Dust Specter APT Targets Government Officials in Iraq
概要
A suspected Iran-nexus threat actor, dubbed Dust Specter, targeted Iraqi government officials in January 2026. The campaign involved impersonating Iraq's Ministry of Foreign Affairs and using compromised government infrastructure to host malicious payloads. Two attack chains were identified, utilizing previously undocumented malware including SPLITDROP, TWINTASK, TWINTALK, and GHOSTFORM. The malware employed creative evasion techniques, leveraged generative AI for development, and used file-based polling mechanisms for command execution. The campaign also incorporated ClickFix-style attacks and social engineering lures. Attribution to an Iran-nexus group is based on code similarities, victimology, and overlapping tactics with known Iranian APT groups.
Created: 2026-03-04
Indicators
類似Pulses
類似するPulseは見つかりませんでした。
このPulseに関連する脅威アクター (事実ベース)
Score: 35.87
Matched TTPs:
- T1027.009 - Embedded Payloads
- T1587.001 - Malware
- T1140 - Deobfuscate/Decode Files or Information
- T1010 - Application Window Discovery
- T1585.002 - Email Accounts
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1583.006 - Web Services
- T1041 - Exfiltration Over C2 Channel
- T1591 - Gather Victim Org Information
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
- T1046 - Network Service Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 3.84
Matched TTPs:
- T1027.009 - Embedded Payloads
MITREへのリンク →
Score: 26.77
Matched TTPs:
- T1027.009 - Embedded Payloads
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1585.002 - Email Accounts
- T1016 - System Network Configuration Discovery
- T1591 - Gather Victim Org Information
- T1486 - Data Encrypted for Impact
- T1195.002 - Compromise Software Supply Chain
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 33.70
Matched TTPs:
- T1564.012 - File/Path Exclusions
- T1587.001 - Malware
- T1213.006 - Databases
- T1584.003 - Virtual Private Server
- T1140 - Deobfuscate/Decode Files or Information
- T1016 - System Network Configuration Discovery
- T1090 - Proxy
- T1588.001 - Malware
- T1083 - File and Directory Discovery
- T1583.006 - Web Services
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1584.006 - Web Services
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 57.12
Matched TTPs:
- T1588.007 - Artificial Intelligence
- T1587.001 - Malware
- T1608.001 - Upload Malware
- T1036 - Masquerading
- T1589 - Gather Victim Identity Information
- T1681 - Search Threat Vendor Data
- T1585.002 - Email Accounts
- T1593.003 - Code Repositories
- T1090 - Proxy
- T1204.005 - Malicious Library
- T1083 - File and Directory Discovery
- T1583.006 - Web Services
- T1041 - Exfiltration Over C2 Channel
- T1593 - Search Open Websites/Domains
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1585 - Establish Accounts
- T1543.001 - Launch Agent
- T1204.004 - Malicious Copy and Paste
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 39.01
Matched TTPs:
- T1491.002 - External Defacement
- T1003.002 - Security Account Manager
- T1071.004 - DNS
- T1195 - Supply Chain Compromise
- T1036 - Masquerading
- T1505.003 - Web Shell
- T1588.001 - Malware
- T1552.001 - Credentials In Files
- T1562.001 - Disable or Modify Tools
- T1203 - Exploitation for Client Execution
- T1585 - Establish Accounts
- T1595.001 - Scanning IP Blocks
- T1046 - Network Service Discovery
- T1588.005 - Exploits
MITREへのリンク →
Score: 59.38
Matched TTPs:
- T1491.002 - External Defacement
- T1587.001 - Malware
- T1213.006 - Databases
- T1598.003 - Spearphishing Link
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1195 - Supply Chain Compromise
- T1036 - Masquerading
- T1505.003 - Web Shell
- T1583.004 - Server
- T1585.002 - Email Accounts
- T1591.002 - Business Relationships
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1041 - Exfiltration Over C2 Channel
- T1593 - Search Open Websites/Domains
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1592.002 - Software
- T1195.002 - Compromise Software Supply Chain
- T1203 - Exploitation for Client Execution
- T1499 - Endpoint Denial of Service
MITREへのリンク →
Score: 53.07
Matched TTPs:
- T1568.002 - Domain Generation Algorithms
- T1003.002 - Security Account Manager
- T1071.004 - DNS
- T1016 - System Network Configuration Discovery
- T1546.008 - Accessibility Features
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1071.002 - File Transfer Protocols
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1599 - Network Boundary Bridging
- T1486 - Data Encrypted for Impact
- T1195.002 - Compromise Software Supply Chain
- T1203 - Exploitation for Client Execution
- T1595.003 - Wordlist Scanning
- T1213.003 - Code Repositories
- T1046 - Network Service Discovery
- T1596.005 - Scan Databases
- T1480.001 - Environmental Keying
MITREへのリンク →
Score: 11.41
Matched TTPs:
- T1568.002 - Domain Generation Algorithms
- T1036 - Masquerading
- T1218.005 - Mshta
- T1218.010 - Regsvr32
MITREへのリンク →
Score: 5.52
Matched TTPs:
- T1003.002 - Security Account Manager
- T1195.002 - Compromise Software Supply Chain
MITREへのリンク →
Score: 13.36
Matched TTPs:
- T1003.002 - Security Account Manager
- T1505.003 - Web Shell
- T1583.004 - Server
- T1016 - System Network Configuration Discovery
- T1041 - Exfiltration Over C2 Channel
- T1588.002 - Tool
- T1078 - Valid Accounts
MITREへのリンク →
Score: 27.85
Matched TTPs:
- T1003.002 - Security Account Manager
- T1587.001 - Malware
- T1505.003 - Web Shell
- T1546.008 - Accessibility Features
- T1218.005 - Mshta
- T1021.007 - Cloud Services
- T1583.006 - Web Services
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1573 - Encrypted Channel
- T1203 - Exploitation for Client Execution
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 21.04
Matched TTPs:
- T1003.002 - Security Account Manager
- T1587.001 - Malware
- T1140 - Deobfuscate/Decode Files or Information
- T1036 - Masquerading
- T1589 - Gather Victim Identity Information
- T1505.003 - Web Shell
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1588.002 - Tool
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 27.37
Matched TTPs:
- T1003.002 - Security Account Manager
- T1598.003 - Spearphishing Link
- T1505.003 - Web Shell
- T1591.002 - Business Relationships
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1598.002 - Spearphishing Attachment
- T1071.002 - File Transfer Protocols
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1195.002 - Compromise Software Supply Chain
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 19.86
Matched TTPs:
- T1003.002 - Security Account Manager
- T1071.004 - DNS
- T1587.001 - Malware
- T1583.005 - Botnet
- T1140 - Deobfuscate/Decode Files or Information
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1041 - Exfiltration Over C2 Channel
- T1588.002 - Tool
- T1078 - Valid Accounts
MITREへのリンク →
Score: 13.65
Matched TTPs:
- T1003.002 - Security Account Manager
- T1140 - Deobfuscate/Decode Files or Information
- T1036 - Masquerading
- T1505.003 - Web Shell
- T1041 - Exfiltration Over C2 Channel
- T1562.001 - Disable or Modify Tools
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 9.50
Matched TTPs:
- T1003.002 - Security Account Manager
- T1583.005 - Botnet
- T1505.003 - Web Shell
- T1083 - File and Directory Discovery
MITREへのリンク →
Score: 13.15
Matched TTPs:
- T1003.002 - Security Account Manager
- T1140 - Deobfuscate/Decode Files or Information
- T1036 - Masquerading
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 21.96
Matched TTPs:
- T1003.002 - Security Account Manager
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1608.002 - Upload Tool
- T1505.003 - Web Shell
- T1016 - System Network Configuration Discovery
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1195.002 - Compromise Software Supply Chain
- T1203 - Exploitation for Client Execution
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 18.83
Matched TTPs:
- T1003.002 - Security Account Manager
- T1518.002 - Backup Software Discovery
- T1585.002 - Email Accounts
- T1016 - System Network Configuration Discovery
- T1041 - Exfiltration Over C2 Channel
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 16.62
Matched TTPs:
- T1583.002 - DNS Server
- T1213.006 - Databases
- T1505.003 - Web Shell
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
- T1027.004 - Compile After Delivery
MITREへのリンク →
Score: 10.05
Matched TTPs:
- T1583.002 - DNS Server
- T1546.008 - Accessibility Features
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 19.94
Matched TTPs:
- T1583.002 - DNS Server
- T1608.001 - Upload Malware
- T1010 - Application Window Discovery
- T1589 - Gather Victim Identity Information
- T1585.002 - Email Accounts
- T1016 - System Network Configuration Discovery
- T1588.002 - Tool
- T1518 - Software Discovery
MITREへのリンク →
Score: 19.69
Matched TTPs:
- T1071.004 - DNS
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1041 - Exfiltration Over C2 Channel
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1556.001 - Domain Controller Authentication
- T1111 - Multi-Factor Authentication Interception
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 13.72
Matched TTPs:
- T1071.004 - DNS
- T1608.001 - Upload Malware
- T1036 - Masquerading
- T1588.001 - Malware
- T1218.005 - Mshta
- T1583.006 - Web Services
MITREへのリンク →
Score: 18.56
Matched TTPs:
- T1071.004 - DNS
- T1218.003 - CMSTP
- T1588.002 - Tool
- T1218.010 - Regsvr32
- T1195.002 - Compromise Software Supply Chain
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 32.77
Matched TTPs:
- T1071.004 - DNS
- T1587.001 - Malware
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1195 - Supply Chain Compromise
- T1036 - Masquerading
- T1505.003 - Web Shell
- T1016 - System Network Configuration Discovery
- T1552.001 - Credentials In Files
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
- T1137.004 - Outlook Home Page
- T1046 - Network Service Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 13.39
Matched TTPs:
- T1071.004 - DNS
- T1140 - Deobfuscate/Decode Files or Information
- T1505.003 - Web Shell
- T1083 - File and Directory Discovery
- T1041 - Exfiltration Over C2 Channel
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 20.37
Matched TTPs:
- T1071.004 - DNS
- T1140 - Deobfuscate/Decode Files or Information
- T1505.003 - Web Shell
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1573 - Encrypted Channel
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1046 - Network Service Discovery
- T1518 - Software Discovery
MITREへのリンク →
Score: 5.47
Matched TTPs:
- T1071.004 - DNS
- T1083 - File and Directory Discovery
- T1078 - Valid Accounts
MITREへのリンク →
Score: 31.54
Matched TTPs:
- T1071.004 - DNS
- T1587.001 - Malware
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1218.005 - Mshta
- T1608.005 - Link Target
- T1583.006 - Web Services
- T1497.002 - User Activity Based Checks
- T1591 - Gather Victim Org Information
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1195.002 - Compromise Software Supply Chain
MITREへのリンク →
Score: 64.11
Matched TTPs:
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1505.003 - Web Shell
- T1583.004 - Server
- T1585.002 - Email Accounts
- T1593.002 - Search Engines
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1218.005 - Mshta
- T1027.012 - LNK Icon Smuggling
- T1583.006 - Web Services
- T1041 - Exfiltration Over C2 Channel
- T1591 - Gather Victim Org Information
- T1071.002 - File Transfer Protocols
- T1593 - Search Open Websites/Domains
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1218.010 - Regsvr32
- T1518.001 - Security Software Discovery
- T1585 - Establish Accounts
- T1111 - Multi-Factor Authentication Interception
- T1588.005 - Exploits
MITREへのリンク →
Score: 12.47
Matched TTPs:
- T1587.001 - Malware
- T1585.002 - Email Accounts
- T1552.001 - Credentials In Files
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
MITREへのリンク →
Score: 18.83
Matched TTPs:
- T1587.001 - Malware
- T1070.007 - Clear Network Connection History and Configurations
- T1681 - Search Threat Vendor Data
- T1588.001 - Malware
- T1083 - File and Directory Discovery
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 14.49
Matched TTPs:
- T1587.001 - Malware
- T1608.001 - Upload Malware
- T1588.001 - Malware
- T1083 - File and Directory Discovery
- T1608.005 - Link Target
- T1041 - Exfiltration Over C2 Channel
- T1588.002 - Tool
MITREへのリンク →
Score: 7.48
Matched TTPs:
- T1587.001 - Malware
- T1602.002 - Network Device Configuration Dump
- T1588.002 - Tool
MITREへのリンク →
Score: 10.83
Matched TTPs:
- T1587.001 - Malware
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 7.92
Matched TTPs:
- T1587.001 - Malware
- T1036 - Masquerading
- T1083 - File and Directory Discovery
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 11.12
Matched TTPs:
- T1587.001 - Malware
- T1080 - Taint Shared Content
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 6.18
Matched TTPs:
- T1587.001 - Malware
- T1505.003 - Web Shell
- T1016 - System Network Configuration Discovery
- T1588.002 - Tool
MITREへのリンク →
Score: 39.76
Matched TTPs:
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1505.003 - Web Shell
- T1585.002 - Email Accounts
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1608 - Stage Capabilities
- T1027.012 - LNK Icon Smuggling
- T1583.006 - Web Services
- T1041 - Exfiltration Over C2 Channel
- T1593 - Search Open Websites/Domains
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
- T1046 - Network Service Discovery
- T1518 - Software Discovery
MITREへのリンク →
Score: 22.71
Matched TTPs:
- T1587.001 - Malware
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1036 - Masquerading
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1562.001 - Disable or Modify Tools
- T1518.001 - Security Software Discovery
- T1595.001 - Scanning IP Blocks
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 15.30
Matched TTPs:
- T1080 - Taint Shared Content
- T1140 - Deobfuscate/Decode Files or Information
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1497.002 - User Activity Based Checks
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 33.50
Matched TTPs:
- T1080 - Taint Shared Content
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1027.012 - LNK Icon Smuggling
- T1583.006 - Web Services
- T1041 - Exfiltration Over C2 Channel
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1001 - Data Obfuscation
- T1027.004 - Compile After Delivery
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 15.38
Matched TTPs:
- T1080 - Taint Shared Content
- T1140 - Deobfuscate/Decode Files or Information
- T1036 - Masquerading
- T1083 - File and Directory Discovery
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1203 - Exploitation for Client Execution
- T1518 - Software Discovery
MITREへのリンク →
Score: 9.62
Matched TTPs:
- T1080 - Taint Shared Content
- T1140 - Deobfuscate/Decode Files or Information
- T1090 - Proxy
- T1588.002 - Tool
- T1078 - Valid Accounts
MITREへのリンク →
Score: 47.79
Matched TTPs:
- T1484.002 - Trust Modification
- T1598.003 - Spearphishing Link
- T1070.008 - Clear Mailbox Data
- T1589 - Gather Victim Identity Information
- T1598.004 - Spearphishing Voice
- T1016 - System Network Configuration Discovery
- T1090 - Proxy
- T1588.001 - Malware
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1021.007 - Cloud Services
- T1041 - Exfiltration Over C2 Channel
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1213.003 - Code Repositories
- T1213.005 - Messaging Applications
MITREへのリンク →
Score: 14.96
Matched TTPs:
- T1484.002 - Trust Modification
- T1021.007 - Cloud Services
- T1486 - Data Encrypted for Impact
- T1218.010 - Regsvr32
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 11.98
Matched TTPs:
- T1213.006 - Databases
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1046 - Network Service Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 17.33
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1598.002 - Spearphishing Attachment
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1518 - Software Discovery
MITREへのリンク →
Score: 10.86
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1585.002 - Email Accounts
- T1608.005 - Link Target
- T1588.002 - Tool
- T1078 - Valid Accounts
MITREへのリンク →
Score: 11.67
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1140 - Deobfuscate/Decode Files or Information
- T1036 - Masquerading
- T1016 - System Network Configuration Discovery
- T1583.006 - Web Services
- T1041 - Exfiltration Over C2 Channel
MITREへのリンク →
Score: 27.26
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1608.001 - Upload Malware
- T1036 - Masquerading
- T1589 - Gather Victim Identity Information
- T1505.003 - Web Shell
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1583.006 - Web Services
- T1041 - Exfiltration Over C2 Channel
- T1588.002 - Tool
- T1218.010 - Regsvr32
- T1203 - Exploitation for Client Execution
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 33.30
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1589 - Gather Victim Identity Information
- T1505.003 - Web Shell
- T1585.002 - Email Accounts
- T1016 - System Network Configuration Discovery
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1583.006 - Web Services
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1486 - Data Encrypted for Impact
- T1573 - Encrypted Channel
- T1592.002 - Software
- T1046 - Network Service Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 27.01
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1140 - Deobfuscate/Decode Files or Information
- T1036 - Masquerading
- T1557.004 - Evil Twin
- T1505.003 - Web Shell
- T1083 - File and Directory Discovery
- T1583.006 - Web Services
- T1591 - Gather Victim Org Information
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
- T1211 - Exploitation for Defense Evasion
MITREへのリンク →
Score: 18.83
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1608.001 - Upload Malware
- T1589 - Gather Victim Identity Information
- T1585.002 - Email Accounts
- T1598.002 - Spearphishing Attachment
- T1593 - Search Open Websites/Domains
- T1588.002 - Tool
- T1078 - Valid Accounts
MITREへのリンク →
Score: 17.91
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1505.003 - Web Shell
- T1583.004 - Server
- T1585.002 - Email Accounts
- T1041 - Exfiltration Over C2 Channel
- T1584.006 - Web Services
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 8.00
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1083 - File and Directory Discovery
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 18.77
Matched TTPs:
- T1583.005 - Botnet
- T1505.003 - Web Shell
- T1016 - System Network Configuration Discovery
- T1593.003 - Code Repositories
- T1592.004 - Client Configurations
- T1083 - File and Directory Discovery
- T1583.006 - Web Services
MITREへのリンク →
Score: 40.97
Matched TTPs:
- T1070.007 - Clear Network Connection History and Configurations
- T1584.003 - Virtual Private Server
- T1140 - Deobfuscate/Decode Files or Information
- T1010 - Application Window Discovery
- T1589 - Gather Victim Identity Information
- T1505.003 - Web Shell
- T1016 - System Network Configuration Discovery
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1591 - Gather Victim Org Information
- T1593 - Search Open Websites/Domains
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1046 - Network Service Discovery
- T1518 - Software Discovery
- T1596.005 - Scan Databases
MITREへのリンク →
Score: 5.16
Matched TTPs:
- T1140 - Deobfuscate/Decode Files or Information
- T1588.002 - Tool
- T1218.010 - Regsvr32
MITREへのリンク →
Score: 4.21
Matched TTPs:
- T1140 - Deobfuscate/Decode Files or Information
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
MITREへのリンク →
Score: 18.40
Matched TTPs:
- T1140 - Deobfuscate/Decode Files or Information
- T1505.003 - Web Shell
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1486 - Data Encrypted for Impact
- T1518.001 - Security Software Discovery
- T1565.002 - Transmitted Data Manipulation
MITREへのリンク →
Score: 21.92
Matched TTPs:
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1583.004 - Server
- T1016 - System Network Configuration Discovery
- T1090 - Proxy
- T1588.001 - Malware
- T1218.005 - Mshta
- T1583.006 - Web Services
- T1588.002 - Tool
- T1584.006 - Web Services
MITREへのリンク →
Score: 9.47
Matched TTPs:
- T1140 - Deobfuscate/Decode Files or Information
- T1036 - Masquerading
- T1588.002 - Tool
- T1486 - Data Encrypted for Impact
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 29.72
Matched TTPs:
- T1140 - Deobfuscate/Decode Files or Information
- T1218.003 - CMSTP
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1218.005 - Mshta
- T1583.006 - Web Services
- T1041 - Exfiltration Over C2 Channel
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1203 - Exploitation for Client Execution
- T1027.004 - Compile After Delivery
- T1518.001 - Security Software Discovery
- T1518 - Software Discovery
MITREへのリンク →
Score: 13.51
Matched TTPs:
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1588.001 - Malware
- T1552.001 - Credentials In Files
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1486 - Data Encrypted for Impact
MITREへのリンク →
Score: 10.65
Matched TTPs:
- T1140 - Deobfuscate/Decode Files or Information
- T1036 - Masquerading
- T1083 - File and Directory Discovery
- T1041 - Exfiltration Over C2 Channel
- T1584.006 - Web Services
MITREへのリンク →
Score: 17.98
Matched TTPs:
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1505.003 - Web Shell
- T1016 - System Network Configuration Discovery
- T1041 - Exfiltration Over C2 Channel
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1518.001 - Security Software Discovery
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 13.26
Matched TTPs:
- T1140 - Deobfuscate/Decode Files or Information
- T1505.003 - Web Shell
- T1585.002 - Email Accounts
- T1041 - Exfiltration Over C2 Channel
- T1078 - Valid Accounts
- T1218.010 - Regsvr32
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 10.65
Matched TTPs:
- T1140 - Deobfuscate/Decode Files or Information
- T1562.001 - Disable or Modify Tools
- T1027.004 - Compile After Delivery
- T1518.001 - Security Software Discovery
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 3.47
Matched TTPs:
- T1140 - Deobfuscate/Decode Files or Information
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 6.63
Matched TTPs:
- T1140 - Deobfuscate/Decode Files or Information
- T1016 - System Network Configuration Discovery
- T1588.002 - Tool
- T1218.010 - Regsvr32
MITREへのリンク →
Score: 6.50
Matched TTPs:
- T1140 - Deobfuscate/Decode Files or Information
- T1016 - System Network Configuration Discovery
- T1041 - Exfiltration Over C2 Channel
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 13.33
Matched TTPs:
- T1608.001 - Upload Malware
- T1588.001 - Malware
- T1218.005 - Mshta
- T1583.006 - Web Services
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 5.26
Matched TTPs:
- T1608.001 - Upload Malware
- T1583.004 - Server
MITREへのリンク →
Score: 14.05
Matched TTPs:
- T1608.001 - Upload Malware
- T1016 - System Network Configuration Discovery
- T1218.005 - Mshta
- T1598.002 - Spearphishing Attachment
- T1518.001 - Security Software Discovery
- T1518 - Software Discovery
MITREへのリンク →
Score: 7.94
Matched TTPs:
- T1608.001 - Upload Malware
- T1588.002 - Tool
- T1573 - Encrypted Channel
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 7.28
Matched TTPs:
- T1608.001 - Upload Malware
- T1583.006 - Web Services
- T1562.001 - Disable or Modify Tools
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 8.28
Matched TTPs:
- T1608.001 - Upload Malware
- T1585.002 - Email Accounts
- T1203 - Exploitation for Client Execution
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 16.23
Matched TTPs:
- T1608.001 - Upload Malware
- T1070.008 - Clear Mailbox Data
- T1585.002 - Email Accounts
- T1016 - System Network Configuration Discovery
- T1588.002 - Tool
- T1518.001 - Security Software Discovery
- T1111 - Multi-Factor Authentication Interception
MITREへのリンク →
Score: 10.10
Matched TTPs:
- T1558 - Steal or Forge Kerberos Tickets
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
MITREへのリンク →
Score: 9.35
Matched TTPs:
- T1036 - Masquerading
- T1518.001 - Security Software Discovery
- T1518 - Software Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 23.04
Matched TTPs:
- T1608.002 - Upload Tool
- T1505.003 - Web Shell
- T1585.002 - Email Accounts
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1583.006 - Web Services
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1518.001 - Security Software Discovery
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 33.13
Matched TTPs:
- T1589 - Gather Victim Identity Information
- T1598.004 - Spearphishing Voice
- T1591.002 - Business Relationships
- T1593.003 - Code Repositories
- T1090 - Proxy
- T1588.001 - Malware
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1213.003 - Code Repositories
- T1111 - Multi-Factor Authentication Interception
- T1213.005 - Messaging Applications
MITREへのリンク →
Score: 6.84
Matched TTPs:
- T1505.003 - Web Shell
- T1588.001 - Malware
- T1588.002 - Tool
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 7.80
Matched TTPs:
- T1505.003 - Web Shell
- T1546.008 - Accessibility Features
- T1218.010 - Regsvr32
MITREへのリンク →
Score: 5.90
Matched TTPs:
- T1505.003 - Web Shell
- T1595.003 - Wordlist Scanning
MITREへのリンク →
Score: 21.69
Matched TTPs:
- T1505.003 - Web Shell
- T1546.008 - Accessibility Features
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1078 - Valid Accounts
- T1585 - Establish Accounts
- T1046 - Network Service Discovery
- T1213.005 - Messaging Applications
MITREへのリンク →
Score: 3.26
Matched TTPs:
- T1505.003 - Web Shell
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 7.06
Matched TTPs:
- T1585.002 - Email Accounts
- T1016 - System Network Configuration Discovery
- T1588.001 - Malware
- T1588.002 - Tool
MITREへのリンク →
Score: 4.26
Matched TTPs:
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 5.38
Matched TTPs:
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1588.002 - Tool
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 12.04
Matched TTPs:
- T1016 - System Network Configuration Discovery
- T1546.008 - Accessibility Features
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1041 - Exfiltration Over C2 Channel
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 3.44
Matched TTPs:
- T1016 - System Network Configuration Discovery
- T1041 - Exfiltration Over C2 Channel
MITREへのリンク →
Score: 5.13
Matched TTPs:
- T1016 - System Network Configuration Discovery
- T1518.001 - Security Software Discovery
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 3.19
Matched TTPs:
- T1090 - Proxy
- T1588.002 - Tool
MITREへのリンク →
Score: 5.94
Matched TTPs:
- T1090 - Proxy
- T1588.002 - Tool
- T1218.010 - Regsvr32
MITREへのリンク →
Score: 6.39
Matched TTPs:
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1518 - Software Discovery
MITREへのリンク →
Score: 6.63
Matched TTPs:
- T1090 - Proxy
- T1583.006 - Web Services
- T1588.002 - Tool
- T1078 - Valid Accounts
MITREへのリンク →
Score: 3.31
Matched TTPs:
- T1588.001 - Malware
- T1588.002 - Tool
MITREへのリンク →
Score: 7.00
Matched TTPs:
- T1588.001 - Malware
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 7.80
Matched TTPs:
- T1588.001 - Malware
- T1592.002 - Software
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 11.47
Matched TTPs:
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1588.002 - Tool
- T1218.010 - Regsvr32
- T1203 - Exploitation for Client Execution
- T1518 - Software Discovery
MITREへのリンク →
Score: 7.23
Matched TTPs:
- T1083 - File and Directory Discovery
- T1562.001 - Disable or Modify Tools
- T1211 - Exploitation for Defense Evasion
MITREへのリンク →
Score: 3.82
Matched TTPs:
- T1083 - File and Directory Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 5.72
Matched TTPs:
- T1083 - File and Directory Discovery
- T1518.001 - Security Software Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 9.12
Matched TTPs:
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1583.006 - Web Services
- T1041 - Exfiltration Over C2 Channel
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 6.44
Matched TTPs:
- T1083 - File and Directory Discovery
- T1552.001 - Credentials In Files
- T1588.002 - Tool
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 6.29
Matched TTPs:
- T1552.001 - Credentials In Files
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 5.45
Matched TTPs:
- T1583.006 - Web Services
- T1585 - Establish Accounts
MITREへのリンク →
Score: 3.62
Matched TTPs:
- T1071.002 - File Transfer Protocols
MITREへのリンク →
Score: 4.11
Matched TTPs:
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 6.51
Matched TTPs:
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 8.18
Matched TTPs:
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 3.19
Matched TTPs:
- T1078 - Valid Accounts
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 3.39
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1480.001 - Environmental Keying
MITREへのリンク →
このPulseに関連する脅威アクター (推論ベース)
Score: 0.70
Matched TTPs:
- T1608.001 - Upload Malware
- T1588.002 - Tool
- T1585.002 - Email Accounts
- T1518.001 - Security Software Discovery
- T1562.001 - Disable or Modify Tools
- T1218.005 - Mshta
- T1140 - Deobfuscate/Decode Files or Information
- T1111 - Multi-Factor Authentication Interception
- T1218.010 - Regsvr32
- T1583.004 - Server
- T1593 - Search Open Websites/Domains
- T1598.003 - Spearphishing Link
- T1071.002 - File Transfer Protocols
- T1505.003 - Web Shell
- T1016 - System Network Configuration Discovery
- T1583.006 - Web Services
- T1591 - Gather Victim Org Information
- T1083 - File and Directory Discovery
- T1587.001 - Malware
- T1552.001 - Credentials In Files
- T1588.005 - Exploits
- T1585 - Establish Accounts
- T1041 - Exfiltration Over C2 Channel
- T1027.012 - LNK Icon Smuggling
- T1593.002 - Search Engines
MITREへのリンク →
Score: 0.65
Matched TTPs:
- T1195 - Supply Chain Compromise
- T1608.001 - Upload Malware
- T1588.002 - Tool
- T1585.002 - Email Accounts
- T1078 - Valid Accounts
- T1036 - Masquerading
- T1195.002 - Compromise Software Supply Chain
- T1140 - Deobfuscate/Decode Files or Information
- T1486 - Data Encrypted for Impact
- T1591.002 - Business Relationships
- T1583.004 - Server
- T1213.006 - Databases
- T1203 - Exploitation for Client Execution
- T1593 - Search Open Websites/Domains
- T1598.003 - Spearphishing Link
- T1505.003 - Web Shell
- T1592.002 - Software
- T1083 - File and Directory Discovery
- T1587.001 - Malware
- T1090 - Proxy
- T1499 - Endpoint Denial of Service
- T1041 - Exfiltration Over C2 Channel
- T1491.002 - External Defacement
MITREへのリンク →
Score: 0.62
Matched TTPs:
- T1608.001 - Upload Malware
- T1204.005 - Malicious Library
- T1588.002 - Tool
- T1585.002 - Email Accounts
- T1562.001 - Disable or Modify Tools
- T1593.003 - Code Repositories
- T1036 - Masquerading
- T1566.003 - Spearphishing via Service
- T1588.007 - Artificial Intelligence
- T1543.001 - Launch Agent
- T1593 - Search Open Websites/Domains
- T1589 - Gather Victim Identity Information
- T1681 - Search Threat Vendor Data
- T1583.006 - Web Services
- T1083 - File and Directory Discovery
- T1587.001 - Malware
- T1090 - Proxy
- T1204.004 - Malicious Copy and Paste
- T1585 - Establish Accounts
- T1041 - Exfiltration Over C2 Channel
MITREへのリンク →
Score: 0.58
Matched TTPs:
- T1568.002 - Domain Generation Algorithms
- T1213.003 - Code Repositories
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1546.008 - Accessibility Features
- T1595.003 - Wordlist Scanning
- T1195.002 - Compromise Software Supply Chain
- T1486 - Data Encrypted for Impact
- T1480.001 - Environmental Keying
- T1203 - Exploitation for Client Execution
- T1071.002 - File Transfer Protocols
- T1596.005 - Scan Databases
- T1016 - System Network Configuration Discovery
- T1083 - File and Directory Discovery
- T1090 - Proxy
- T1599 - Network Boundary Bridging
- T1046 - Network Service Discovery
- T1003.002 - Security Account Manager
- T1071.004 - DNS
MITREへのリンク →
Related CVEs
このPulseに見つかったCVEはありません。
Pulse – 脅威アクター グラフ
← Pulse一覧に戻る
Trusted Design