597 - Search Closed Sources
MITREへのリンク →

Earth Lusca

Score: 24.22
Matched TTPs:
  • T1543.003 - Windows Service
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1590.006 - Network Security Appliances
  • T1045 - Software Packing
  • T1504 - PowerShell Profile
  • T1055.004 - Asynchronous Procedure Call
  • T1218.012 - Verclsid
  • T1608.005 - Link Target
  • T1218.001 - Compiled HTML File
  • T1546.016 - Installer Packages
MITREへのリンク →

RedCurl

Score: 5.27
Matched TTPs:
  • T1543.003 - Windows Service
  • T1219.001 - IDE Tunneling
  • T1051 - Shared Webroot
MITREへのリンク →

Storm-1811

Score: 22.87
Matched TTPs:
  • T1543.003 - Windows Service
  • T1098.007 - Additional Local or Domain Groups
  • T1504 - PowerShell Profile
  • T1027 - Obfuscated Files or Information
  • T1486 - Data Encrypted for Impact
  • T1567.003 - Exfiltration to Text Storage Sites
  • T1030 - Data Transfer Size Limits
  • T1547.008 - LSASS Driver
MITREへのリンク →

TA577

Score: 4.11
Matched TTPs:
  • T1543.003 - Windows Service
  • T1024 - Custom Cryptographic Protocol
MITREへのリンク →

Patchwork

Score: 9.98
Matched TTPs:
  • T1543.003 - Windows Service
  • T1566.002 - Spearphishing Link
  • T1219.001 - IDE Tunneling
  • T1218.010 - Regsvr32
  • T1008 - Fallback Channels
MITREへのリンク →

TA505

Score: 13.89
Matched TTPs:
  • T1543.003 - Windows Service
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1051 - Shared Webroot
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
  • T1166 - Setuid and Setgid
MITREへのリンク →

APT42

Score: 18.38
Matched TTPs:
  • T1543.003 - Windows Service
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1583.001 - Domains
  • T1183 - Image File Execution Options Injection
  • T1590.006 - Network Security Appliances
  • T1175 - Component Object Model and Distributed COM
  • T1030 - Data Transfer Size Limits
MITREへのリンク →

Moonstone Sleet

Score: 26.34
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1183 - Image File Execution Options Injection
  • T1134.002 - Create Process with Token
  • T1590.006 - Network Security Appliances
  • T1175 - Component Object Model and Distributed COM
  • T1057 - Process Discovery
  • T1027 - Obfuscated Files or Information
  • T1197 - BITS Jobs
  • T1547.008 - LSASS Driver
MITREへのリンク →

CURIUM

Score: 17.96
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1115 - Clipboard Data
  • T1098.007 - Additional Local or Domain Groups
  • T1183 - Image File Execution Options Injection
  • T1175 - Component Object Model and Distributed COM
  • T1218.001 - Compiled HTML File
  • T1547.008 - LSASS Driver
MITREへのリンク →

Velvet Ant

Score: 10.21
Matched TTPs:
  • T1583.005 - Botnet
  • T1009 - Binary Padding
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1597 - Search Closed Sources
MITREへのリンク →

Salt Typhoon

Score: 9.22
Matched TTPs:
  • T1583.005 - Botnet
  • T1553.002 - Code Signing
  • T1009 - Binary Padding
MITREへのリンク →

DarkVishnya

Score: 3.03
Matched TTPs:
  • T1583.005 - Botnet
MITREへのリンク →

LAPSUS$

Score: 42.55
Matched TTPs:
  • T1024 - Custom Cryptographic Protocol
  • T1547.005 - Security Support Provider
  • T1134.002 - Create Process with Token
  • T1019 - System Firmware
  • T1193 - Spearphishing Attachment
  • T1045 - Software Packing
  • T1175 - Component Object Model and Distributed COM
  • T1157 - Dylib Hijacking
  • T1039 - Data from Network Shared Drive
  • T1592.003 - Firmware
  • T1137.004 - Outlook Home Page
  • T1030 - Data Transfer Size Limits
  • T1065 - Uncommonly Used Port
  • T1564.003 - Hidden Window
MITREへのリンク →

IndigoZebra

Score: 6.20
Matched TTPs:
  • T1024 - Custom Cryptographic Protocol
  • T1098.007 - Additional Local or Domain Groups
  • T1608.005 - Link Target
MITREへのリンク →

TeamTNT

Score: 18.79
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1590.006 - Network Security Appliances
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1051 - Shared Webroot
  • T1597 - Search Closed Sources
  • T1519 - Emond
MITREへのリンク →

Gamaredon Group

Score: 29.80
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1045 - Software Packing
  • T1175 - Component Object Model and Distributed COM
  • T1219.001 - IDE Tunneling
  • T1218.012 - Verclsid
  • T1608.005 - Link Target
  • T1606.001 - Web Cookies
  • T1554 - Compromise Host Software Binary
  • T1055.014 - VDSO Hijacking
  • T1597 - Search Closed Sources
  • T1547.002 - Authentication Package
MITREへのリンク →

SideCopy

Score: 12.69
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1590.006 - Network Security Appliances
  • T1218.012 - Verclsid
  • T1657 - Financial Theft
  • T1053.002 - At
MITREへのリンク →

BlackByte

Score: 25.02
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1009 - Binary Padding
  • T1590.006 - Network Security Appliances
  • T1504 - PowerShell Profile
  • T1175 - Component Object Model and Distributed COM
  • T1606.001 - Web Cookies
  • T1597 - Search Closed Sources
  • T1157 - Dylib Hijacking
  • T1039 - Data from Network Shared Drive
  • T1027 - Obfuscated Files or Information
  • T1166 - Setuid and Setgid
MITREへのリンク →

BITTER

Score: 9.18
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1098.007 - Additional Local or Domain Groups
  • T1588.001 - Malware
  • T1039 - Data from Network Shared Drive
  • T1218.010 - Regsvr32
MITREへのリンク →

Saint Bear

Score: 12.83
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1134.002 - Create Process with Token
  • T1608.005 - Link Target
  • T1597 - Search Closed Sources
  • T1218.010 - Regsvr32
  • T1030 - Data Transfer Size Limits
MITREへのリンク →

Akira

Score: 13.03
Matched TTPs:
  • T1137.005 - Outlook Rules
  • T1504 - PowerShell Profile
  • T1597 - Search Closed Sources
  • T1157 - Dylib Hijacking
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

APT38

Score: 21.53
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1218.012 - Verclsid
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
  • T1493 - Transmitted Data Manipulation
  • T1216 - System Script Proxy Execution
MITREへのリンク →

Winter Vivern

Score: 11.06
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1175 - Component Object Model and Distributed COM
  • T1219.001 - IDE Tunneling
  • T1588.001 - Malware
  • T1218.001 - Compiled HTML File
MITREへのリンク →

MoustachedBouncer

Score: 8.97
Matched TTPs:
  • T1055.003 - Thread Execution Hijacking
  • T1045 - Software Packing
  • T1039 - Data from Network Shared Drive
MITREへのリンク →

Higaisa

Score: 9.60
Matched TTPs:
  • T1569.003 - Systemctl
  • T1590.006 - Network Security Appliances
  • T1588.001 - Malware
  • T1218.010 - Regsvr32
MITREへのリンク →

Carbanak

Score: 8.26
Matched TTPs:
  • T1009 - Binary Padding
  • T1588.001 - Malware
  • T1157 - Dylib Hijacking
  • T1547.002 - Authentication Package
MITREへのリンク →

Rocke

Score: 7.42
Matched TTPs:
  • T1009 - Binary Padding
  • T1597 - Search Closed Sources
  • T1008 - Fallback Channels
MITREへのリンク →

Moses Staff

Score: 3.81
Matched TTPs:
  • T1009 - Binary Padding
  • T1590.006 - Network Security Appliances
MITREへのリンク →

ToddyCat

Score: 10.18
Matched TTPs:
  • T1009 - Binary Padding
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1166 - Setuid and Setgid
  • T1547.008 - LSASS Driver
MITREへのリンク →

Medusa Group

Score: 18.59
Matched TTPs:
  • T1009 - Binary Padding
  • T1183 - Image File Execution Options Injection
  • T1590.006 - Network Security Appliances
  • T1219.001 - IDE Tunneling
  • T1608.005 - Link Target
  • T1597 - Search Closed Sources
  • T1157 - Dylib Hijacking
  • T1027 - Obfuscated Files or Information
  • T1216 - System Script Proxy Execution
MITREへのリンク →

Leafminer

Score: 8.36
Matched TTPs:
  • T1101 - Security Support Provider
  • T1219.001 - IDE Tunneling
  • T1051 - Shared Webroot
MITREへのリンク →

Play

Score: 8.28
Matched TTPs:
  • T1590.006 - Network Security Appliances
  • T1219.001 - IDE Tunneling
  • T1597 - Search Closed Sources
  • T1157 - Dylib Hijacking
  • T1166 - Setuid and Setgid
MITREへのリンク →

admin@338

Score: 6.00
Matched TTPs:
  • T1590.006 - Network Security Appliances
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1218.010 - Regsvr32
MITREへのリンク →

Lotus Blossom

Score: 7.43
Matched TTPs:
  • T1590.006 - Network Security Appliances
  • T1504 - PowerShell Profile
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
MITREへのリンク →

Stealth Falcon

Score: 5.09
Matched TTPs:
  • T1590.006 - Network Security Appliances
  • T1556.009 - Conditional Access Policies
MITREへのリンク →

Naikon

Score: 5.85
Matched TTPs:
  • T1590.006 - Network Security Appliances
  • T1588.001 - Malware
  • T1166 - Setuid and Setgid
MITREへのリンク →

Darkhotel

Score: 4.26
Matched TTPs:
  • T1590.006 - Network Security Appliances
  • T1219.001 - IDE Tunneling
  • T1218.010 - Regsvr32
MITREへのリンク →

Deep Panda

Score: 3.29
Matched TTPs:
  • T1177 - LSASS Driver
MITREへのリンク →

Fox Kitten

Score: 16.41
Matched TTPs:
  • T1177 - LSASS Driver
  • T1045 - Software Packing
  • T1219.001 - IDE Tunneling
  • T1588.001 - Malware
  • T1051 - Shared Webroot
  • T1157 - Dylib Hijacking
  • T1656 - Impersonation
MITREへのリンク →

Cinnamon Tempest

Score: 6.05
Matched TTPs:
  • T1045 - Software Packing
  • T1157 - Dylib Hijacking
  • T1166 - Setuid and Setgid
MITREへのリンク →

Windigo

Score: 3.64
Matched TTPs:
  • T1045 - Software Packing
  • T1219.001 - IDE Tunneling
MITREへのリンク →

POLONIUM

Score: 8.18
Matched TTPs:
  • T1045 - Software Packing
  • T1608.005 - Link Target
  • T1157 - Dylib Hijacking
  • T1547.002 - Authentication Package
MITREへのリンク →

Equation

Score: 4.54
Matched TTPs:
  • T1589.003 - Employee Names
MITREへのリンク →

Inception

Score: 5.13
Matched TTPs:
  • T1219.001 - IDE Tunneling
  • T1218.012 - Verclsid
  • T1218.010 - Regsvr32
MITREへのリンク →

Dark Caracal

Score: 3.82
Matched TTPs:
  • T1219.001 - IDE Tunneling
  • T1547.008 - LSASS Driver
MITREへのリンク →

BRONZE BUTLER

Score: 7.88
Matched TTPs:
  • T1219.001 - IDE Tunneling
  • T1597 - Search Closed Sources
  • T1218.010 - Regsvr32
  • T1008 - Fallback Channels
MITREへのリンク →

Aquatic Panda

Score: 6.18
Matched TTPs:
  • T1588.001 - Malware
  • T1597 - Search Closed Sources
  • T1166 - Setuid and Setgid
MITREへのリンク →

BackdoorDiplomacy

Score: 3.83
Matched TTPs:
  • T1588.001 - Malware
  • T1055.004 - Asynchronous Procedure Call
MITREへのリンク →

INC Ransom

Score: 10.58
Matched TTPs:
  • T1055.004 - Asynchronous Procedure Call
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1597 - Search Closed Sources
  • T1157 - Dylib Hijacking
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

APT17

Score: 5.45
Matched TTPs:
  • T1608.005 - Link Target
  • T1656 - Impersonation
MITREへのリンク →

SilverTerrier

Score: 3.62
Matched TTPs:
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

AppleJeus

Score: 3.29
Matched TTPs:
  • T1562.013 - Disable or Modify Network Device Firewall
MITREへのリンク →

GOLD SOUTHFIELD

Score: 3.29
Matched TTPs:
  • T1562.013 - Disable or Modify Network Device Firewall
MITREへのリンク →

Tonto Team

Score: 3.59
Matched TTPs:
  • T1039 - Data from Network Shared Drive
  • T1218.010 - Regsvr32
MITREへのリンク →

DarkHydrus

Score: 4.13
Matched TTPs:
  • T1531 - Account Access Removal
MITREへのリンク →

APT37

Score: 7.51
Matched TTPs:
  • T1547.002 - Authentication Package
  • T1218.010 - Regsvr32
  • T1216 - System Script Proxy Execution
MITREへのリンク →

APT12

Score: 3.89
Matched TTPs:
  • T1547.002 - Authentication Package
  • T1218.010 - Regsvr32
MITREへのリンク →

Volatile Cedar

Score: 4.13
Matched TTPs:
  • T1002 - Data Compressed
MITREへのリンク →

RTM

Score: 3.29
Matched TTPs:
  • T1008 - Fallback Channels
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.70
Matched TTPs:
  • T1114 - Email Collection
  • T1608.005 - Link Target
  • T1218.012 - Verclsid
  • T1583.005 - Botnet
  • T1152 - Launchctl
  • T1037 - Boot or Logon Initialization Scripts
  • T1656 - Impersonation
  • T1008 - Fallback Channels
  • T1546.008 - Accessibility Features
  • T1053.002 - At
  • T1030 - Data Transfer Size Limits
  • T1197 - BITS Jobs
  • T1134.002 - Create Process with Token
  • T1102.003 - One-Way Communication
  • T1098.007 - Additional Local or Domain Groups
  • T1033 - System Owner/User Discovery
  • T1219.001 - IDE Tunneling
  • T1566.002 - Spearphishing Link
  • T1041 - Exfiltration Over C2 Channel
  • T1051 - Shared Webroot
  • T1009 - Binary Padding
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1057 - Process Discovery
  • T1055.014 - VDSO Hijacking
  • T1543.003 - Windows Service
  • T1590.006 - Network Security Appliances
  • T1547.002 - Authentication Package
  • T1588.001 - Malware
  • T1183 - Image File Execution Options Injection
  • T1024 - Custom Cryptographic Protocol
  • T1597 - Search Closed Sources
  • T1091 - Replication Through Removable Media
MITREへのリンク →

Sandworm Team

Score: 0.60
Matched TTPs:
  • T1114 - Email Collection
  • T1045 - Software Packing
  • T1193 - Spearphishing Attachment
  • T1546.016 - Installer Packages
  • T1075 - Pass the Hash
  • T1583.005 - Botnet
  • T1111 - Multi-Factor Authentication Interception
  • T1166 - Setuid and Setgid
  • T1063 - Security Software Discovery
  • T1546.008 - Accessibility Features
  • T1218.010 - Regsvr32
  • T1134.002 - Create Process with Token
  • T1102.003 - One-Way Communication
  • T1098.007 - Additional Local or Domain Groups
  • T1033 - System Owner/User Discovery
  • T1484.002 - Trust Modification
  • T1219.001 - IDE Tunneling
  • T1566.002 - Spearphishing Link
  • T1049 - System Network Connections Discovery
  • T1187 - Forced Authentication
  • T1027 - Obfuscated Files or Information
  • T1157 - Dylib Hijacking
  • T1543.003 - Windows Service
  • T1547.002 - Authentication Package
  • T1183 - Image File Execution Options Injection
  • T1055.004 - Asynchronous Procedure Call
  • T1091 - Replication Through Removable Media
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る