Trusted Design

Using SSL Certificates and Graph Theory to Uncover Threat Actors

概要

Researchers at Infoblox have developed an advanced technique leveraging graph theory and SSL certificates to uncover threat actor operational relationships. The approach analyzes Certificate Transparency logs, using the Subject Alternative Name field in certificates to identify domains under common control. By modeling domains as nodes and certificate relationships as edges, the system reveals comprehensive threat infrastructures. This method enables discovery of new malicious domains, consolidation of threat actor identities, and early detection of emerging threats. The system processes millions of certificates daily, providing actionable intelligence on threat actor operations across various types of cybercriminal activities.

Created: 2026-03-05

Indicators

類似Pulses

類似するPulseは見つかりませんでした。

このPulseに関連する脅威アクター (事実ベース)

Mustang Panda

Score: 27.07
Matched TTPs:
  • T1557 - Adversary-in-the-Middle
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1106 - Native API
  • T1586.002 - Email Accounts
  • T1505.003 - Web Shell
  • T1083 - File and Directory Discovery
  • T1049 - System Network Connections Discovery
  • T1102 - Web Service
  • T1218.005 - Mshta
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

Kimsuky

Score: 52.46
Matched TTPs:
  • T1557 - Adversary-in-the-Middle
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1586.002 - Email Accounts
  • T1562.004 - Disable or Modify System Firewall
  • T1596 - Search Open Technical Databases
  • T1505.003 - Web Shell
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1218.005 - Mshta
  • T1041 - Exfiltration Over C2 Channel
  • T1591 - Gather Victim Org Information
  • T1071.002 - File Transfer Protocols
  • T1534 - Internal Spearphishing
  • T1562.001 - Disable or Modify Tools
  • T1111 - Multi-Factor Authentication Interception
  • T1588.005 - Exploits
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Sea Turtle

Score: 11.98
Matched TTPs:
  • T1557 - Adversary-in-the-Middle
  • T1583.002 - DNS Server
  • T1505.003 - Web Shell
  • T1583.003 - Virtual Private Server
MITREへのリンク →

Daggerfly

Score: 3.80
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1082 - System Information Discovery
MITREへのリンク →

GALLIUM

Score: 8.07
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1505.003 - Web Shell
  • T1049 - System Network Connections Discovery
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

APT29

Score: 31.76
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1505.003 - Web Shell
  • T1546.008 - Accessibility Features
  • T1649 - Steal or Forge Authentication Certificates
  • T1218.005 - Mshta
  • T1090.004 - Domain Fronting
  • T1027.006 - HTML Smuggling
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

FIN13

Score: 15.72
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1082 - System Information Discovery
  • T1589 - Gather Victim Identity Information
  • T1505.003 - Web Shell
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1049 - System Network Connections Discovery
MITREへのリンク →

Dragonfly

Score: 21.32
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1562.004 - Disable or Modify System Firewall
  • T1505.003 - Web Shell
  • T1591.002 - Business Relationships
  • T1583.003 - Virtual Private Server
  • T1083 - File and Directory Discovery
  • T1071.002 - File Transfer Protocols
MITREへのリンク →

Ke3chang

Score: 14.75
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1583.005 - Botnet
  • T1082 - System Information Discovery
  • T1083 - File and Directory Discovery
  • T1049 - System Network Connections Discovery
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

Agrius

Score: 8.13
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1505.003 - Web Shell
  • T1041 - Exfiltration Over C2 Channel
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

APT41

Score: 48.12
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1555 - Credentials from Password Stores
  • T1546.008 - Accessibility Features
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1049 - System Network Connections Discovery
  • T1071.002 - File Transfer Protocols
  • T1599 - Network Boundary Bridging
  • T1486 - Data Encrypted for Impact
  • T1595.003 - Wordlist Scanning
  • T1213.003 - Code Repositories
  • T1596.005 - Scan Databases
  • T1480.001 - Environmental Keying
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

APT5

Score: 11.24
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1583.005 - Botnet
  • T1505.003 - Web Shell
  • T1083 - File and Directory Discovery
  • T1049 - System Network Connections Discovery
MITREへのリンク →

menuPass

Score: 8.79
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1566.001 - Spearphishing Attachment
  • T1106 - Native API
  • T1083 - File and Directory Discovery
  • T1049 - System Network Connections Discovery
MITREへのリンク →

Threat Group-3390

Score: 6.97
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1566.001 - Spearphishing Attachment
  • T1505.003 - Web Shell
  • T1049 - System Network Connections Discovery
MITREへのリンク →

Wizard Spider

Score: 15.08
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1518.002 - Backup Software Discovery
  • T1036.004 - Masquerade Task or Service
  • T1041 - Exfiltration Over C2 Channel
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Ember Bear

Score: 16.94
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1505.003 - Web Shell
  • T1583.003 - Virtual Private Server
  • T1562.001 - Disable or Modify Tools
  • T1595.001 - Scanning IP Blocks
  • T1588.005 - Exploits
MITREへのリンク →

Axiom

Score: 9.65
Matched TTPs:
  • T1583.002 - DNS Server
  • T1546.008 - Accessibility Features
  • T1583.003 - Virtual Private Server
MITREへのリンク →

HEXANE

Score: 18.67
Matched TTPs:
  • T1583.002 - DNS Server
  • T1082 - System Information Discovery
  • T1586.002 - Email Accounts
  • T1555 - Credentials from Password Stores
  • T1589 - Gather Victim Identity Information
  • T1049 - System Network Connections Discovery
  • T1534 - Internal Spearphishing
MITREへのリンク →

Moonstone Sleet

Score: 17.31
Matched TTPs:
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1583.003 - Virtual Private Server
  • T1591 - Gather Victim Org Information
  • T1486 - Data Encrypted for Impact
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Indrik Spider

Score: 10.08
Matched TTPs:
  • T1587.001 - Malware
  • T1590 - Gather Victim Network Information
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Lazarus Group

Score: 29.47
Matched TTPs:
  • T1587.001 - Malware
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1106 - Native API
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1049 - System Network Connections Discovery
  • T1218.005 - Mshta
  • T1041 - Exfiltration Over C2 Channel
  • T1591 - Gather Victim Org Information
  • T1562.001 - Disable or Modify Tools
  • T1566.003 - Spearphishing via Service
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Contagious Interview

Score: 22.82
Matched TTPs:
  • T1587.001 - Malware
  • T1082 - System Information Discovery
  • T1589 - Gather Victim Identity Information
  • T1681 - Search Threat Vendor Data
  • T1090 - Proxy
  • T1583.003 - Virtual Private Server
  • T1083 - File and Directory Discovery
  • T1041 - Exfiltration Over C2 Channel
  • T1562.001 - Disable or Modify Tools
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

OilRig

Score: 22.41
Matched TTPs:
  • T1587.001 - Malware
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1586.002 - Email Accounts
  • T1555 - Credentials from Password Stores
  • T1562.004 - Disable or Modify System Firewall
  • T1505.003 - Web Shell
  • T1049 - System Network Connections Discovery
  • T1137.004 - Outlook Home Page
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

UNC3886

Score: 17.61
Matched TTPs:
  • T1587.001 - Malware
  • T1562.004 - Disable or Modify System Firewall
  • T1681 - Search Threat Vendor Data
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1562.001 - Disable or Modify Tools
  • T1587.004 - Exploits
MITREへのリンク →

LuminousMoth

Score: 9.21
Matched TTPs:
  • T1587.001 - Malware
  • T1083 - File and Directory Discovery
  • T1608.005 - Link Target
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

Sandworm Team

Score: 28.76
Matched TTPs:
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1106 - Native API
  • T1505.003 - Web Shell
  • T1591.002 - Business Relationships
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1049 - System Network Connections Discovery
  • T1041 - Exfiltration Over C2 Channel
  • T1486 - Data Encrypted for Impact
  • T1499 - Endpoint Denial of Service
MITREへのリンク →

Salt Typhoon

Score: 8.97
Matched TTPs:
  • T1587.001 - Malware
  • T1602.002 - Network Device Configuration Dump
  • T1562.004 - Disable or Modify System Firewall
MITREへのリンク →

Play

Score: 6.40
Matched TTPs:
  • T1587.001 - Malware
  • T1082 - System Information Discovery
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Aoqin Dragon

Score: 3.39
Matched TTPs:
  • T1587.001 - Malware
  • T1083 - File and Directory Discovery
MITREへのリンク →

RedCurl

Score: 8.00
Matched TTPs:
  • T1587.001 - Malware
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1083 - File and Directory Discovery
  • T1102 - Web Service
MITREへのリンク →

Moses Staff

Score: 7.41
Matched TTPs:
  • T1587.001 - Malware
  • T1082 - System Information Discovery
  • T1562.004 - Disable or Modify System Firewall
  • T1505.003 - Web Shell
MITREへのリンク →

Turla

Score: 19.42
Matched TTPs:
  • T1587.001 - Malware
  • T1082 - System Information Discovery
  • T1106 - Native API
  • T1584.003 - Virtual Private Server
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1049 - System Network Connections Discovery
  • T1102 - Web Service
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

TeamTNT

Score: 17.13
Matched TTPs:
  • T1587.001 - Malware
  • T1082 - System Information Discovery
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1049 - System Network Connections Discovery
  • T1102 - Web Service
  • T1562.001 - Disable or Modify Tools
  • T1595.001 - Scanning IP Blocks
MITREへのリンク →

FIN7

Score: 20.42
Matched TTPs:
  • T1587.001 - Malware
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1562.004 - Disable or Modify System Firewall
  • T1036.004 - Masquerade Task or Service
  • T1218.005 - Mshta
  • T1608.005 - Link Target
  • T1591 - Gather Victim Org Information
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Scattered Spider

Score: 32.59
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1598.003 - Spearphishing Link
  • T1082 - System Information Discovery
  • T1070.008 - Clear Mailbox Data
  • T1589 - Gather Victim Identity Information
  • T1598.004 - Spearphishing Voice
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1041 - Exfiltration Over C2 Channel
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1213.003 - Code Repositories
MITREへのリンク →

Storm-0501

Score: 9.77
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1082 - System Information Discovery
  • T1036.004 - Masquerade Task or Service
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Sidewinder

Score: 8.18
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
MITREへのリンク →

Silent Librarian

Score: 6.30
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.005 - Link Target
MITREへのリンク →

ZIRCONIUM

Score: 7.73
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1082 - System Information Discovery
  • T1036.004 - Masquerade Task or Service
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

APT32

Score: 21.20
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1589 - Gather Victim Identity Information
  • T1505.003 - Web Shell
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1049 - System Network Connections Discovery
  • T1102 - Web Service
  • T1218.005 - Mshta
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

Magic Hound

Score: 27.50
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1082 - System Information Discovery
  • T1586.002 - Email Accounts
  • T1589 - Gather Victim Identity Information
  • T1562.004 - Disable or Modify System Firewall
  • T1505.003 - Web Shell
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1049 - System Network Connections Discovery
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT28

Score: 23.54
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1596 - Search Open Technical Databases
  • T1505.003 - Web Shell
  • T1583.003 - Virtual Private Server
  • T1083 - File and Directory Discovery
  • T1591 - Gather Victim Org Information
  • T1498 - Network Denial of Service
MITREへのリンク →

Star Blizzard

Score: 8.93
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1589 - Gather Victim Identity Information
MITREへのリンク →

CURIUM

Score: 13.32
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1505.003 - Web Shell
  • T1583.003 - Virtual Private Server
  • T1041 - Exfiltration Over C2 Channel
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Patchwork

Score: 9.12
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1083 - File and Directory Discovery
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Tropic Trooper

Score: 9.17
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1106 - Native API
  • T1505.003 - Web Shell
  • T1083 - File and Directory Discovery
  • T1049 - System Network Connections Discovery
MITREへのリンク →

FIN6

Score: 12.48
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1555 - Credentials from Password Stores
  • T1036.004 - Masquerade Task or Service
  • T1102 - Web Service
  • T1562.001 - Disable or Modify Tools
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

admin@338

Score: 5.11
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1083 - File and Directory Discovery
  • T1049 - System Network Connections Discovery
MITREへのリンク →

Windshift

Score: 4.60
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

BRONZE BUTLER

Score: 7.26
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

MuddyWater

Score: 13.89
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1555 - Credentials from Password Stores
  • T1083 - File and Directory Discovery
  • T1049 - System Network Connections Discovery
  • T1218.005 - Mshta
  • T1041 - Exfiltration Over C2 Channel
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Gamaredon Group

Score: 22.79
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1106 - Native API
  • T1090 - Proxy
  • T1583.003 - Virtual Private Server
  • T1083 - File and Directory Discovery
  • T1102 - Web Service
  • T1218.005 - Mshta
  • T1041 - Exfiltration Over C2 Channel
  • T1534 - Internal Spearphishing
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Darkhotel

Score: 3.38
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1083 - File and Directory Discovery
MITREへのリンク →

Inception

Score: 8.24
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1083 - File and Directory Discovery
  • T1102 - Web Service
  • T1218.005 - Mshta
MITREへのリンク →

EXOTIC LILY

Score: 5.92
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1102 - Web Service
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Ajax Security Team

Score: 3.40
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT33

Score: 3.54
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1555 - Credentials from Password Stores
MITREへのリンク →

TA551

Score: 3.22
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1218.005 - Mshta
MITREへのリンク →

RTM

Score: 4.16
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Winter Vivern

Score: 9.97
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1583.003 - Virtual Private Server
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

Higaisa

Score: 8.44
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1106 - Native API
  • T1036.004 - Masquerade Task or Service
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

Confucius

Score: 6.49
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

BlackTech

Score: 3.16
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1106 - Native API
MITREへのリンク →

Gorgon Group

Score: 4.96
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1106 - Native API
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Leviathan

Score: 14.75
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1505.003 - Web Shell
  • T1041 - Exfiltration Over C2 Channel
  • T1534 - Internal Spearphishing
  • T1587.004 - Exploits
MITREへのリンク →

Malteiro

Score: 4.75
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1555 - Credentials from Password Stores
MITREへのリンク →

SideCopy

Score: 6.71
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1106 - Native API
  • T1218.005 - Mshta
MITREへのリンク →

FIN8

Score: 6.94
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1102 - Web Service
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

LazyScripter

Score: 5.74
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1102 - Web Service
  • T1218.005 - Mshta
MITREへのリンク →

TA2541

Score: 6.22
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1218.005 - Mshta
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

TA505

Score: 7.30
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1106 - Native API
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

APT37

Score: 7.99
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1106 - Native API
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Silence

Score: 3.16
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1106 - Native API
MITREへのリンク →

IndigoZebra

Score: 3.54
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
MITREへのリンク →

APT38

Score: 26.15
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1082 - System Information Discovery
  • T1106 - Native API
  • T1562.004 - Disable or Modify System Firewall
  • T1505.003 - Web Shell
  • T1083 - File and Directory Discovery
  • T1049 - System Network Connections Discovery
  • T1218.005 - Mshta
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1565.002 - Transmitted Data Manipulation
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

APT39

Score: 8.58
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1555 - Credentials from Password Stores
  • T1505.003 - Web Shell
  • T1083 - File and Directory Discovery
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

HAFNIUM

Score: 13.28
Matched TTPs:
  • T1583.005 - Botnet
  • T1505.003 - Web Shell
  • T1583.003 - Virtual Private Server
  • T1083 - File and Directory Discovery
  • T1590 - Gather Victim Network Information
MITREへのリンク →

Windigo

Score: 4.85
Matched TTPs:
  • T1082 - System Information Discovery
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
MITREへのリンク →

BlackByte

Score: 13.95
Matched TTPs:
  • T1082 - System Information Discovery
  • T1562.004 - Disable or Modify System Firewall
  • T1505.003 - Web Shell
  • T1583.003 - Virtual Private Server
  • T1041 - Exfiltration Over C2 Channel
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Blue Mockingbird

Score: 3.55
Matched TTPs:
  • T1082 - System Information Discovery
  • T1090 - Proxy
MITREへのリンク →

Rocke

Score: 11.15
Matched TTPs:
  • T1082 - System Information Discovery
  • T1562.004 - Disable or Modify System Firewall
  • T1102 - Web Service
  • T1562.001 - Disable or Modify Tools
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

APT3

Score: 9.50
Matched TTPs:
  • T1082 - System Information Discovery
  • T1546.008 - Accessibility Features
  • T1083 - File and Directory Discovery
  • T1049 - System Network Connections Discovery
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

APT42

Score: 14.01
Matched TTPs:
  • T1082 - System Information Discovery
  • T1070.008 - Clear Mailbox Data
  • T1583.003 - Virtual Private Server
  • T1102 - Web Service
  • T1111 - Multi-Factor Authentication Interception
MITREへのリンク →

Aquatic Panda

Score: 5.10
Matched TTPs:
  • T1082 - System Information Discovery
  • T1036.004 - Masquerade Task or Service
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Medusa Group

Score: 16.66
Matched TTPs:
  • T1082 - System Information Discovery
  • T1106 - Native API
  • T1562.004 - Disable or Modify System Firewall
  • T1505.003 - Web Shell
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Stealth Falcon

Score: 5.84
Matched TTPs:
  • T1082 - System Information Discovery
  • T1555 - Credentials from Password Stores
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

Chimera

Score: 15.45
Matched TTPs:
  • T1106 - Native API
  • T1083 - File and Directory Discovery
  • T1049 - System Network Connections Discovery
  • T1041 - Exfiltration Over C2 Channel
  • T1556.001 - Domain Controller Authentication
  • T1111 - Multi-Factor Authentication Interception
MITREへのリンク →

ToddyCat

Score: 10.18
Matched TTPs:
  • T1106 - Native API
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1049 - System Network Connections Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Volt Typhoon

Score: 31.97
Matched TTPs:
  • T1584.003 - Virtual Private Server
  • T1555 - Credentials from Password Stores
  • T1589 - Gather Victim Identity Information
  • T1505.003 - Web Shell
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1049 - System Network Connections Discovery
  • T1591 - Gather Victim Org Information
  • T1590 - Gather Victim Network Information
  • T1587.004 - Exploits
  • T1596.005 - Scan Databases
MITREへのリンク →

LAPSUS$

Score: 25.90
Matched TTPs:
  • T1586.002 - Email Accounts
  • T1589 - Gather Victim Identity Information
  • T1598.004 - Spearphishing Voice
  • T1591.002 - Business Relationships
  • T1090 - Proxy
  • T1583.003 - Virtual Private Server
  • T1213.003 - Code Repositories
  • T1111 - Multi-Factor Authentication Interception
MITREへのリンク →

Akira

Score: 8.68
Matched TTPs:
  • T1558 - Steal or Forge Kerberos Tickets
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Leafminer

Score: 3.97
Matched TTPs:
  • T1555 - Credentials from Password Stores
  • T1083 - File and Directory Discovery
MITREへのリンク →

Carbanak

Score: 4.44
Matched TTPs:
  • T1562.004 - Disable or Modify System Firewall
  • T1036.004 - Masquerade Task or Service
MITREへのリンク →

Velvet Ant

Score: 7.17
Matched TTPs:
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1049 - System Network Connections Discovery
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

BackdoorDiplomacy

Score: 5.60
Matched TTPs:
  • T1505.003 - Web Shell
  • T1036.004 - Masquerade Task or Service
  • T1049 - System Network Connections Discovery
MITREへのリンク →

Deep Panda

Score: 5.05
Matched TTPs:
  • T1505.003 - Web Shell
  • T1546.008 - Accessibility Features
MITREへのリンク →

Volatile Cedar

Score: 5.90
Matched TTPs:
  • T1505.003 - Web Shell
  • T1595.003 - Wordlist Scanning
MITREへのリンク →

Fox Kitten

Score: 13.31
Matched TTPs:
  • T1505.003 - Web Shell
  • T1546.008 - Accessibility Features
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1036.004 - Masquerade Task or Service
  • T1102 - Web Service
MITREへのリンク →

Earth Lusca

Score: 6.42
Matched TTPs:
  • T1090 - Proxy
  • T1049 - System Network Connections Discovery
  • T1218.005 - Mshta
MITREへのリンク →

Dark Caracal

Score: 3.82
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Lotus Blossom

Score: 3.03
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1049 - System Network Connections Discovery
MITREへのリンク →

INC Ransom

Score: 5.87
Matched TTPs:
  • T1049 - System Network Connections Discovery
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

SilverTerrier

Score: 3.62
Matched TTPs:
  • T1071.002 - File Transfer Protocols
MITREへのリンク →

Storm-1811

Score: 4.86
Matched TTPs:
  • T1486 - Data Encrypted for Impact
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Equation

Score: 4.13
Matched TTPs:
  • T1480.001 - Environmental Keying
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.70
Matched TTPs:
  • T1587.001 - Malware
  • T1036.004 - Masquerade Task or Service
  • T1041 - Exfiltration Over C2 Channel
  • T1218.005 - Mshta
  • T1596 - Search Open Technical Databases
  • T1562.004 - Disable or Modify System Firewall
  • T1082 - System Information Discovery
  • T1586.002 - Email Accounts
  • T1071.002 - File Transfer Protocols
  • T1598.003 - Spearphishing Link
  • T1505.003 - Web Shell
  • T1566.001 - Spearphishing Attachment
  • T1591 - Gather Victim Org Information
  • T1102.001 - Dead Drop Resolver
  • T1562.001 - Disable or Modify Tools
  • T1588.005 - Exploits
  • T1557 - Adversary-in-the-Middle
  • T1534 - Internal Spearphishing
  • T1083 - File and Directory Discovery
  • T1111 - Multi-Factor Authentication Interception
MITREへのリンク →

APT41

Score: 0.64
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1102.001 - Dead Drop Resolver
  • T1486 - Data Encrypted for Impact
  • T1003.002 - Security Account Manager
  • T1595.003 - Wordlist Scanning
  • T1555 - Credentials from Password Stores
  • T1090 - Proxy
  • T1082 - System Information Discovery
  • T1083 - File and Directory Discovery
  • T1599 - Network Boundary Bridging
  • T1213.003 - Code Repositories
  • T1036.004 - Masquerade Task or Service
  • T1546.008 - Accessibility Features
  • T1049 - System Network Connections Discovery
  • T1596.005 - Scan Databases
  • T1071.002 - File Transfer Protocols
  • T1480.001 - Environmental Keying
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る