Trusted Design

SloppyLemming Deploys BurrowShell and Rust-Based RAT to Target Pakistan and Bangladesh

概要

An extensive cyber espionage campaign conducted by SloppyLemming, an India-nexus threat actor, targeted government entities and critical infrastructure in Pakistan and Bangladesh from January 2025 to January 2026. The campaign used two attack vectors: PDF lures with ClickOnce execution chains and macro-enabled Excel documents. It deployed a custom x64 shellcode implant named BurrowShell and a Rust-based keylogger. The attackers extensively abused Cloudflare Workers for C2 and payload delivery, registering 112 domains impersonating government entities. The campaign focused on nuclear, defense, telecommunications, energy, and financial sectors, aligning with regional strategic competition in South Asia.

Created: 2026-03-04

Indicators

類似Pulses

類似するPulseは見つかりませんでした。

このPulseに関連する脅威アクター (事実ベース)

Mustang Panda

Score: 31.98
Matched TTPs:
  • T1557 - Adversary-in-the-Middle
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1505.003 - Web Shell
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1608 - Stage Capabilities
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Kimsuky

Score: 61.42
Matched TTPs:
  • T1557 - Adversary-in-the-Middle
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1505.003 - Web Shell
  • T1593.002 - Search Engines
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1071.002 - File Transfer Protocols
  • T1534 - Internal Spearphishing
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1593.001 - Social Media
  • T1585 - Establish Accounts
  • T1111 - Multi-Factor Authentication Interception
  • T1204.001 - Malicious Link
  • T1588.005 - Exploits
MITREへのリンク →

Sea Turtle

Score: 18.31
Matched TTPs:
  • T1557 - Adversary-in-the-Middle
  • T1583.002 - DNS Server
  • T1190 - Exploit Public-Facing Application
  • T1505.003 - Web Shell
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Contagious Interview

Score: 42.96
Matched TTPs:
  • T1588.007 - Artificial Intelligence
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1589 - Gather Victim Identity Information
  • T1681 - Search Threat Vendor Data
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1593.001 - Social Media
  • T1585 - Establish Accounts
  • T1204.004 - Malicious Copy and Paste
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Ember Bear

Score: 26.09
Matched TTPs:
  • T1491.002 - External Defacement
  • T1003.002 - Security Account Manager
  • T1071.004 - DNS
  • T1190 - Exploit Public-Facing Application
  • T1505.003 - Web Shell
  • T1110 - Brute Force
  • T1562.001 - Disable or Modify Tools
  • T1203 - Exploitation for Client Execution
  • T1585 - Establish Accounts
  • T1588.005 - Exploits
MITREへのリンク →

Sandworm Team

Score: 36.67
Matched TTPs:
  • T1491.002 - External Defacement
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1505.003 - Web Shell
  • T1591.002 - Business Relationships
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1203 - Exploitation for Client Execution
  • T1499 - Endpoint Denial of Service
  • T1204.001 - Malicious Link
MITREへのリンク →

Volt Typhoon

Score: 34.16
Matched TTPs:
  • T1584.008 - Network Devices
  • T1584.003 - Virtual Private Server
  • T1190 - Exploit Public-Facing Application
  • T1589 - Gather Victim Identity Information
  • T1505.003 - Web Shell
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1591 - Gather Victim Org Information
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1591.004 - Identify Roles
  • T1596.005 - Scan Databases
MITREへのリンク →

APT28

Score: 26.23
Matched TTPs:
  • T1584.008 - Network Devices
  • T1598.003 - Spearphishing Link
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1505.003 - Web Shell
  • T1083 - File and Directory Discovery
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1588.002 - Tool
  • T1110 - Brute Force
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

ZIRCONIUM

Score: 11.55
Matched TTPs:
  • T1584.008 - Network Devices
  • T1598.003 - Spearphishing Link
  • T1036.004 - Masquerade Task or Service
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

Leviathan

Score: 17.42
Matched TTPs:
  • T1584.008 - Network Devices
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1505.003 - Web Shell
  • T1534 - Internal Spearphishing
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Daggerfly

Score: 3.95
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1204.001 - Malicious Link
MITREへのリンク →

GALLIUM

Score: 8.10
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1505.003 - Web Shell
  • T1588.002 - Tool
  • T1078 - Valid Accounts
MITREへのリンク →

APT29

Score: 29.72
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1505.003 - Web Shell
  • T1546.008 - Accessibility Features
  • T1218.005 - Mshta
  • T1021.007 - Cloud Services
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

FIN13

Score: 15.10
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1589 - Gather Victim Identity Information
  • T1505.003 - Web Shell
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
MITREへのリンク →

Dragonfly

Score: 26.96
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1598.003 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1505.003 - Web Shell
  • T1591.002 - Business Relationships
  • T1083 - File and Directory Discovery
  • T1598.002 - Spearphishing Attachment
  • T1071.002 - File Transfer Protocols
  • T1588.002 - Tool
  • T1110 - Brute Force
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Ke3chang

Score: 16.32
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1071.004 - DNS
  • T1587.001 - Malware
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1078 - Valid Accounts
MITREへのリンク →

Agrius

Score: 10.15
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1505.003 - Web Shell
  • T1110 - Brute Force
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

APT41

Score: 40.19
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1071.004 - DNS
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1071.002 - File Transfer Protocols
  • T1588.002 - Tool
  • T1110 - Brute Force
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1203 - Exploitation for Client Execution
  • T1595.003 - Wordlist Scanning
  • T1213.003 - Code Repositories
  • T1596.005 - Scan Databases
MITREへのリンク →

APT5

Score: 10.97
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1505.003 - Web Shell
  • T1083 - File and Directory Discovery
MITREへのリンク →

menuPass

Score: 7.63
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1078 - Valid Accounts
MITREへのリンク →

Threat Group-3390

Score: 11.57
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1505.003 - Web Shell
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Wizard Spider

Score: 14.66
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1518.002 - Backup Software Discovery
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1204.001 - Malicious Link
MITREへのリンク →

Axiom

Score: 11.52
Matched TTPs:
  • T1583.002 - DNS Server
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

HEXANE

Score: 22.03
Matched TTPs:
  • T1583.002 - DNS Server
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1589 - Gather Victim Identity Information
  • T1534 - Internal Spearphishing
  • T1588.002 - Tool
  • T1110 - Brute Force
  • T1591.004 - Identify Roles
MITREへのリンク →

Chimera

Score: 9.94
Matched TTPs:
  • T1071.004 - DNS
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1111 - Multi-Factor Authentication Interception
MITREへのリンク →

LazyScripter

Score: 10.43
Matched TTPs:
  • T1071.004 - DNS
  • T1608.001 - Upload Malware
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

Cobalt Group

Score: 10.58
Matched TTPs:
  • T1071.004 - DNS
  • T1218.003 - CMSTP
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

OilRig

Score: 21.42
Matched TTPs:
  • T1071.004 - DNS
  • T1587.001 - Malware
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1505.003 - Web Shell
  • T1588.002 - Tool
  • T1110 - Brute Force
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT39

Score: 13.44
Matched TTPs:
  • T1071.004 - DNS
  • T1190 - Exploit Public-Facing Application
  • T1505.003 - Web Shell
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1110 - Brute Force
  • T1078 - Valid Accounts
  • T1204.001 - Malicious Link
MITREへのリンク →

Tropic Trooper

Score: 7.30
Matched TTPs:
  • T1071.004 - DNS
  • T1505.003 - Web Shell
  • T1083 - File and Directory Discovery
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT18

Score: 5.47
Matched TTPs:
  • T1071.004 - DNS
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
MITREへのリンク →

FIN7

Score: 31.46
Matched TTPs:
  • T1071.004 - DNS
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1036.004 - Masquerade Task or Service
  • T1218.005 - Mshta
  • T1608.005 - Link Target
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1591.004 - Identify Roles
  • T1204.001 - Malicious Link
MITREへのリンク →

Moonstone Sleet

Score: 14.68
Matched TTPs:
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1591 - Gather Victim Org Information
  • T1486 - Data Encrypted for Impact
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Indrik Spider

Score: 7.66
Matched TTPs:
  • T1587.001 - Malware
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Lazarus Group

Score: 21.22
Matched TTPs:
  • T1587.001 - Malware
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

UNC3886

Score: 15.81
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1681 - Search Threat Vendor Data
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

LuminousMoth

Score: 11.42
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1083 - File and Directory Discovery
  • T1608.005 - Link Target
  • T1588.002 - Tool
  • T1204.001 - Malicious Link
MITREへのリンク →

Salt Typhoon

Score: 8.95
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1602.002 - Network Device Configuration Dump
  • T1588.002 - Tool
MITREへのリンク →

Play

Score: 8.94
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
MITREへのリンク →

Aoqin Dragon

Score: 5.74
Matched TTPs:
  • T1587.001 - Malware
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

RedCurl

Score: 4.75
Matched TTPs:
  • T1587.001 - Malware
  • T1083 - File and Directory Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

Moses Staff

Score: 6.18
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1505.003 - Web Shell
  • T1588.002 - Tool
MITREへのリンク →

Turla

Score: 22.03
Matched TTPs:
  • T1587.001 - Malware
  • T1584.003 - Virtual Private Server
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1110 - Brute Force
  • T1562.001 - Disable or Modify Tools
  • T1584.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

TeamTNT

Score: 15.14
Matched TTPs:
  • T1587.001 - Malware
  • T1071 - Application Layer Protocol
  • T1608.001 - Upload Malware
  • T1610 - Deploy Container
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Scattered Spider

Score: 40.47
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1598.003 - Spearphishing Link
  • T1589 - Gather Victim Identity Information
  • T1598.004 - Spearphishing Voice
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1021.007 - Cloud Services
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1556.006 - Multi-Factor Authentication
  • T1486 - Data Encrypted for Impact
  • T1213.003 - Code Repositories
  • T1538 - Cloud Service Dashboard
MITREへのリンク →

Storm-0501

Score: 16.41
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1190 - Exploit Public-Facing Application
  • T1036.004 - Masquerade Task or Service
  • T1021.007 - Cloud Services
  • T1110 - Brute Force
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Sidewinder

Score: 12.57
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1598.002 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Silent Librarian

Score: 8.58
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.005 - Link Target
  • T1588.002 - Tool
  • T1078 - Valid Accounts
MITREへのリンク →

APT32

Score: 20.58
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1589 - Gather Victim Identity Information
  • T1505.003 - Web Shell
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Magic Hound

Score: 35.88
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1071 - Application Layer Protocol
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1589 - Gather Victim Identity Information
  • T1505.003 - Web Shell
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1591.001 - Determine Physical Locations
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Star Blizzard

Score: 19.21
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1589 - Gather Victim Identity Information
  • T1598.002 - Spearphishing Attachment
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1078 - Valid Accounts
MITREへのリンク →

CURIUM

Score: 10.37
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1505.003 - Web Shell
  • T1584.006 - Web Services
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Patchwork

Score: 7.46
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

HAFNIUM

Score: 14.93
Matched TTPs:
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1505.003 - Web Shell
  • T1592.004 - Client Configurations
  • T1083 - File and Directory Discovery
  • T1583.006 - Web Services
MITREへのリンク →

Rocke

Score: 10.33
Matched TTPs:
  • T1071 - Application Layer Protocol
  • T1190 - Exploit Public-Facing Application
  • T1562.001 - Disable or Modify Tools
  • T1027.004 - Compile After Delivery
MITREへのリンク →

INC Ransom

Score: 11.32
Matched TTPs:
  • T1071 - Application Layer Protocol
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Velvet Ant

Score: 6.54
Matched TTPs:
  • T1071 - Application Layer Protocol
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

LAPSUS$

Score: 29.27
Matched TTPs:
  • T1586.002 - Email Accounts
  • T1589 - Gather Victim Identity Information
  • T1598.004 - Spearphishing Voice
  • T1591.002 - Business Relationships
  • T1090 - Proxy
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1591.004 - Identify Roles
  • T1213.003 - Code Repositories
  • T1111 - Multi-Factor Authentication Interception
MITREへのリンク →

IndigoZebra

Score: 5.53
Matched TTPs:
  • T1586.002 - Email Accounts
  • T1583.006 - Web Services
  • T1588.002 - Tool
MITREへのリンク →

TA577

Score: 4.03
Matched TTPs:
  • T1586.002 - Email Accounts
  • T1204.001 - Malicious Link
MITREへのリンク →

TA2541

Score: 10.33
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1204.001 - Malicious Link
MITREへのリンク →

Earth Lusca

Score: 15.97
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1090 - Proxy
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1584.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

Mustard Tempest

Score: 3.33
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1204.001 - Malicious Link
MITREへのリンク →

Gamaredon Group

Score: 21.22
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1534 - Internal Spearphishing
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1027.004 - Compile After Delivery
  • T1204.001 - Malicious Link
MITREへのリンク →

SideCopy

Score: 7.94
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1218.005 - Mshta
  • T1598.002 - Spearphishing Attachment
MITREへのリンク →

TA505

Score: 8.32
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1204.001 - Malicious Link
MITREへのリンク →

BlackByte

Score: 10.77
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1505.003 - Web Shell
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

BITTER

Score: 6.41
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Saint Bear

Score: 8.64
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1562.001 - Disable or Modify Tools
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

EXOTIC LILY

Score: 11.19
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1593.001 - Social Media
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT42

Score: 6.44
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1111 - Multi-Factor Authentication Interception
MITREへのリンク →

BackdoorDiplomacy

Score: 6.18
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1505.003 - Web Shell
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
MITREへのリンク →

BlackTech

Score: 5.17
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Medusa Group

Score: 12.96
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1505.003 - Web Shell
  • T1083 - File and Directory Discovery
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Fox Kitten

Score: 19.64
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1505.003 - Web Shell
  • T1546.008 - Accessibility Features
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1110 - Brute Force
  • T1078 - Valid Accounts
  • T1585 - Establish Accounts
MITREへのリンク →

Cinnamon Tempest

Score: 6.08
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1090 - Proxy
  • T1588.002 - Tool
  • T1078 - Valid Accounts
MITREへのリンク →

ToddyCat

Score: 5.29
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Blue Mockingbird

Score: 4.66
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1090 - Proxy
  • T1588.002 - Tool
MITREへのリンク →

Winter Vivern

Score: 9.85
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1584.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

Volatile Cedar

Score: 7.37
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1505.003 - Web Shell
  • T1595.003 - Wordlist Scanning
MITREへのリンク →

MuddyWater

Score: 20.38
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1218.003 - CMSTP
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1203 - Exploitation for Client Execution
  • T1027.004 - Compile After Delivery
  • T1204.001 - Malicious Link
MITREへのリンク →

Akira

Score: 10.10
Matched TTPs:
  • T1558 - Steal or Forge Kerberos Tickets
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Deep Panda

Score: 5.05
Matched TTPs:
  • T1505.003 - Web Shell
  • T1546.008 - Accessibility Features
MITREへのリンク →

Tonto Team

Score: 3.26
Matched TTPs:
  • T1505.003 - Web Shell
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT38

Score: 18.81
Matched TTPs:
  • T1505.003 - Web Shell
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1588.002 - Tool
  • T1110 - Brute Force
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1565.002 - Transmitted Data Manipulation
  • T1204.001 - Malicious Link
MITREへのリンク →

APT3

Score: 7.44
Matched TTPs:
  • T1546.008 - Accessibility Features
  • T1083 - File and Directory Discovery
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

CopyKittens

Score: 3.19
Matched TTPs:
  • T1090 - Proxy
  • T1588.002 - Tool
MITREへのリンク →

Windigo

Score: 3.64
Matched TTPs:
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
MITREへのリンク →

POLONIUM

Score: 6.63
Matched TTPs:
  • T1090 - Proxy
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1078 - Valid Accounts
MITREへのリンク →

Inception

Score: 5.98
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Dark Caracal

Score: 3.82
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Confucius

Score: 8.51
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

BRONZE BUTLER

Score: 5.44
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Aquatic Panda

Score: 4.74
Matched TTPs:
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Carbanak

Score: 4.37
Matched TTPs:
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1078 - Valid Accounts
MITREへのリンク →

FIN6

Score: 8.69
Matched TTPs:
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Higaisa

Score: 3.59
Matched TTPs:
  • T1036.004 - Masquerade Task or Service
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT17

Score: 5.45
Matched TTPs:
  • T1583.006 - Web Services
  • T1585 - Establish Accounts
MITREへのリンク →

TA578

Score: 3.37
Matched TTPs:
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

SilverTerrier

Score: 3.62
Matched TTPs:
  • T1071.002 - File Transfer Protocols
MITREへのリンク →

DarkVishnya

Score: 3.37
Matched TTPs:
  • T1588.002 - Tool
  • T1110 - Brute Force
MITREへのリンク →

Storm-1811

Score: 5.71
Matched TTPs:
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

FIN8

Score: 5.97
Matched TTPs:
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN5

Score: 4.80
Matched TTPs:
  • T1588.002 - Tool
  • T1110 - Brute Force
  • T1078 - Valid Accounts
MITREへのリンク →

APT33

Score: 5.13
Matched TTPs:
  • T1588.002 - Tool
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Equation

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

Strider

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

Windshift

Score: 3.88
Matched TTPs:
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.70
Matched TTPs:
  • T1218.005 - Mshta
  • T1587.001 - Malware
  • T1586.002 - Email Accounts
  • T1593 - Search Open Websites/Domains
  • T1111 - Multi-Factor Authentication Interception
  • T1083 - File and Directory Discovery
  • T1583.006 - Web Services
  • T1557 - Adversary-in-the-Middle
  • T1071.002 - File Transfer Protocols
  • T1534 - Internal Spearphishing
  • T1562.001 - Disable or Modify Tools
  • T1593.001 - Social Media
  • T1593.002 - Search Engines
  • T1036.004 - Masquerade Task or Service
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1505.003 - Web Shell
  • T1598.003 - Spearphishing Link
  • T1204.001 - Malicious Link
  • T1190 - Exploit Public-Facing Application
  • T1585 - Establish Accounts
  • T1588.005 - Exploits
  • T1591 - Gather Victim Org Information
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る