Contagious Interview: Evolution of VS Code and Cursor Tasks Infection Chains - Part 1
概要
This intelligence report details the evolution of malware delivery techniques targeting integrated development environments (IDEs) like Visual Studio Code and Cursor. The threat actors, known as Contagious Interview, have expanded their payload staging methods to include GitHub Gists, URL shorteners, Google Drive, and custom domains. New infection chains involve complex loaders, including a custom stack-based bytecode VM and PyArmor-protected Python malware. The report highlights the actors' adaptability in response to takedowns and community reporting, showcasing their use of various obfuscation techniques and masquerading tactics. Detection opportunities and indicators of compromise are provided, including suspicious process behaviors, file paths, and network requests.
Created: 2026-02-27
Indicators
類似Pulses
類似するPulseは見つかりませんでした。
このPulseに関連する脅威アクター (事実ベース)
Score: 84.21
Matched TTPs:
- T1027.009 - Embedded Payloads
- T1027.013 - Encrypted/Encoded File
- T1587.001 - Malware
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1140 - Deobfuscate/Decode Files or Information
- T1218 - System Binary Proxy Execution
- T1620 - Reflective Code Loading
- T1547.009 - Shortcut Modification
- T1010 - Application Window Discovery
- T1562.004 - Disable or Modify System Firewall
- T1589.002 - Email Addresses
- T1016 - System Network Configuration Discovery
- T1070 - Indicator Removal
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1583.006 - Web Services
- T1491.001 - Internal Defacement
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1574.013 - KernelCallbackTable
- T1562.001 - Disable or Modify Tools
- T1036.003 - Rename Legitimate Utilities
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
- T1012 - Query Registry
- T1070.004 - File Deletion
- T1189 - Drive-by Compromise
- T1059.005 - Visual Basic
- T1046 - Network Service Discovery
- T1105 - Ingress Tool Transfer
- T1027.007 - Dynamic API Resolution
- T1566.003 - Spearphishing via Service
- T1090.001 - Internal Proxy
MITREへのリンク →
Score: 5.29
Matched TTPs:
- T1027.009 - Embedded Payloads
- T1566.002 - Spearphishing Link
MITREへのリンク →
Score: 30.04
Matched TTPs:
- T1027.009 - Embedded Payloads
- T1027.013 - Encrypted/Encoded File
- T1587.001 - Malware
- T1204.002 - Malicious File
- T1598.003 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1589.002 - Email Addresses
- T1016 - System Network Configuration Discovery
- T1027 - Obfuscated Files or Information
- T1486 - Data Encrypted for Impact
- T1195.002 - Compromise Software Supply Chain
- T1105 - Ingress Tool Transfer
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 58.89
Matched TTPs:
- T1564.012 - File/Path Exclusions
- T1587.001 - Malware
- T1213.006 - Databases
- T1566.002 - Spearphishing Link
- T1007 - System Service Discovery
- T1584.003 - Virtual Private Server
- T1140 - Deobfuscate/Decode Files or Information
- T1055 - Process Injection
- T1112 - Modify Registry
- T1016 - System Network Configuration Discovery
- T1090 - Proxy
- T1588.001 - Malware
- T1083 - File and Directory Discovery
- T1583.006 - Web Services
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1110 - Brute Force
- T1562.001 - Disable or Modify Tools
- T1102.002 - Bidirectional Communication
- T1012 - Query Registry
- T1518.001 - Security Software Discovery
- T1059.006 - Python
- T1027.010 - Command Obfuscation
- T1189 - Drive-by Compromise
- T1059.005 - Visual Basic
- T1105 - Ingress Tool Transfer
- T1090.001 - Internal Proxy
MITREへのリンク →
Score: 61.87
Matched TTPs:
- T1588.007 - Artificial Intelligence
- T1027.013 - Encrypted/Encoded File
- T1587.001 - Malware
- T1204.002 - Malicious File
- T1608.001 - Upload Malware
- T1036 - Masquerading
- T1589 - Gather Victim Identity Information
- T1681 - Search Threat Vendor Data
- T1593.003 - Code Repositories
- T1090 - Proxy
- T1204.005 - Malicious Library
- T1083 - File and Directory Discovery
- T1497 - Virtualization/Sandbox Evasion
- T1657 - Financial Theft
- T1583.006 - Web Services
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1059.006 - Python
- T1543.001 - Launch Agent
- T1027.010 - Command Obfuscation
- T1070.004 - File Deletion
- T1059.005 - Visual Basic
- T1204.004 - Malicious Copy and Paste
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 18.45
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1218.010 - Regsvr32
- T1203 - Exploitation for Client Execution
- T1059.005 - Visual Basic
- T1518 - Software Discovery
MITREへのリンク →
Score: 13.46
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1204.002 - Malicious File
- T1083 - File and Directory Discovery
- T1218.001 - Compiled HTML File
- T1189 - Drive-by Compromise
- T1027.002 - Software Packing
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 10.79
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1203 - Exploitation for Client Execution
- T1189 - Drive-by Compromise
- T1027.002 - Software Packing
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 29.90
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1204.002 - Malicious File
- T1080 - Taint Shared Content
- T1497.001 - System Checks
- T1566.001 - Spearphishing Attachment
- T1140 - Deobfuscate/Decode Files or Information
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1497 - Virtualization/Sandbox Evasion
- T1057 - Process Discovery
- T1497.002 - User Activity Based Checks
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1189 - Drive-by Compromise
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 9.36
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1203 - Exploitation for Client Execution
- T1189 - Drive-by Compromise
- T1059.005 - Visual Basic
MITREへのリンク →
Score: 53.85
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1559.002 - Dynamic Data Exchange
- T1204.002 - Malicious File
- T1598.003 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1140 - Deobfuscate/Decode Files or Information
- T1190 - Exploit Public-Facing Application
- T1036 - Masquerading
- T1595.002 - Vulnerability Scanning
- T1505.003 - Web Shell
- T1083 - File and Directory Discovery
- T1583.006 - Web Services
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1210 - Exploitation of Remote Services
- T1588.002 - Tool
- T1110 - Brute Force
- T1039 - Data from Network Shared Drive
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
- T1070.004 - File Deletion
- T1189 - Drive-by Compromise
- T1105 - Ingress Tool Transfer
- T1137.002 - Office Test
- T1001.001 - Junk Data
- T1211 - Exploitation for Defense Evasion
MITREへのリンク →
Score: 8.90
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1083 - File and Directory Discovery
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
- T1053.002 - At
MITREへのリンク →
Score: 44.14
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1559.002 - Dynamic Data Exchange
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1140 - Deobfuscate/Decode Files or Information
- T1190 - Exploit Public-Facing Application
- T1547.009 - Shortcut Modification
- T1595.002 - Vulnerability Scanning
- T1027.001 - Binary Padding
- T1505.003 - Web Shell
- T1059.001 - PowerShell
- T1534 - Internal Spearphishing
- T1218.010 - Regsvr32
- T1587.004 - Exploits
- T1203 - Exploitation for Client Execution
- T1027.003 - Steganography
- T1189 - Drive-by Compromise
- T1059.005 - Visual Basic
- T1105 - Ingress Tool Transfer
- T1027.015 - Compression
MITREへのリンク →
Score: 32.87
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1559.002 - Dynamic Data Exchange
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1598.003 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1598.002 - Spearphishing Attachment
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1027.010 - Command Obfuscation
- T1059.005 - Visual Basic
- T1518 - Software Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 47.30
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1059.010 - AutoHotKey & AutoIT
- T1140 - Deobfuscate/Decode Files or Information
- T1190 - Exploit Public-Facing Application
- T1547.009 - Shortcut Modification
- T1505.003 - Web Shell
- T1059 - Command and Scripting Interpreter
- T1083 - File and Directory Discovery
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1110 - Brute Force
- T1102.002 - Bidirectional Communication
- T1012 - Query Registry
- T1059.006 - Python
- T1546.010 - AppInit DLLs
- T1070.004 - File Deletion
- T1027.002 - Software Packing
- T1059.005 - Visual Basic
- T1046 - Network Service Discovery
- T1105 - Ingress Tool Transfer
- T1090.001 - Internal Proxy
MITREへのリンク →
Score: 23.92
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1608.001 - Upload Malware
- T1112 - Modify Registry
- T1589.002 - Email Addresses
- T1059 - Command and Scripting Interpreter
- T1497 - Virtualization/Sandbox Evasion
- T1583.006 - Web Services
- T1059.001 - PowerShell
- T1562.001 - Disable or Modify Tools
- T1203 - Exploitation for Client Execution
- T1027.002 - Software Packing
MITREへのリンク →
Score: 12.55
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1552.001 - Credentials In Files
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
- T1059.005 - Visual Basic
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 17.38
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1559.002 - Dynamic Data Exchange
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1608.001 - Upload Malware
- T1588.002 - Tool
- T1573 - Encrypted Channel
- T1203 - Exploitation for Client Execution
- T1095 - Non-Application Layer Protocol
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 36.81
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1559.002 - Dynamic Data Exchange
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1218.007 - Msiexec
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1112 - Modify Registry
- T1588.001 - Malware
- T1553.005 - Mark-of-the-Web Bypass
- T1552.001 - Credentials In Files
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1486 - Data Encrypted for Impact
- T1027.010 - Command Obfuscation
- T1027.002 - Software Packing
- T1059.005 - Visual Basic
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 21.56
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1140 - Deobfuscate/Decode Files or Information
- T1027.001 - Binary Padding
- T1016 - System Network Configuration Discovery
- T1057 - Process Discovery
- T1203 - Exploitation for Client Execution
- T1059.005 - Visual Basic
- T1090.001 - Internal Proxy
- T1027.015 - Compression
MITREへのリンク →
Score: 20.22
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1140 - Deobfuscate/Decode Files or Information
- T1112 - Modify Registry
- T1016 - System Network Configuration Discovery
- T1059 - Command and Scripting Interpreter
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1218.010 - Regsvr32
- T1027.010 - Command Obfuscation
- T1189 - Drive-by Compromise
MITREへのリンク →
Score: 36.21
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1190 - Exploit Public-Facing Application
- T1505.003 - Web Shell
- T1546.008 - Accessibility Features
- T1090 - Proxy
- T1059 - Command and Scripting Interpreter
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1059.001 - PowerShell
- T1210 - Exploitation of Remote Services
- T1110 - Brute Force
- T1039 - Data from Network Shared Drive
- T1012 - Query Registry
- T1027.010 - Command Obfuscation
- T1046 - Network Service Discovery
- T1105 - Ingress Tool Transfer
- T1213.005 - Messaging Applications
MITREへのリンク →
Score: 47.58
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1003.002 - Security Account Manager
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1608.002 - Upload Tool
- T1112 - Modify Registry
- T1505.003 - Web Shell
- T1016 - System Network Configuration Discovery
- T1059.001 - PowerShell
- T1210 - Exploitation of Remote Services
- T1588.002 - Tool
- T1195.002 - Compromise Software Supply Chain
- T1203 - Exploitation for Client Execution
- T1012 - Query Registry
- T1070.004 - File Deletion
- T1189 - Drive-by Compromise
- T1027.002 - Software Packing
- T1046 - Network Service Discovery
- T1105 - Ingress Tool Transfer
- T1053.002 - At
- T1027.015 - Compression
MITREへのリンク →
Score: 28.68
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1608.001 - Upload Malware
- T1055 - Process Injection
- T1588.001 - Malware
- T1218.005 - Mshta
- T1583.006 - Web Services
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1518.001 - Security Software Discovery
- T1027.002 - Software Packing
- T1059.005 - Visual Basic
- T1105 - Ingress Tool Transfer
- T1027.015 - Compression
MITREへのリンク →
Score: 14.27
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1140 - Deobfuscate/Decode Files or Information
- T1657 - Financial Theft
- T1614.001 - System Language Discovery
- T1518.001 - Security Software Discovery
- T1059.005 - Visual Basic
MITREへのリンク →
Score: 65.48
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1590.005 - IP Addresses
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1598.003 - Spearphishing Link
- T1562 - Impair Defenses
- T1190 - Exploit Public-Facing Application
- T1589 - Gather Victim Identity Information
- T1562.004 - Disable or Modify System Firewall
- T1595.002 - Vulnerability Scanning
- T1112 - Modify Registry
- T1505.003 - Web Shell
- T1589.002 - Email Addresses
- T1016 - System Network Configuration Discovery
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1583.006 - Web Services
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1486 - Data Encrypted for Impact
- T1573 - Encrypted Channel
- T1592.002 - Software
- T1102.002 - Bidirectional Communication
- T1027.010 - Command Obfuscation
- T1070.004 - File Deletion
- T1189 - Drive-by Compromise
- T1059.005 - Visual Basic
- T1046 - Network Service Discovery
- T1105 - Ingress Tool Transfer
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 16.61
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1574.001 - DLL
- T1140 - Deobfuscate/Decode Files or Information
- T1036 - Masquerading
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1486 - Data Encrypted for Impact
- T1105 - Ingress Tool Transfer
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 16.17
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1190 - Exploit Public-Facing Application
- T1112 - Modify Registry
- T1090 - Proxy
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1218.010 - Regsvr32
- T1574.012 - COR_PROFILER
MITREへのリンク →
Score: 29.33
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1140 - Deobfuscate/Decode Files or Information
- T1505.003 - Web Shell
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1057 - Process Discovery
- T1573 - Encrypted Channel
- T1203 - Exploitation for Client Execution
- T1027.003 - Steganography
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1046 - Network Service Discovery
- T1518 - Software Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 7.85
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1027.015 - Compression
MITREへのリンク →
Score: 8.08
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1204.002 - Malicious File
- T1574.001 - DLL
- T1059 - Command and Scripting Interpreter
- T1588.002 - Tool
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 30.21
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1003.002 - Security Account Manager
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1140 - Deobfuscate/Decode Files or Information
- T1190 - Exploit Public-Facing Application
- T1036 - Masquerading
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1059.001 - PowerShell
- T1210 - Exploitation of Remote Services
- T1588.002 - Tool
- T1039 - Data from Network Shared Drive
- T1036.003 - Rename Legitimate Utilities
- T1070.004 - File Deletion
- T1046 - Network Service Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 12.36
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1587.001 - Malware
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1505.003 - Web Shell
- T1016 - System Network Configuration Discovery
- T1588.002 - Tool
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 40.88
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1587.001 - Malware
- T1007 - System Service Discovery
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1219 - Remote Access Tools
- T1036 - Masquerading
- T1562.004 - Disable or Modify System Firewall
- T1595.002 - Vulnerability Scanning
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1562.001 - Disable or Modify Tools
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1595.001 - Scanning IP Blocks
- T1027.002 - Software Packing
- T1046 - Network Service Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 9.73
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1588.001 - Malware
- T1588.002 - Tool
- T1095 - Non-Application Layer Protocol
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 3.39
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1562.001 - Disable or Modify Tools
MITREへのリンク →
Score: 57.90
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1587.001 - Malware
- T1204.002 - Malicious File
- T1497.001 - System Checks
- T1566.002 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1007 - System Service Discovery
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1195 - Supply Chain Compromise
- T1219 - Remote Access Tools
- T1036 - Masquerading
- T1562.004 - Disable or Modify System Firewall
- T1112 - Modify Registry
- T1505.003 - Web Shell
- T1016 - System Network Configuration Discovery
- T1059 - Command and Scripting Interpreter
- T1552.001 - Credentials In Files
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1218.001 - Compiled HTML File
- T1110 - Brute Force
- T1203 - Exploitation for Client Execution
- T1012 - Query Registry
- T1070.004 - File Deletion
- T1059.005 - Visual Basic
- T1046 - Network Service Discovery
- T1105 - Ingress Tool Transfer
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 57.83
Matched TTPs:
- T1027.013 - Encrypted/Encoded File
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1598.003 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1608.001 - Upload Malware
- T1036 - Masquerading
- T1055 - Process Injection
- T1589 - Gather Victim Identity Information
- T1112 - Modify Registry
- T1505.003 - Web Shell
- T1027.016 - Junk Code Insertion
- T1589.002 - Email Addresses
- T1016 - System Network Configuration Discovery
- T1059 - Command and Scripting Interpreter
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1583.006 - Web Services
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1218.010 - Regsvr32
- T1036.003 - Rename Legitimate Utilities
- T1203 - Exploitation for Client Execution
- T1012 - Query Registry
- T1027.010 - Command Obfuscation
- T1070.004 - File Deletion
- T1189 - Drive-by Compromise
- T1059.005 - Visual Basic
- T1046 - Network Service Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 20.40
Matched TTPs:
- T1590.005 - IP Addresses
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1588.001 - Malware
- T1057 - Process Discovery
- T1592.002 - Software
- T1203 - Exploitation for Client Execution
- T1027.003 - Steganography
- T1189 - Drive-by Compromise
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 35.99
Matched TTPs:
- T1590.005 - IP Addresses
- T1583.005 - Botnet
- T1190 - Exploit Public-Facing Application
- T1505.003 - Web Shell
- T1589.002 - Email Addresses
- T1016 - System Network Configuration Discovery
- T1593.003 - Code Repositories
- T1592.004 - Client Configurations
- T1083 - File and Directory Discovery
- T1584.005 - Botnet
- T1583.006 - Web Services
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1095 - Non-Application Layer Protocol
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 16.12
Matched TTPs:
- T1003.002 - Security Account Manager
- T1574.001 - DLL
- T1059.001 - PowerShell
- T1195.002 - Compromise Software Supply Chain
- T1036.003 - Rename Legitimate Utilities
- T1012 - Query Registry
- T1189 - Drive-by Compromise
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 22.37
Matched TTPs:
- T1003.002 - Security Account Manager
- T1574.001 - DLL
- T1190 - Exploit Public-Facing Application
- T1505.003 - Web Shell
- T1583.004 - Server
- T1016 - System Network Configuration Discovery
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1027 - Obfuscated Files or Information
- T1036.003 - Rename Legitimate Utilities
- T1027.002 - Software Packing
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 56.90
Matched TTPs:
- T1003.002 - Security Account Manager
- T1587.001 - Malware
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1190 - Exploit Public-Facing Application
- T1595.002 - Vulnerability Scanning
- T1027.001 - Binary Padding
- T1505.003 - Web Shell
- T1546.008 - Accessibility Features
- T1553.005 - Mark-of-the-Web Bypass
- T1218.005 - Mshta
- T1021.007 - Cloud Services
- T1583.006 - Web Services
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1573 - Encrypted Channel
- T1203 - Exploitation for Client Execution
- T1090.004 - Domain Fronting
- T1059.006 - Python
- T1027.006 - HTML Smuggling
- T1070.004 - File Deletion
- T1027.002 - Software Packing
- T1105 - Ingress Tool Transfer
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 32.68
Matched TTPs:
- T1003.002 - Security Account Manager
- T1587.001 - Malware
- T1574.001 - DLL
- T1140 - Deobfuscate/Decode Files or Information
- T1190 - Exploit Public-Facing Application
- T1036 - Masquerading
- T1589 - Gather Victim Identity Information
- T1505.003 - Web Shell
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1657 - Financial Theft
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1059.005 - Visual Basic
- T1046 - Network Service Discovery
- T1105 - Ingress Tool Transfer
- T1090.001 - Internal Proxy
MITREへのリンク →
Score: 52.75
Matched TTPs:
- T1003.002 - Security Account Manager
- T1204.002 - Malicious File
- T1598.003 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1595.002 - Vulnerability Scanning
- T1112 - Modify Registry
- T1505.003 - Web Shell
- T1591.002 - Business Relationships
- T1016 - System Network Configuration Discovery
- T1059 - Command and Scripting Interpreter
- T1083 - File and Directory Discovery
- T1598.002 - Spearphishing Attachment
- T1059.001 - PowerShell
- T1071.002 - File Transfer Protocols
- T1210 - Exploitation of Remote Services
- T1588.002 - Tool
- T1110 - Brute Force
- T1195.002 - Compromise Software Supply Chain
- T1203 - Exploitation for Client Execution
- T1012 - Query Registry
- T1059.006 - Python
- T1070.004 - File Deletion
- T1189 - Drive-by Compromise
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 28.25
Matched TTPs:
- T1003.002 - Security Account Manager
- T1587.001 - Malware
- T1583.005 - Botnet
- T1007 - System Service Discovery
- T1140 - Deobfuscate/Decode Files or Information
- T1190 - Exploit Public-Facing Application
- T1016 - System Network Configuration Discovery
- T1059 - Command and Scripting Interpreter
- T1083 - File and Directory Discovery
- T1057 - Process Discovery
- T1588.002 - Tool
- T1027 - Obfuscated Files or Information
- T1614.001 - System Language Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 15.67
Matched TTPs:
- T1003.002 - Security Account Manager
- T1140 - Deobfuscate/Decode Files or Information
- T1190 - Exploit Public-Facing Application
- T1036 - Masquerading
- T1505.003 - Web Shell
- T1110 - Brute Force
- T1562.001 - Disable or Modify Tools
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 70.53
Matched TTPs:
- T1003.002 - Security Account Manager
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1190 - Exploit Public-Facing Application
- T1055 - Process Injection
- T1595.002 - Vulnerability Scanning
- T1112 - Modify Registry
- T1574.006 - Dynamic Linker Hijacking
- T1016 - System Network Configuration Discovery
- T1546.008 - Accessibility Features
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1059.001 - PowerShell
- T1071.002 - File Transfer Protocols
- T1588.002 - Tool
- T1218.001 - Compiled HTML File
- T1110 - Brute Force
- T1027 - Obfuscated Files or Information
- T1486 - Data Encrypted for Impact
- T1195.002 - Compromise Software Supply Chain
- T1203 - Exploitation for Client Execution
- T1595.003 - Wordlist Scanning
- T1012 - Query Registry
- T1213.003 - Code Repositories
- T1070.004 - File Deletion
- T1027.002 - Software Packing
- T1046 - Network Service Discovery
- T1105 - Ingress Tool Transfer
- T1596.005 - Scan Databases
- T1480.001 - Environmental Keying
MITREへのリンク →
Score: 24.19
Matched TTPs:
- T1003.002 - Security Account Manager
- T1583.005 - Botnet
- T1190 - Exploit Public-Facing Application
- T1055 - Process Injection
- T1505.003 - Web Shell
- T1070 - Indicator Removal
- T1083 - File and Directory Discovery
- T1654 - Log Enumeration
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1070.004 - File Deletion
MITREへのリンク →
Score: 31.73
Matched TTPs:
- T1003.002 - Security Account Manager
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1055 - Process Injection
- T1518.002 - Backup Software Discovery
- T1112 - Modify Registry
- T1016 - System Network Configuration Discovery
- T1074 - Data Staged
- T1059.001 - PowerShell
- T1210 - Exploitation of Remote Services
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1518.001 - Security Software Discovery
- T1027.010 - Command Obfuscation
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 48.14
Matched TTPs:
- T1003.002 - Security Account Manager
- T1195 - Supply Chain Compromise
- T1190 - Exploit Public-Facing Application
- T1036 - Masquerading
- T1595.002 - Vulnerability Scanning
- T1112 - Modify Registry
- T1505.003 - Web Shell
- T1588.001 - Malware
- T1552.001 - Credentials In Files
- T1654 - Log Enumeration
- T1059.001 - PowerShell
- T1210 - Exploitation of Remote Services
- T1110 - Brute Force
- T1562.001 - Disable or Modify Tools
- T1203 - Exploitation for Client Execution
- T1095 - Non-Application Layer Protocol
- T1070.004 - File Deletion
- T1595.001 - Scanning IP Blocks
- T1046 - Network Service Discovery
- T1588.005 - Exploits
MITREへのリンク →
Score: 16.67
Matched TTPs:
- T1583.002 - DNS Server
- T1213.006 - Databases
- T1190 - Exploit Public-Facing Application
- T1505.003 - Web Shell
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
- T1027.004 - Compile After Delivery
MITREへのリンク →
Score: 20.02
Matched TTPs:
- T1583.002 - DNS Server
- T1190 - Exploit Public-Facing Application
- T1546.008 - Accessibility Features
- T1584.005 - Botnet
- T1553 - Subvert Trust Controls
- T1203 - Exploitation for Client Execution
- T1189 - Drive-by Compromise
MITREへのリンク →
Score: 39.49
Matched TTPs:
- T1583.002 - DNS Server
- T1204.002 - Malicious File
- T1608.001 - Upload Malware
- T1010 - Application Window Discovery
- T1589 - Gather Victim Identity Information
- T1589.002 - Email Addresses
- T1016 - System Network Configuration Discovery
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1534 - Internal Spearphishing
- T1588.002 - Tool
- T1110 - Brute Force
- T1102.002 - Bidirectional Communication
- T1591.004 - Identify Roles
- T1027.010 - Command Obfuscation
- T1059.005 - Visual Basic
- T1518 - Software Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 93.23
Matched TTPs:
- T1587.001 - Malware
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1598.003 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1007 - System Service Discovery
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1055 - Process Injection
- T1620 - Reflective Code Loading
- T1562.004 - Disable or Modify System Firewall
- T1112 - Modify Registry
- T1027.001 - Binary Padding
- T1505.003 - Web Shell
- T1583.004 - Server
- T1027.016 - Junk Code Insertion
- T1589.002 - Email Addresses
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1218.005 - Mshta
- T1657 - Financial Theft
- T1027.012 - LNK Icon Smuggling
- T1583.006 - Web Services
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1071.002 - File Transfer Protocols
- T1534 - Internal Spearphishing
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1027 - Obfuscated Files or Information
- T1218.010 - Regsvr32
- T1102.002 - Bidirectional Communication
- T1012 - Query Registry
- T1518.001 - Security Software Discovery
- T1059.006 - Python
- T1027.010 - Command Obfuscation
- T1070.004 - File Deletion
- T1027.002 - Software Packing
- T1059.005 - Visual Basic
- T1105 - Ingress Tool Transfer
- T1588.005 - Exploits
MITREへのリンク →
Score: 17.71
Matched TTPs:
- T1587.001 - Malware
- T1204.002 - Malicious File
- T1007 - System Service Discovery
- T1112 - Modify Registry
- T1552.001 - Credentials In Files
- T1059.001 - PowerShell
- T1562.001 - Disable or Modify Tools
- T1486 - Data Encrypted for Impact
- T1012 - Query Registry
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 34.18
Matched TTPs:
- T1587.001 - Malware
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1681 - Search Threat Vendor Data
- T1588.001 - Malware
- T1083 - File and Directory Discovery
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1562.001 - Disable or Modify Tools
- T1587.004 - Exploits
- T1203 - Exploitation for Client Execution
- T1095 - Non-Application Layer Protocol
- T1059.006 - Python
- T1059.012 - Hypervisor CLI
- T1070.004 - File Deletion
MITREへのリンク →
Score: 18.31
Matched TTPs:
- T1587.001 - Malware
- T1566.002 - Spearphishing Link
- T1574.001 - DLL
- T1608.001 - Upload Malware
- T1112 - Modify Registry
- T1588.001 - Malware
- T1083 - File and Directory Discovery
- T1608.005 - Link Target
- T1588.002 - Tool
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 73.10
Matched TTPs:
- T1587.001 - Malware
- T1204.002 - Malicious File
- T1213.006 - Databases
- T1566.002 - Spearphishing Link
- T1598.003 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1195 - Supply Chain Compromise
- T1190 - Exploit Public-Facing Application
- T1219 - Remote Access Tools
- T1036 - Masquerading
- T1595.002 - Vulnerability Scanning
- T1505.003 - Web Shell
- T1583.004 - Server
- T1589.002 - Email Addresses
- T1591.002 - Business Relationships
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1584.005 - Botnet
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1027 - Obfuscated Files or Information
- T1486 - Data Encrypted for Impact
- T1592.002 - Software
- T1195.002 - Compromise Software Supply Chain
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
- T1499 - Endpoint Denial of Service
- T1027.010 - Command Obfuscation
- T1070.004 - File Deletion
- T1059.005 - Visual Basic
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 11.29
Matched TTPs:
- T1587.001 - Malware
- T1190 - Exploit Public-Facing Application
- T1602.002 - Network Device Configuration Dump
- T1562.004 - Disable or Modify System Firewall
- T1588.002 - Tool
MITREへのリンク →
Score: 19.74
Matched TTPs:
- T1587.001 - Malware
- T1190 - Exploit Public-Facing Application
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1657 - Financial Theft
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1518.001 - Security Software Discovery
- T1027.010 - Command Obfuscation
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 10.77
Matched TTPs:
- T1587.001 - Malware
- T1204.002 - Malicious File
- T1036 - Masquerading
- T1083 - File and Directory Discovery
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
- T1027.002 - Software Packing
MITREへのリンク →
Score: 25.48
Matched TTPs:
- T1587.001 - Malware
- T1204.002 - Malicious File
- T1080 - Taint Shared Content
- T1566.002 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1059.001 - PowerShell
- T1039 - Data from Network Shared Drive
- T1027 - Obfuscated Files or Information
- T1059.006 - Python
- T1070.004 - File Deletion
- T1059.005 - Visual Basic
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 83.02
Matched TTPs:
- T1587.001 - Malware
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1598.003 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1505.003 - Web Shell
- T1176.002 - IDE Extensions
- T1027.016 - Junk Code Insertion
- T1016 - System Network Configuration Discovery
- T1059 - Command and Scripting Interpreter
- T1219.001 - IDE Tunneling
- T1070 - Indicator Removal
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1608 - Stage Capabilities
- T1654 - Log Enumeration
- T1027.012 - LNK Icon Smuggling
- T1583.006 - Web Services
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1678 - Delay Execution
- T1588.002 - Tool
- T1027 - Obfuscated Files or Information
- T1203 - Exploitation for Client Execution
- T1095 - Non-Application Layer Protocol
- T1070.004 - File Deletion
- T1059.005 - Visual Basic
- T1046 - Network Service Discovery
- T1518 - Software Discovery
- T1622 - Debugger Evasion
- T1105 - Ingress Tool Transfer
- T1027.007 - Dynamic API Resolution
MITREへのリンク →
Score: 69.95
Matched TTPs:
- T1587.001 - Malware
- T1559.002 - Dynamic Data Exchange
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1219 - Remote Access Tools
- T1546.011 - Application Shimming
- T1620 - Reflective Code Loading
- T1562.004 - Disable or Modify System Firewall
- T1674 - Input Injection
- T1027.016 - Junk Code Insertion
- T1059 - Command and Scripting Interpreter
- T1218.005 - Mshta
- T1608.005 - Link Target
- T1583.006 - Web Services
- T1057 - Process Discovery
- T1497.002 - User Activity Based Checks
- T1059.001 - PowerShell
- T1210 - Exploitation of Remote Services
- T1588.002 - Tool
- T1486 - Data Encrypted for Impact
- T1195.002 - Compromise Software Supply Chain
- T1102.002 - Bidirectional Communication
- T1591.004 - Identify Roles
- T1027.010 - Command Obfuscation
- T1059.005 - Visual Basic
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 32.94
Matched TTPs:
- T1559.002 - Dynamic Data Exchange
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1219 - Remote Access Tools
- T1055 - Process Injection
- T1218.003 - CMSTP
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1218.010 - Regsvr32
- T1195.002 - Compromise Software Supply Chain
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1027.010 - Command Obfuscation
- T1070.004 - File Deletion
- T1059.005 - Visual Basic
- T1046 - Network Service Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 60.13
Matched TTPs:
- T1559.002 - Dynamic Data Exchange
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1559.001 - Component Object Model
- T1574.001 - DLL
- T1140 - Deobfuscate/Decode Files or Information
- T1190 - Exploit Public-Facing Application
- T1219 - Remote Access Tools
- T1218.003 - CMSTP
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1218.005 - Mshta
- T1583.006 - Web Services
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1210 - Exploitation of Remote Services
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
- T1027.003 - Steganography
- T1027.004 - Compile After Delivery
- T1518.001 - Security Software Discovery
- T1059.006 - Python
- T1027.010 - Command Obfuscation
- T1059.005 - Visual Basic
- T1518 - Software Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 26.22
Matched TTPs:
- T1559.002 - Dynamic Data Exchange
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1055 - Process Injection
- T1059 - Command and Scripting Interpreter
- T1057 - Process Discovery
- T1027 - Obfuscated Files or Information
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
- T1027.003 - Steganography
- T1059.006 - Python
- T1189 - Drive-by Compromise
- T1059.005 - Visual Basic
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 7.50
Matched TTPs:
- T1559.002 - Dynamic Data Exchange
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1059.001 - PowerShell
- T1027 - Obfuscated Files or Information
MITREへのリンク →
Score: 30.50
Matched TTPs:
- T1559.002 - Dynamic Data Exchange
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1598.003 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1112 - Modify Registry
- T1027.001 - Binary Padding
- T1083 - File and Directory Discovery
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1027.010 - Command Obfuscation
- T1070.004 - File Deletion
- T1189 - Drive-by Compromise
- T1027.002 - Software Packing
- T1059.005 - Visual Basic
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 5.55
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 11.90
Matched TTPs:
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1218.007 - Msiexec
- T1059.006 - Python
- T1189 - Drive-by Compromise
- T1059.005 - Visual Basic
MITREへのリンク →
Score: 9.81
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1140 - Deobfuscate/Decode Files or Information
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1218.010 - Regsvr32
- T1059.005 - Visual Basic
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 5.16
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1189 - Drive-by Compromise
MITREへのリンク →
Score: 6.98
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1588.002 - Tool
- T1027 - Obfuscated Files or Information
- T1059.005 - Visual Basic
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 14.26
Matched TTPs:
- T1204.002 - Malicious File
- T1598.003 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1505.003 - Web Shell
- T1583.004 - Server
- T1059.001 - PowerShell
- T1189 - Drive-by Compromise
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 3.31
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1059.001 - PowerShell
- T1588.002 - Tool
MITREへのリンク →
Score: 16.05
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1036 - Masquerading
- T1055 - Process Injection
- T1095 - Non-Application Layer Protocol
- T1189 - Drive-by Compromise
- T1105 - Ingress Tool Transfer
- T1056.004 - Credential API Hooking
MITREへのリンク →
Score: 17.13
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1036 - Masquerading
- T1589.002 - Email Addresses
- T1218.005 - Mshta
- T1218.010 - Regsvr32
- T1027.003 - Steganography
- T1027.010 - Command Obfuscation
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 19.39
Matched TTPs:
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1112 - Modify Registry
- T1055.004 - Asynchronous Procedure Call
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1486 - Data Encrypted for Impact
- T1518.001 - Security Software Discovery
- T1027.010 - Command Obfuscation
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 18.92
Matched TTPs:
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1608.001 - Upload Malware
- T1036 - Masquerading
- T1588.001 - Malware
- T1218.005 - Mshta
- T1583.006 - Web Services
- T1059.001 - PowerShell
- T1027.010 - Command Obfuscation
- T1059.005 - Visual Basic
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 13.49
Matched TTPs:
- T1204.002 - Malicious File
- T1598.003 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1608.001 - Upload Malware
- T1589 - Gather Victim Identity Information
- T1598.002 - Spearphishing Attachment
- T1588.002 - Tool
MITREへのリンク →
Score: 7.13
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1218.007 - Msiexec
- T1059.005 - Visual Basic
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 4.51
Matched TTPs:
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1059.005 - Visual Basic
MITREへのリンク →
Score: 11.62
Matched TTPs:
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1608.001 - Upload Malware
- T1589.002 - Email Addresses
- T1203 - Exploitation for Client Execution
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 4.96
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1105 - Ingress Tool Transfer
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 21.27
Matched TTPs:
- T1204.002 - Malicious File
- T1213.006 - Databases
- T1566.001 - Spearphishing Attachment
- T1059 - Command and Scripting Interpreter
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1095 - Non-Application Layer Protocol
- T1027.010 - Command Obfuscation
- T1070.004 - File Deletion
- T1046 - Network Service Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 5.36
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1059.001 - PowerShell
- T1203 - Exploitation for Client Execution
- T1059.005 - Visual Basic
MITREへのリンク →
Score: 5.43
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1036 - Masquerading
- T1059.001 - PowerShell
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 18.44
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1140 - Deobfuscate/Decode Files or Information
- T1547.009 - Shortcut Modification
- T1112 - Modify Registry
- T1055.002 - Portable Executable Injection
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1059.005 - Visual Basic
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 46.58
Matched TTPs:
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1574.001 - DLL
- T1007 - System Service Discovery
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1595.002 - Vulnerability Scanning
- T1112 - Modify Registry
- T1583.004 - Server
- T1016 - System Network Configuration Discovery
- T1090 - Proxy
- T1588.001 - Malware
- T1218.005 - Mshta
- T1583.006 - Web Services
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1210 - Exploitation of Remote Services
- T1588.002 - Tool
- T1027 - Obfuscated Files or Information
- T1027.003 - Steganography
- T1059.006 - Python
- T1189 - Drive-by Compromise
- T1059.005 - Visual Basic
MITREへのリンク →
Score: 19.63
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1608.001 - Upload Malware
- T1016 - System Network Configuration Discovery
- T1218.005 - Mshta
- T1598.002 - Spearphishing Attachment
- T1518.001 - Security Software Discovery
- T1059.005 - Visual Basic
- T1518 - Software Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 13.32
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1505.003 - Web Shell
- T1059.001 - PowerShell
- T1210 - Exploitation of Remote Services
- T1203 - Exploitation for Client Execution
- T1059.006 - Python
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 42.71
Matched TTPs:
- T1204.002 - Malicious File
- T1080 - Taint Shared Content
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1007 - System Service Discovery
- T1140 - Deobfuscate/Decode Files or Information
- T1036 - Masquerading
- T1027.001 - Binary Padding
- T1083 - File and Directory Discovery
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1039 - Data from Network Shared Drive
- T1203 - Exploitation for Client Execution
- T1027.003 - Steganography
- T1059.006 - Python
- T1070.004 - File Deletion
- T1189 - Drive-by Compromise
- T1059.005 - Visual Basic
- T1518 - Software Discovery
- T1105 - Ingress Tool Transfer
- T1053.002 - At
MITREへのリンク →
Score: 57.30
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1218.007 - Msiexec
- T1140 - Deobfuscate/Decode Files or Information
- T1055 - Process Injection
- T1480.002 - Mutual Exclusion
- T1562.004 - Disable or Modify System Firewall
- T1112 - Modify Registry
- T1505.003 - Web Shell
- T1083 - File and Directory Discovery
- T1553.005 - Mark-of-the-Web Bypass
- T1218.005 - Mshta
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1218.001 - Compiled HTML File
- T1110 - Brute Force
- T1562.001 - Disable or Modify Tools
- T1486 - Data Encrypted for Impact
- T1036.003 - Rename Legitimate Utilities
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1189 - Drive-by Compromise
- T1027.002 - Software Packing
- T1059.005 - Visual Basic
- T1036.006 - Space after Filename
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 8.53
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1016 - System Network Configuration Discovery
- T1518.001 - Security Software Discovery
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 15.61
Matched TTPs:
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1218.007 - Msiexec
- T1140 - Deobfuscate/Decode Files or Information
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1059.005 - Visual Basic
- T1105 - Ingress Tool Transfer
- T1027.015 - Compression
MITREへのリンク →
Score: 8.45
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1007 - System Service Discovery
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 78.26
Matched TTPs:
- T1204.002 - Malicious File
- T1080 - Taint Shared Content
- T1497.001 - System Checks
- T1566.001 - Spearphishing Attachment
- T1559.001 - Component Object Model
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1055 - Process Injection
- T1620 - Reflective Code Loading
- T1112 - Modify Registry
- T1027.016 - Junk Code Insertion
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1027.012 - LNK Icon Smuggling
- T1583.006 - Web Services
- T1491.001 - Internal Defacement
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1534 - Internal Spearphishing
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1039 - Data from Network Shared Drive
- T1027 - Obfuscated Files or Information
- T1102.002 - Bidirectional Communication
- T1095 - Non-Application Layer Protocol
- T1012 - Query Registry
- T1027.004 - Compile After Delivery
- T1518.001 - Security Software Discovery
- T1027.010 - Command Obfuscation
- T1070.004 - File Deletion
- T1059.005 - Visual Basic
- T1105 - Ingress Tool Transfer
- T1027.015 - Compression
MITREへのリンク →
Score: 8.49
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1027.002 - Software Packing
MITREへのリンク →
Score: 5.30
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1583.006 - Web Services
- T1588.002 - Tool
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 16.46
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1055 - Process Injection
- T1112 - Modify Registry
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1218.001 - Compiled HTML File
- T1027.010 - Command Obfuscation
- T1070.004 - File Deletion
- T1059.005 - Visual Basic
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 13.23
Matched TTPs:
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1583.006 - Web Services
- T1059.001 - PowerShell
- T1203 - Exploitation for Client Execution
- T1059.005 - Visual Basic
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 10.42
Matched TTPs:
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1190 - Exploit Public-Facing Application
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 20.21
Matched TTPs:
- T1204.002 - Malicious File
- T1566.002 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1036 - Masquerading
- T1057 - Process Discovery
- T1027 - Obfuscated Files or Information
- T1518.001 - Security Software Discovery
- T1189 - Drive-by Compromise
- T1059.005 - Visual Basic
- T1518 - Software Discovery
- T1105 - Ingress Tool Transfer
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 17.84
Matched TTPs:
- T1080 - Taint Shared Content
- T1574.001 - DLL
- T1140 - Deobfuscate/Decode Files or Information
- T1190 - Exploit Public-Facing Application
- T1090 - Proxy
- T1657 - Financial Theft
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1059.006 - Python
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 56.66
Matched TTPs:
- T1484.002 - Trust Modification
- T1598.003 - Spearphishing Link
- T1070.008 - Clear Mailbox Data
- T1589 - Gather Victim Identity Information
- T1016 - System Network Configuration Discovery
- T1090 - Proxy
- T1588.001 - Malware
- T1083 - File and Directory Discovery
- T1074 - Data Staged
- T1552.001 - Credentials In Files
- T1657 - Financial Theft
- T1021.007 - Cloud Services
- T1204 - User Execution
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1486 - Data Encrypted for Impact
- T1213.003 - Code Repositories
- T1538 - Cloud Service Dashboard
- T1105 - Ingress Tool Transfer
- T1213.005 - Messaging Applications
MITREへのリンク →
Score: 29.47
Matched TTPs:
- T1484.002 - Trust Modification
- T1190 - Exploit Public-Facing Application
- T1657 - Financial Theft
- T1021.007 - Cloud Services
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1110 - Brute Force
- T1486 - Data Encrypted for Impact
- T1218.010 - Regsvr32
- T1614.001 - System Language Discovery
- T1518.001 - Security Software Discovery
- T1027.002 - Software Packing
MITREへのリンク →
Score: 8.78
Matched TTPs:
- T1497.001 - System Checks
- T1566.002 - Spearphishing Link
- T1574.001 - DLL
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 74.60
Matched TTPs:
- T1497.001 - System Checks
- T1007 - System Service Discovery
- T1584.003 - Virtual Private Server
- T1140 - Deobfuscate/Decode Files or Information
- T1190 - Exploit Public-Facing Application
- T1218 - System Binary Proxy Execution
- T1010 - Application Window Discovery
- T1589 - Gather Victim Identity Information
- T1112 - Modify Registry
- T1505.003 - Web Shell
- T1589.002 - Email Addresses
- T1016 - System Network Configuration Discovery
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1074 - Data Staged
- T1584.005 - Botnet
- T1654 - Log Enumeration
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1587.004 - Exploits
- T1012 - Query Registry
- T1591.004 - Identify Roles
- T1070.004 - File Deletion
- T1027.002 - Software Packing
- T1046 - Network Service Discovery
- T1518 - Software Discovery
- T1105 - Ingress Tool Transfer
- T1596.005 - Scan Databases
- T1090.001 - Internal Proxy
MITREへのリンク →
Score: 9.25
Matched TTPs:
- T1566.002 - Spearphishing Link
- T1608.001 - Upload Malware
- T1583.004 - Server
- T1189 - Drive-by Compromise
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 24.73
Matched TTPs:
- T1566.002 - Spearphishing Link
- T1574.001 - DLL
- T1016 - System Network Configuration Discovery
- T1546.008 - Accessibility Features
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1027 - Obfuscated Files or Information
- T1203 - Exploitation for Client Execution
- T1095 - Non-Application Layer Protocol
- T1070.004 - File Deletion
- T1027.002 - Software Packing
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 11.14
Matched TTPs:
- T1566.002 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1007 - System Service Discovery
- T1016 - System Network Configuration Discovery
- T1588.001 - Malware
- T1057 - Process Discovery
- T1588.002 - Tool
MITREへのリンク →
Score: 24.23
Matched TTPs:
- T1566.002 - Spearphishing Link
- T1598.003 - Spearphishing Link
- T1218.007 - Msiexec
- T1140 - Deobfuscate/Decode Files or Information
- T1036 - Masquerading
- T1016 - System Network Configuration Discovery
- T1583.006 - Web Services
- T1102.002 - Bidirectional Communication
- T1012 - Query Registry
- T1059.006 - Python
- T1027.002 - Software Packing
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 19.42
Matched TTPs:
- T1566.002 - Spearphishing Link
- T1608.001 - Upload Malware
- T1070.008 - Clear Mailbox Data
- T1112 - Modify Registry
- T1016 - System Network Configuration Discovery
- T1070 - Indicator Removal
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1518.001 - Security Software Discovery
- T1059.005 - Visual Basic
MITREへのリンク →
Score: 9.68
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1589.002 - Email Addresses
- T1608.005 - Link Target
- T1588.002 - Tool
MITREへのリンク →
Score: 15.67
Matched TTPs:
- T1566.001 - Spearphishing Attachment
- T1140 - Deobfuscate/Decode Files or Information
- T1190 - Exploit Public-Facing Application
- T1036 - Masquerading
- T1595.002 - Vulnerability Scanning
- T1059 - Command and Scripting Interpreter
- T1083 - File and Directory Discovery
- T1059.001 - PowerShell
- T1189 - Drive-by Compromise
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 42.32
Matched TTPs:
- T1559.001 - Component Object Model
- T1190 - Exploit Public-Facing Application
- T1219 - Remote Access Tools
- T1608.002 - Upload Tool
- T1562.004 - Disable or Modify System Firewall
- T1112 - Modify Registry
- T1505.003 - Web Shell
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1657 - Financial Theft
- T1583.006 - Web Services
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1486 - Data Encrypted for Impact
- T1518.001 - Security Software Discovery
- T1027.010 - Command Obfuscation
- T1070.004 - File Deletion
- T1027.002 - Software Packing
- T1046 - Network Service Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 25.79
Matched TTPs:
- T1574.001 - DLL
- T1007 - System Service Discovery
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1039 - Data from Network Shared Drive
- T1012 - Query Registry
- T1556.001 - Domain Controller Authentication
- T1027.010 - Command Obfuscation
- T1070.004 - File Deletion
- T1046 - Network Service Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 16.69
Matched TTPs:
- T1574.001 - DLL
- T1055 - Process Injection
- T1562.004 - Disable or Modify System Firewall
- T1083 - File and Directory Discovery
- T1562.001 - Disable or Modify Tools
- T1090.001 - Internal Proxy
- T1211 - Exploitation for Defense Evasion
MITREへのリンク →
Score: 27.79
Matched TTPs:
- T1574.001 - DLL
- T1007 - System Service Discovery
- T1595.002 - Vulnerability Scanning
- T1112 - Modify Registry
- T1574.006 - Dynamic Linker Hijacking
- T1588.001 - Malware
- T1654 - Log Enumeration
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1518.001 - Security Software Discovery
- T1027.010 - Command Obfuscation
- T1070.004 - File Deletion
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 15.77
Matched TTPs:
- T1574.001 - DLL
- T1190 - Exploit Public-Facing Application
- T1505.003 - Web Shell
- T1588.001 - Malware
- T1588.002 - Tool
- T1027 - Obfuscated Files or Information
- T1095 - Non-Application Layer Protocol
- T1046 - Network Service Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 4.84
Matched TTPs:
- T1007 - System Service Discovery
- T1057 - Process Discovery
- T1059.001 - PowerShell
MITREへのリンク →
Score: 42.06
Matched TTPs:
- T1140 - Deobfuscate/Decode Files or Information
- T1562 - Impair Defenses
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1219 - Remote Access Tools
- T1055 - Process Injection
- T1562.004 - Disable or Modify System Firewall
- T1112 - Modify Registry
- T1505.003 - Web Shell
- T1016 - System Network Configuration Discovery
- T1491.001 - Internal Defacement
- T1059.001 - PowerShell
- T1562.001 - Disable or Modify Tools
- T1486 - Data Encrypted for Impact
- T1614.001 - System Language Discovery
- T1012 - Query Registry
- T1518.001 - Security Software Discovery
- T1070.004 - File Deletion
- T1046 - Network Service Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 32.79
Matched TTPs:
- T1140 - Deobfuscate/Decode Files or Information
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1574.006 - Dynamic Linker Hijacking
- T1055.002 - Portable Executable Injection
- T1057 - Process Discovery
- T1562.001 - Disable or Modify Tools
- T1027 - Obfuscated Files or Information
- T1027.004 - Compile After Delivery
- T1518.001 - Security Software Discovery
- T1059.006 - Python
- T1070.004 - File Deletion
- T1027.002 - Software Packing
- T1046 - Network Service Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 9.65
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1219 - Remote Access Tools
- T1059.001 - PowerShell
- T1195.002 - Compromise Software Supply Chain
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 14.52
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1083 - File and Directory Discovery
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1095 - Non-Application Layer Protocol
- T1518.001 - Security Software Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 10.74
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1595.002 - Vulnerability Scanning
- T1505.003 - Web Shell
- T1595.003 - Wordlist Scanning
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 19.12
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1219 - Remote Access Tools
- T1074 - Data Staged
- T1657 - Financial Theft
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1486 - Data Encrypted for Impact
- T1070.004 - File Deletion
- T1046 - Network Service Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 17.63
Matched TTPs:
- T1558 - Steal or Forge Kerberos Tickets
- T1219 - Remote Access Tools
- T1027.001 - Binary Padding
- T1657 - Financial Theft
- T1059.001 - PowerShell
- T1562.001 - Disable or Modify Tools
- T1486 - Data Encrypted for Impact
MITREへのリンク →
Score: 8.53
Matched TTPs:
- T1219 - Remote Access Tools
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1110 - Brute Force
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 8.18
Matched TTPs:
- T1219 - Remote Access Tools
- T1562.004 - Disable or Modify System Firewall
- T1588.002 - Tool
- T1102.002 - Bidirectional Communication
MITREへのリンク →
Score: 34.23
Matched TTPs:
- T1589 - Gather Victim Identity Information
- T1589.002 - Email Addresses
- T1591.002 - Business Relationships
- T1593.003 - Code Repositories
- T1090 - Proxy
- T1588.001 - Malware
- T1204 - User Execution
- T1588.002 - Tool
- T1591.004 - Identify Roles
- T1213.003 - Code Repositories
- T1213.005 - Messaging Applications
MITREへのリンク →
Score: 12.38
Matched TTPs:
- T1112 - Modify Registry
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1588.002 - Tool
- T1012 - Query Registry
- T1046 - Network Service Discovery
- T1090.001 - Internal Proxy
MITREへのリンク →
Score: 3.03
Matched TTPs:
- T1027.001 - Binary Padding
MITREへのリンク →
Score: 10.11
Matched TTPs:
- T1505.003 - Web Shell
- T1546.008 - Accessibility Features
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1218.010 - Regsvr32
MITREへのリンク →
Score: 8.36
Matched TTPs:
- T1016 - System Network Configuration Discovery
- T1059 - Command and Scripting Interpreter
- T1057 - Process Discovery
- T1059.001 - PowerShell
- T1012 - Query Registry
MITREへのリンク →
Score: 3.99
Matched TTPs:
- T1090 - Proxy
- T1059.001 - PowerShell
- T1588.002 - Tool
MITREへのリンク →
Score: 5.19
Matched TTPs:
- T1090 - Proxy
- T1059.001 - PowerShell
- T1027.002 - Software Packing
MITREへのリンク →
Score: 10.49
Matched TTPs:
- T1090 - Proxy
- T1059 - Command and Scripting Interpreter
- T1083 - File and Directory Discovery
- T1189 - Drive-by Compromise
- T1518 - Software Discovery
MITREへのリンク →
Score: 7.60
Matched TTPs:
- T1090 - Proxy
- T1583.006 - Web Services
- T1588.002 - Tool
- T1102.002 - Bidirectional Communication
MITREへのリンク →
Score: 7.09
Matched TTPs:
- T1059 - Command and Scripting Interpreter
- T1588.002 - Tool
- T1110 - Brute Force
- T1070.004 - File Deletion
MITREへのリンク →
Score: 4.33
Matched TTPs:
- T1083 - File and Directory Discovery
- T1039 - Data from Network Shared Drive
MITREへのリンク →
Score: 3.59
Matched TTPs:
- T1083 - File and Directory Discovery
- T1057 - Process Discovery
- T1105 - Ingress Tool Transfer
MITREへのリンク →
Score: 10.07
Matched TTPs:
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1588.002 - Tool
- T1027.010 - Command Obfuscation
- T1189 - Drive-by Compromise
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 4.86
Matched TTPs:
- T1657 - Financial Theft
- T1486 - Data Encrypted for Impact
MITREへのリンク →
Score: 6.14
Matched TTPs:
- T1657 - Financial Theft
- T1071.002 - File Transfer Protocols
MITREへのリンク →
Score: 3.03
Matched TTPs:
- T1059.001 - PowerShell
- T1588.002 - Tool
- T1070.004 - File Deletion
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1480.001 - Environmental Keying
MITREへのリンク →
このPulseに関連する脅威アクター (推論ベース)
Score: 0.70
Matched TTPs:
- T1562.001 - Disable or Modify Tools
- T1027.002 - Software Packing
- T1027.012 - LNK Icon Smuggling
- T1552.001 - Credentials In Files
- T1218.010 - Regsvr32
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1027 - Obfuscated Files or Information
- T1566.001 - Spearphishing Attachment
- T1562.004 - Disable or Modify System Firewall
- T1583.004 - Server
- T1057 - Process Discovery
- T1657 - Financial Theft
- T1518.001 - Security Software Discovery
- T1055 - Process Injection
- T1027.010 - Command Obfuscation
- T1588.005 - Exploits
- T1505.003 - Web Shell
- T1059.006 - Python
- T1102.002 - Bidirectional Communication
- T1070.004 - File Deletion
- T1588.002 - Tool
- T1027.016 - Junk Code Insertion
- T1620 - Reflective Code Loading
- T1190 - Exploit Public-Facing Application
- T1218.005 - Mshta
- T1059.005 - Visual Basic
- T1059.001 - PowerShell
- T1204.002 - Malicious File
- T1027.001 - Binary Padding
- T1105 - Ingress Tool Transfer
- T1589.002 - Email Addresses
- T1071.002 - File Transfer Protocols
- T1016 - System Network Configuration Discovery
- T1583.006 - Web Services
- T1566.002 - Spearphishing Link
- T1112 - Modify Registry
- T1534 - Internal Spearphishing
- T1007 - System Service Discovery
- T1012 - Query Registry
- T1083 - File and Directory Discovery
MITREへのリンク →
Score: 0.63
Matched TTPs:
- T1189 - Drive-by Compromise
- T1562.001 - Disable or Modify Tools
- T1587.001 - Malware
- T1140 - Deobfuscate/Decode Files or Information
- T1547.009 - Shortcut Modification
- T1218 - System Binary Proxy Execution
- T1027.007 - Dynamic API Resolution
- T1566.001 - Spearphishing Attachment
- T1562.004 - Disable or Modify System Firewall
- T1566.003 - Spearphishing via Service
- T1057 - Process Discovery
- T1070 - Indicator Removal
- T1027.009 - Embedded Payloads
- T1102.002 - Bidirectional Communication
- T1070.004 - File Deletion
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
- T1620 - Reflective Code Loading
- T1218.005 - Mshta
- T1036.003 - Rename Legitimate Utilities
- T1059.005 - Visual Basic
- T1059.001 - PowerShell
- T1204.002 - Malicious File
- T1046 - Network Service Discovery
- T1105 - Ingress Tool Transfer
- T1010 - Application Window Discovery
- T1589.002 - Email Addresses
- T1574.001 - DLL
- T1016 - System Network Configuration Discovery
- T1583.006 - Web Services
- T1566.002 - Spearphishing Link
- T1491.001 - Internal Defacement
- T1027.013 - Encrypted/Encoded File
- T1574.013 - KernelCallbackTable
- T1090.001 - Internal Proxy
- T1012 - Query Registry
- T1083 - File and Directory Discovery
MITREへのリンク →
Score: 0.62
Matched TTPs:
- T1027.012 - LNK Icon Smuggling
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1622 - Debugger Evasion
- T1678 - Delay Execution
- T1654 - Log Enumeration
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1027 - Obfuscated Files or Information
- T1566.001 - Spearphishing Attachment
- T1027.007 - Dynamic API Resolution
- T1518 - Software Discovery
- T1608 - Stage Capabilities
- T1057 - Process Discovery
- T1070 - Indicator Removal
- T1505.003 - Web Shell
- T1095 - Non-Application Layer Protocol
- T1070.004 - File Deletion
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
- T1027.016 - Junk Code Insertion
- T1218.005 - Mshta
- T1059.005 - Visual Basic
- T1059.001 - PowerShell
- T1204.002 - Malicious File
- T1046 - Network Service Discovery
- T1105 - Ingress Tool Transfer
- T1059 - Command and Scripting Interpreter
- T1574.001 - DLL
- T1016 - System Network Configuration Discovery
- T1583.006 - Web Services
- T1566.002 - Spearphishing Link
- T1176.002 - IDE Extensions
- T1219.001 - IDE Tunneling
- T1083 - File and Directory Discovery
MITREへのリンク →
Score: 0.59
Matched TTPs:
- T1562.001 - Disable or Modify Tools
- T1090 - Proxy
- T1027.012 - LNK Icon Smuggling
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1027.015 - Compression
- T1027 - Obfuscated Files or Information
- T1566.001 - Spearphishing Attachment
- T1057 - Process Discovery
- T1027.004 - Compile After Delivery
- T1518.001 - Security Software Discovery
- T1055 - Process Injection
- T1027.010 - Command Obfuscation
- T1559.001 - Component Object Model
- T1095 - Non-Application Layer Protocol
- T1102.002 - Bidirectional Communication
- T1070.004 - File Deletion
- T1588.002 - Tool
- T1027.016 - Junk Code Insertion
- T1497.001 - System Checks
- T1620 - Reflective Code Loading
- T1218.005 - Mshta
- T1059.005 - Visual Basic
- T1059.001 - PowerShell
- T1204.002 - Malicious File
- T1105 - Ingress Tool Transfer
- T1080 - Taint Shared Content
- T1583.006 - Web Services
- T1491.001 - Internal Defacement
- T1112 - Modify Registry
- T1534 - Internal Spearphishing
- T1012 - Query Registry
- T1039 - Data from Network Shared Drive
- T1083 - File and Directory Discovery
MITREへのリンク →
Score: 0.56
Matched TTPs:
- T1027.002 - Software Packing
- T1090 - Proxy
- T1584.005 - Botnet
- T1654 - Log Enumeration
- T1140 - Deobfuscate/Decode Files or Information
- T1074 - Data Staged
- T1218 - System Binary Proxy Execution
- T1518 - Software Discovery
- T1057 - Process Discovery
- T1587.004 - Exploits
- T1591.004 - Identify Roles
- T1505.003 - Web Shell
- T1596.005 - Scan Databases
- T1070.004 - File Deletion
- T1588.002 - Tool
- T1584.003 - Virtual Private Server
- T1497.001 - System Checks
- T1190 - Exploit Public-Facing Application
- T1059.001 - PowerShell
- T1046 - Network Service Discovery
- T1105 - Ingress Tool Transfer
- T1010 - Application Window Discovery
- T1589.002 - Email Addresses
- T1016 - System Network Configuration Discovery
- T1112 - Modify Registry
- T1007 - System Service Discovery
- T1090.001 - Internal Proxy
- T1012 - Query Registry
- T1589 - Gather Victim Identity Information
- T1083 - File and Directory Discovery
MITREへのリンク →
Related CVEs
このPulseに見つかったCVEはありません。
Pulse – 脅威アクター グラフ
← Pulse一覧に戻る
Trusted Design