Middle East Conflict Fuels Opportunistic Cyber Attacks
概要
The ongoing conflict in the Middle East has triggered a surge in cybercriminal activity. Over 8,000 newly registered domains with conflict-related keywords have been identified, many of which may be weaponized in future campaigns. Multiple cases of malicious activity have been observed, including targeted attacks using conflict-themed lures, deployment of the LOTUSLITE backdoor, fake news blogs leading to StealC malware, phishing sites impersonating government portals, donation scams, fraudulent storefronts, and meme-coin pump-and-dump schemes. Threat actors are leveraging various techniques such as DLL sideloading, shellcode execution, and social engineering to compromise victims. The campaigns demonstrate the opportunistic nature of cybercriminals in exploiting geopolitical events for malicious purposes.
Created: 2026-03-09
Indicators
類似Pulses
類似するPulseは見つかりませんでした。
このPulseに関連する脅威アクター (事実ベース)
Score: 43.40
Matched TTPs:
- T1037 - Boot or Logon Initialization Scripts
- T1606.002 - SAML Tokens
- T1543.003 - Windows Service
- T1566.002 - Spearphishing Link
- T1089 - Disabling Security Tools
- T1024 - Custom Cryptographic Protocol
- T1091 - Replication Through Removable Media
- T1098.007 - Additional Local or Domain Groups
- T1555.003 - Credentials from Web Browsers
- T1183 - Image File Execution Options Injection
- T1219.001 - IDE Tunneling
- T1218.012 - Verclsid
- T1569.001 - Launchctl
- T1608.005 - Link Target
- T1102.003 - One-Way Communication
- T1199 - Trusted Relationship
- T1218.010 - Regsvr32
- T1203 - Exploitation for Client Execution
- T1209 - Time Providers
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 97.15
Matched TTPs:
- T1037 - Boot or Logon Initialization Scripts
- T1033 - System Owner/User Discovery
- T1114 - Email Collection
- T1606.002 - SAML Tokens
- T1543.003 - Windows Service
- T1566.002 - Spearphishing Link
- T1024 - Custom Cryptographic Protocol
- T1091 - Replication Through Removable Media
- T1098.007 - Additional Local or Domain Groups
- T1009 - Binary Padding
- T1152 - Launchctl
- T1555.003 - Credentials from Web Browsers
- T1557.003 - DHCP Spoofing
- T1183 - Image File Execution Options Injection
- T1683.001 - Written Content
- T1219.001 - IDE Tunneling
- T1218.012 - Verclsid
- T1552.003 - Shell History
- T1608.005 - Link Target
- T1057 - Process Discovery
- T1041 - Exfiltration Over C2 Channel
- T1055.014 - VDSO Hijacking
- T1102.003 - One-Way Communication
- T1199 - Trusted Relationship
- T1562.013 - Disable or Modify Network Device Firewall
- T1597 - Search Closed Sources
- T1690 - Prevent Command History Logging
- T1547.002 - Authentication Package
- T1030 - Data Transfer Size Limits
- T1197 - BITS Jobs
- T1656 - Impersonation
- T1132.002 - Non-Standard Encoding
- T1027.018 - Invisible Unicode
- T1003.003 - NTDS
- T1008 - Fallback Channels
MITREへのリンク →
Score: 34.96
Matched TTPs:
- T1037 - Boot or Logon Initialization Scripts
- T1033 - System Owner/User Discovery
- T1499.003 - Application Exhaustion Flood
- T1063 - Security Software Discovery
- T1098.007 - Additional Local or Domain Groups
- T1555.003 - Credentials from Web Browsers
- T1175 - Component Object Model and Distributed COM
- T1199 - Trusted Relationship
- T1562.013 - Disable or Modify Network Device Firewall
- T1157 - Dylib Hijacking
- T1218.010 - Regsvr32
- T1137.004 - Outlook Home Page
- T1059.013 - Container CLI/API
MITREへのリンク →
Score: 41.96
Matched TTPs:
- T1033 - System Owner/User Discovery
- T1564.008 - Email Hiding Rules
- T1584.008 - Network Devices
- T1005 - Data from Local System
- T1558 - Steal or Forge Kerberos Tickets
- T1555.003 - Credentials from Web Browsers
- T1136.002 - Domain Account
- T1175 - Component Object Model and Distributed COM
- T1597 - Search Closed Sources
- T1218.010 - Regsvr32
- T1203 - Exploitation for Client Execution
- T1656 - Impersonation
- T1519 - Emond
- T1209 - Time Providers
- T1003.003 - NTDS
MITREへのリンク →
Score: 19.43
Matched TTPs:
- T1033 - System Owner/User Discovery
- T1606.002 - SAML Tokens
- T1574.008 - Path Interception by Search Order Hijacking
- T1183 - Image File Execution Options Injection
- T1597 - Search Closed Sources
- T1157 - Dylib Hijacking
- T1027 - Obfuscated Files or Information
- T1546.016 - Installer Packages
MITREへのリンク →
Score: 13.14
Matched TTPs:
- T1033 - System Owner/User Discovery
- T1584.008 - Network Devices
- T1558 - Steal or Forge Kerberos Tickets
- T1555.003 - Credentials from Web Browsers
- T1597 - Search Closed Sources
- T1209 - Time Providers
MITREへのリンク →
Score: 61.65
Matched TTPs:
- T1033 - System Owner/User Discovery
- T1044 - File System Permissions Weakness
- T1491.002 - External Defacement
- T1606.002 - SAML Tokens
- T1091 - Replication Through Removable Media
- T1098.007 - Additional Local or Domain Groups
- T1558 - Steal or Forge Kerberos Tickets
- T1547.005 - Security Support Provider
- T1021.006 - Windows Remote Management
- T1183 - Image File Execution Options Injection
- T1045 - Software Packing
- T1175 - Component Object Model and Distributed COM
- T1219.001 - IDE Tunneling
- T1552.003 - Shell History
- T1608.005 - Link Target
- T1102.003 - One-Way Communication
- T1199 - Trusted Relationship
- T1597 - Search Closed Sources
- T1690 - Prevent Command History Logging
- T1030 - Data Transfer Size Limits
- T1656 - Impersonation
- T1221 - Template Injection
- T1027.018 - Invisible Unicode
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 81.08
Matched TTPs:
- T1033 - System Owner/User Discovery
- T1564.008 - Email Hiding Rules
- T1114 - Email Collection
- T1606.002 - SAML Tokens
- T1063 - Security Software Discovery
- T1484.002 - Trust Modification
- T1543.003 - Windows Service
- T1566.002 - Spearphishing Link
- T1091 - Replication Through Removable Media
- T1005 - Data from Local System
- T1098.007 - Additional Local or Domain Groups
- T1558 - Steal or Forge Kerberos Tickets
- T1555.003 - Credentials from Web Browsers
- T1557.003 - DHCP Spoofing
- T1183 - Image File Execution Options Injection
- T1193 - Spearphishing Attachment
- T1045 - Software Packing
- T1219.001 - IDE Tunneling
- T1049 - System Network Connections Discovery
- T1102.003 - One-Way Communication
- T1199 - Trusted Relationship
- T1157 - Dylib Hijacking
- T1027 - Obfuscated Files or Information
- T1187 - Forced Authentication
- T1547.002 - Authentication Package
- T1218.010 - Regsvr32
- T1075 - Pass the Hash
- T1546.016 - Installer Packages
- T1111 - Multi-Factor Authentication Interception
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 26.04
Matched TTPs:
- T1033 - System Owner/User Discovery
- T1566.002 - Spearphishing Link
- T1024 - Custom Cryptographic Protocol
- T1091 - Replication Through Removable Media
- T1098.007 - Additional Local or Domain Groups
- T1547.005 - Security Support Provider
- T1183 - Image File Execution Options Injection
- T1657 - Financial Theft
- T1102.003 - One-Way Communication
- T1199 - Trusted Relationship
- T1157 - Dylib Hijacking
MITREへのリンク →
Score: 53.13
Matched TTPs:
- T1148 - HISTCONTROL
- T1685.001 - Disable or Modify Windows Event Log
- T1114 - Email Collection
- T1547.005 - Security Support Provider
- T1555.003 - Credentials from Web Browsers
- T1045 - Software Packing
- T1219.001 - IDE Tunneling
- T1049 - System Network Connections Discovery
- T1057 - Process Discovery
- T1102.003 - One-Way Communication
- T1199 - Trusted Relationship
- T1157 - Dylib Hijacking
- T1039 - Data from Network Shared Drive
- T1488 - Disk Content Wipe
- T1065 - Uncommonly Used Port
- T1546.016 - Installer Packages
- T1209 - Time Providers
- T1574.002 - DLL Side-Loading
- T1578.001 - Create Snapshot
MITREへのリンク →
Score: 59.47
Matched TTPs:
- T1216.001 - PubPrn
- T1024 - Custom Cryptographic Protocol
- T1547.005 - Security Support Provider
- T1019 - System Firmware
- T1193 - Spearphishing Attachment
- T1045 - Software Packing
- T1136.002 - Domain Account
- T1175 - Component Object Model and Distributed COM
- T1619 - Cloud Storage Object Discovery
- T1199 - Trusted Relationship
- T1157 - Dylib Hijacking
- T1039 - Data from Network Shared Drive
- T1592.003 - Firmware
- T1137.004 - Outlook Home Page
- T1030 - Data Transfer Size Limits
- T1065 - Uncommonly Used Port
- T1564.003 - Hidden Window
- T1132.002 - Non-Standard Encoding
- T1588.005 - Exploits
MITREへのリンク →
Score: 7.58
Matched TTPs:
- T1491.002 - External Defacement
- T1219.001 - IDE Tunneling
- T1218.012 - Verclsid
- T1199 - Trusted Relationship
- T1218.010 - Regsvr32
MITREへのリンク →
Score: 7.18
Matched TTPs:
- T1491.002 - External Defacement
- T1219.001 - IDE Tunneling
- T1059.012 - Hypervisor CLI
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 7.66
Matched TTPs:
- T1491.002 - External Defacement
- T1543.003 - Windows Service
- T1218.010 - Regsvr32
- T1059.012 - Hypervisor CLI
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 8.74
Matched TTPs:
- T1491.002 - External Defacement
- T1219.001 - IDE Tunneling
- T1218.010 - Regsvr32
- T1059.012 - Hypervisor CLI
- T1578.001 - Create Snapshot
MITREへのリンク →
Score: 12.21
Matched TTPs:
- T1491.002 - External Defacement
- T1543.003 - Windows Service
- T1115 - Clipboard Data
- T1098.007 - Additional Local or Domain Groups
- T1218.010 - Regsvr32
- T1059.012 - Hypervisor CLI
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 51.46
Matched TTPs:
- T1491.002 - External Defacement
- T1685.001 - Disable or Modify Windows Event Log
- T1566.002 - Spearphishing Link
- T1024 - Custom Cryptographic Protocol
- T1098.007 - Additional Local or Domain Groups
- T1558 - Steal or Forge Kerberos Tickets
- T1152 - Launchctl
- T1555.003 - Credentials from Web Browsers
- T1175 - Component Object Model and Distributed COM
- T1219.001 - IDE Tunneling
- T1608.005 - Link Target
- T1057 - Process Discovery
- T1199 - Trusted Relationship
- T1157 - Dylib Hijacking
- T1039 - Data from Network Shared Drive
- T1592.003 - Firmware
- T1547.002 - Authentication Package
- T1218.010 - Regsvr32
- T1197 - BITS Jobs
- T1059.012 - Hypervisor CLI
- T1027.018 - Invisible Unicode
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 4.32
Matched TTPs:
- T1491.002 - External Defacement
- T1219.001 - IDE Tunneling
- T1157 - Dylib Hijacking
MITREへのリンク →
Score: 42.95
Matched TTPs:
- T1491.002 - External Defacement
- T1685.001 - Disable or Modify Windows Event Log
- T1484.002 - Trust Modification
- T1543.003 - Windows Service
- T1024 - Custom Cryptographic Protocol
- T1098.007 - Additional Local or Domain Groups
- T1555.003 - Credentials from Web Browsers
- T1183 - Image File Execution Options Injection
- T1554 - Compromise Host Software Binary
- T1055.014 - VDSO Hijacking
- T1157 - Dylib Hijacking
- T1488 - Disk Content Wipe
- T1592.003 - Firmware
- T1218.010 - Regsvr32
- T1059.012 - Hypervisor CLI
- T1546.016 - Installer Packages
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 19.94
Matched TTPs:
- T1491.002 - External Defacement
- T1543.003 - Windows Service
- T1566.002 - Spearphishing Link
- T1089 - Disabling Security Tools
- T1219.001 - IDE Tunneling
- T1218.012 - Verclsid
- T1657 - Financial Theft
- T1218.010 - Regsvr32
- T1027.018 - Invisible Unicode
- T1578.001 - Create Snapshot
MITREへのリンク →
Score: 13.90
Matched TTPs:
- T1491.002 - External Defacement
- T1543.003 - Windows Service
- T1555.003 - Credentials from Web Browsers
- T1219.001 - IDE Tunneling
- T1199 - Trusted Relationship
- T1157 - Dylib Hijacking
- T1547.002 - Authentication Package
- T1209 - Time Providers
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 45.24
Matched TTPs:
- T1491.002 - External Defacement
- T1606.002 - SAML Tokens
- T1543.003 - Windows Service
- T1089 - Disabling Security Tools
- T1098.007 - Additional Local or Domain Groups
- T1009 - Binary Padding
- T1183 - Image File Execution Options Injection
- T1219.001 - IDE Tunneling
- T1218.012 - Verclsid
- T1608.005 - Link Target
- T1606.001 - Web Cookies
- T1057 - Process Discovery
- T1199 - Trusted Relationship
- T1597 - Search Closed Sources
- T1157 - Dylib Hijacking
- T1547.002 - Authentication Package
- T1218.010 - Regsvr32
- T1059.012 - Hypervisor CLI
- T1546.016 - Installer Packages
- T1209 - Time Providers
- T1578.001 - Create Snapshot
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 13.26
Matched TTPs:
- T1491.002 - External Defacement
- T1091 - Replication Through Removable Media
- T1608.005 - Link Target
- T1597 - Search Closed Sources
- T1218.010 - Regsvr32
- T1030 - Data Transfer Size Limits
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 10.26
Matched TTPs:
- T1491.002 - External Defacement
- T1543.003 - Windows Service
- T1199 - Trusted Relationship
- T1157 - Dylib Hijacking
- T1039 - Data from Network Shared Drive
- T1218.010 - Regsvr32
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 12.19
Matched TTPs:
- T1491.002 - External Defacement
- T1091 - Replication Through Removable Media
- T1098.007 - Additional Local or Domain Groups
- T1199 - Trusted Relationship
- T1039 - Data from Network Shared Drive
- T1218.010 - Regsvr32
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 15.34
Matched TTPs:
- T1491.002 - External Defacement
- T1543.003 - Windows Service
- T1091 - Replication Through Removable Media
- T1098.007 - Additional Local or Domain Groups
- T1136.002 - Domain Account
- T1199 - Trusted Relationship
- T1597 - Search Closed Sources
- T1027 - Obfuscated Files or Information
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 7.41
Matched TTPs:
- T1491.002 - External Defacement
- T1089 - Disabling Security Tools
- T1218.010 - Regsvr32
- T1578.001 - Create Snapshot
MITREへのリンク →
Score: 5.94
Matched TTPs:
- T1491.002 - External Defacement
- T1089 - Disabling Security Tools
- T1199 - Trusted Relationship
- T1059.012 - Hypervisor CLI
MITREへのリンク →
Score: 20.76
Matched TTPs:
- T1491.002 - External Defacement
- T1555.003 - Credentials from Web Browsers
- T1177 - LSASS Driver
- T1045 - Software Packing
- T1219.001 - IDE Tunneling
- T1157 - Dylib Hijacking
- T1656 - Impersonation
- T1209 - Time Providers
- T1588.005 - Exploits
MITREへのリンク →
Score: 27.74
Matched TTPs:
- T1491.002 - External Defacement
- T1584.008 - Network Devices
- T1089 - Disabling Security Tools
- T1115 - Clipboard Data
- T1091 - Replication Through Removable Media
- T1098.007 - Additional Local or Domain Groups
- T1218.003 - CMSTP
- T1555.003 - Credentials from Web Browsers
- T1199 - Trusted Relationship
- T1157 - Dylib Hijacking
- T1039 - Data from Network Shared Drive
- T1218.010 - Regsvr32
- T1059.012 - Hypervisor CLI
- T1209 - Time Providers
MITREへのリンク →
Score: 17.35
Matched TTPs:
- T1491.002 - External Defacement
- T1543.003 - Windows Service
- T1091 - Replication Through Removable Media
- T1098.007 - Additional Local or Domain Groups
- T1136.002 - Domain Account
- T1218.012 - Verclsid
- T1608.005 - Link Target
- T1199 - Trusted Relationship
- T1597 - Search Closed Sources
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 4.12
Matched TTPs:
- T1491.002 - External Defacement
- T1552.003 - Shell History
MITREへのリンク →
Score: 55.12
Matched TTPs:
- T1491.002 - External Defacement
- T1171 - LLMNR/NBT-NS Poisoning and Relay
- T1543.003 - Windows Service
- T1566.002 - Spearphishing Link
- T1024 - Custom Cryptographic Protocol
- T1098.007 - Additional Local or Domain Groups
- T1547.005 - Security Support Provider
- T1009 - Binary Padding
- T1555.003 - Credentials from Web Browsers
- T1183 - Image File Execution Options Injection
- T1045 - Software Packing
- T1219.001 - IDE Tunneling
- T1608.005 - Link Target
- T1199 - Trusted Relationship
- T1597 - Search Closed Sources
- T1027 - Obfuscated Files or Information
- T1187 - Forced Authentication
- T1592.003 - Firmware
- T1547.002 - Authentication Package
- T1059.012 - Hypervisor CLI
- T1209 - Time Providers
- T1098.002 - Additional Email Delegate Permissions
- T1027.018 - Invisible Unicode
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 26.30
Matched TTPs:
- T1491.002 - External Defacement
- T1543.003 - Windows Service
- T1089 - Disabling Security Tools
- T1098.007 - Additional Local or Domain Groups
- T1558 - Steal or Forge Kerberos Tickets
- T1199 - Trusted Relationship
- T1027 - Obfuscated Files or Information
- T1486 - Data Encrypted for Impact
- T1567.003 - Exfiltration to Text Storage Sites
- T1030 - Data Transfer Size Limits
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 4.78
Matched TTPs:
- T1491.002 - External Defacement
- T1045 - Software Packing
- T1199 - Trusted Relationship
MITREへのリンク →
Score: 9.65
Matched TTPs:
- T1491.002 - External Defacement
- T1089 - Disabling Security Tools
- T1555.003 - Credentials from Web Browsers
- T1219.001 - IDE Tunneling
- T1218.010 - Regsvr32
- T1209 - Time Providers
MITREへのリンク →
Score: 4.40
Matched TTPs:
- T1491.002 - External Defacement
- T1543.003 - Windows Service
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 6.27
Matched TTPs:
- T1491.002 - External Defacement
- T1089 - Disabling Security Tools
- T1199 - Trusted Relationship
- T1039 - Data from Network Shared Drive
MITREへのリンク →
Score: 14.96
Matched TTPs:
- T1491.002 - External Defacement
- T1584.008 - Network Devices
- T1089 - Disabling Security Tools
- T1098.007 - Additional Local or Domain Groups
- T1558 - Steal or Forge Kerberos Tickets
- T1219.001 - IDE Tunneling
- T1199 - Trusted Relationship
- T1157 - Dylib Hijacking
- T1209 - Time Providers
MITREへのリンク →
Score: 8.64
Matched TTPs:
- T1491.002 - External Defacement
- T1606.002 - SAML Tokens
- T1009 - Binary Padding
- T1555.003 - Credentials from Web Browsers
- T1199 - Trusted Relationship
MITREへのリンク →
Score: 25.24
Matched TTPs:
- T1491.002 - External Defacement
- T1606.002 - SAML Tokens
- T1091 - Replication Through Removable Media
- T1098.007 - Additional Local or Domain Groups
- T1558 - Steal or Forge Kerberos Tickets
- T1009 - Binary Padding
- T1071.003 - Mail Protocols
- T1219.001 - IDE Tunneling
- T1597 - Search Closed Sources
- T1519 - Emond
- T1209 - Time Providers
MITREへのリンク →
Score: 7.57
Matched TTPs:
- T1491.002 - External Defacement
- T1136.002 - Domain Account
- T1199 - Trusted Relationship
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 3.39
Matched TTPs:
- T1491.002 - External Defacement
- T1597 - Search Closed Sources
MITREへのリンク →
Score: 37.07
Matched TTPs:
- T1491.002 - External Defacement
- T1606.002 - SAML Tokens
- T1543.003 - Windows Service
- T1574.014 - AppDomainManager
- T1024 - Custom Cryptographic Protocol
- T1091 - Replication Through Removable Media
- T1005 - Data from Local System
- T1098.007 - Additional Local or Domain Groups
- T1558 - Steal or Forge Kerberos Tickets
- T1009 - Binary Padding
- T1555.003 - Credentials from Web Browsers
- T1199 - Trusted Relationship
- T1157 - Dylib Hijacking
- T1039 - Data from Network Shared Drive
- T1218.010 - Regsvr32
- T1209 - Time Providers
- T1027.018 - Invisible Unicode
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 35.62
Matched TTPs:
- T1491.002 - External Defacement
- T1543.003 - Windows Service
- T1566.002 - Spearphishing Link
- T1089 - Disabling Security Tools
- T1115 - Clipboard Data
- T1091 - Replication Through Removable Media
- T1098.007 - Additional Local or Domain Groups
- T1558 - Steal or Forge Kerberos Tickets
- T1547.005 - Security Support Provider
- T1555.003 - Credentials from Web Browsers
- T1219.001 - IDE Tunneling
- T1218.012 - Verclsid
- T1608.005 - Link Target
- T1199 - Trusted Relationship
- T1039 - Data from Network Shared Drive
- T1218.010 - Regsvr32
- T1059.012 - Hypervisor CLI
- T1209 - Time Providers
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 26.04
Matched TTPs:
- T1491.002 - External Defacement
- T1606.002 - SAML Tokens
- T1566.002 - Spearphishing Link
- T1091 - Replication Through Removable Media
- T1098.007 - Additional Local or Domain Groups
- T1183 - Image File Execution Options Injection
- T1175 - Component Object Model and Distributed COM
- T1057 - Process Discovery
- T1027 - Obfuscated Files or Information
- T1197 - BITS Jobs
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 13.41
Matched TTPs:
- T1171 - LLMNR/NBT-NS Poisoning and Relay
- T1136.002 - Domain Account
- T1187 - Forced Authentication
- T1218.010 - Regsvr32
- T1059.012 - Hypervisor CLI
MITREへのリンク →
Score: 28.21
Matched TTPs:
- T1171 - LLMNR/NBT-NS Poisoning and Relay
- T1027.008 - Stripped Payloads
- T1555.003 - Credentials from Web Browsers
- T1059 - Command and Scripting Interpreter
- T1175 - Component Object Model and Distributed COM
- T1219.001 - IDE Tunneling
- T1049 - System Network Connections Discovery
- T1608.005 - Link Target
- T1039 - Data from Network Shared Drive
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 48.93
Matched TTPs:
- T1539 - Steal Web Session Cookie
- T1584.008 - Network Devices
- T1089 - Disabling Security Tools
- T1574.008 - Path Interception by Search Order Hijacking
- T1177 - LSASS Driver
- T1045 - Software Packing
- T1219.001 - IDE Tunneling
- T1041 - Exfiltration Over C2 Channel
- T1199 - Trusted Relationship
- T1157 - Dylib Hijacking
- T1027 - Obfuscated Files or Information
- T1218.010 - Regsvr32
- T1002 - Data Compressed
- T1030 - Data Transfer Size Limits
- T1564.003 - Hidden Window
- T1209 - Time Providers
- T1574.002 - DLL Side-Loading
- T1008 - Fallback Channels
MITREへのリンク →
Score: 8.66
Matched TTPs:
- T1539 - Steal Web Session Cookie
- T1558 - Steal or Forge Kerberos Tickets
- T1218.012 - Verclsid
MITREへのリンク →
Score: 29.26
Matched TTPs:
- T1685.001 - Disable or Modify Windows Event Log
- T1543.003 - Windows Service
- T1566.002 - Spearphishing Link
- T1098.007 - Additional Local or Domain Groups
- T1558 - Steal or Forge Kerberos Tickets
- T1608.005 - Link Target
- T1039 - Data from Network Shared Drive
- T1547.002 - Authentication Package
- T1197 - BITS Jobs
- T1608.006 - SEO Poisoning
- T1027.018 - Invisible Unicode
- T1578.001 - Create Snapshot
MITREへのリンク →
Score: 10.29
Matched TTPs:
- T1584.008 - Network Devices
- T1089 - Disabling Security Tools
- T1059.012 - Hypervisor CLI
- T1546.016 - Installer Packages
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 11.65
Matched TTPs:
- T1584.008 - Network Devices
- T1089 - Disabling Security Tools
- T1555.003 - Credentials from Web Browsers
- T1557.003 - DHCP Spoofing
- T1199 - Trusted Relationship
- T1157 - Dylib Hijacking
MITREへのリンク →
Score: 32.08
Matched TTPs:
- T1584.008 - Network Devices
- T1606.002 - SAML Tokens
- T1543.003 - Windows Service
- T1024 - Custom Cryptographic Protocol
- T1555.003 - Credentials from Web Browsers
- T1177 - LSASS Driver
- T1218.012 - Verclsid
- T1608.005 - Link Target
- T1199 - Trusted Relationship
- T1157 - Dylib Hijacking
- T1039 - Data from Network Shared Drive
- T1218.010 - Regsvr32
- T1608.006 - SEO Poisoning
- T1027.018 - Invisible Unicode
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 19.74
Matched TTPs:
- T1584.008 - Network Devices
- T1606.002 - SAML Tokens
- T1089 - Disabling Security Tools
- T1558 - Steal or Forge Kerberos Tickets
- T1547.005 - Security Support Provider
- T1555.003 - Credentials from Web Browsers
- T1219.001 - IDE Tunneling
- T1552.003 - Shell History
- T1199 - Trusted Relationship
- T1209 - Time Providers
MITREへのリンク →
Score: 36.98
Matched TTPs:
- T1584.008 - Network Devices
- T1566.002 - Spearphishing Link
- T1115 - Clipboard Data
- T1098.007 - Additional Local or Domain Groups
- T1009 - Binary Padding
- T1555.003 - Credentials from Web Browsers
- T1193 - Spearphishing Attachment
- T1175 - Component Object Model and Distributed COM
- T1219.001 - IDE Tunneling
- T1657 - Financial Theft
- T1041 - Exfiltration Over C2 Channel
- T1199 - Trusted Relationship
- T1157 - Dylib Hijacking
- T1218.010 - Regsvr32
- T1059.012 - Hypervisor CLI
- T1546.016 - Installer Packages
MITREへのリンク →
Score: 12.11
Matched TTPs:
- T1584.008 - Network Devices
- T1606.002 - SAML Tokens
- T1027.008 - Stripped Payloads
- T1219.001 - IDE Tunneling
- T1199 - Trusted Relationship
- T1157 - Dylib Hijacking
MITREへのリンク →
Score: 9.50
Matched TTPs:
- T1584.008 - Network Devices
- T1027.008 - Stripped Payloads
- T1555.003 - Credentials from Web Browsers
- T1219.001 - IDE Tunneling
MITREへのリンク →
Score: 16.29
Matched TTPs:
- T1584.008 - Network Devices
- T1543.003 - Windows Service
- T1038 - DLL Search Order Hijacking
- T1183 - Image File Execution Options Injection
- T1199 - Trusted Relationship
- T1597 - Search Closed Sources
- T1157 - Dylib Hijacking
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 15.67
Matched TTPs:
- T1114 - Email Collection
- T1566.002 - Spearphishing Link
- T1098.007 - Additional Local or Domain Groups
- T1183 - Image File Execution Options Injection
- T1584.005 - Botnet
- T1199 - Trusted Relationship
- T1157 - Dylib Hijacking
MITREへのリンク →
Score: 24.27
Matched TTPs:
- T1114 - Email Collection
- T1543.003 - Windows Service
- T1091 - Replication Through Removable Media
- T1098.007 - Additional Local or Domain Groups
- T1183 - Image File Execution Options Injection
- T1149 - LC_MAIN Hijacking
- T1690 - Prevent Command History Logging
- T1218.010 - Regsvr32
- T1027.018 - Invisible Unicode
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 6.66
Matched TTPs:
- T1114 - Email Collection
- T1608.005 - Link Target
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 21.24
Matched TTPs:
- T1499.003 - Application Exhaustion Flood
- T1177 - LSASS Driver
- T1175 - Component Object Model and Distributed COM
- T1049 - System Network Connections Discovery
- T1562.013 - Disable or Modify Network Device Firewall
- T1157 - Dylib Hijacking
- T1218.010 - Regsvr32
- T1059.012 - Hypervisor CLI
MITREへのリンク →
Score: 25.71
Matched TTPs:
- T1499.003 - Application Exhaustion Flood
- T1024 - Custom Cryptographic Protocol
- T1091 - Replication Through Removable Media
- T1098.007 - Additional Local or Domain Groups
- T1547.005 - Security Support Provider
- T1183 - Image File Execution Options Injection
- T1055.014 - VDSO Hijacking
- T1199 - Trusted Relationship
- T1547.002 - Authentication Package
- T1065 - Uncommonly Used Port
MITREへのリンク →
Score: 28.24
Matched TTPs:
- T1606.002 - SAML Tokens
- T1009 - Binary Padding
- T1021.006 - Windows Remote Management
- T1136.002 - Domain Account
- T1219.001 - IDE Tunneling
- T1597 - Search Closed Sources
- T1157 - Dylib Hijacking
- T1039 - Data from Network Shared Drive
- T1488 - Disk Content Wipe
- T1218.010 - Regsvr32
- T1203 - Exploitation for Client Execution
- T1578.001 - Create Snapshot
MITREへのリンク →
Score: 20.10
Matched TTPs:
- T1606.002 - SAML Tokens
- T1543.003 - Windows Service
- T1089 - Disabling Security Tools
- T1115 - Clipboard Data
- T1091 - Replication Through Removable Media
- T1136.002 - Domain Account
- T1219.001 - IDE Tunneling
- T1584.005 - Botnet
- T1199 - Trusted Relationship
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 9.82
Matched TTPs:
- T1606.002 - SAML Tokens
- T1608.002 - Upload Tool
- T1009 - Binary Padding
- T1199 - Trusted Relationship
MITREへのリンク →
Score: 9.99
Matched TTPs:
- T1606.002 - SAML Tokens
- T1219.001 - IDE Tunneling
- T1552.003 - Shell History
- T1199 - Trusted Relationship
- T1597 - Search Closed Sources
- T1157 - Dylib Hijacking
MITREへのリンク →
Score: 7.92
Matched TTPs:
- T1606.002 - SAML Tokens
- T1558 - Steal or Forge Kerberos Tickets
- T1219.001 - IDE Tunneling
- T1199 - Trusted Relationship
- T1218.010 - Regsvr32
MITREへのリンク →
Score: 7.97
Matched TTPs:
- T1606.002 - SAML Tokens
- T1543.003 - Windows Service
- T1219.001 - IDE Tunneling
- T1209 - Time Providers
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 34.59
Matched TTPs:
- T1606.002 - SAML Tokens
- T1063 - Security Software Discovery
- T1543.003 - Windows Service
- T1045 - Software Packing
- T1136.002 - Domain Account
- T1219.001 - IDE Tunneling
- T1608.005 - Link Target
- T1199 - Trusted Relationship
- T1597 - Search Closed Sources
- T1218.001 - Compiled HTML File
- T1039 - Data from Network Shared Drive
- T1547.002 - Authentication Package
- T1059.012 - Hypervisor CLI
- T1546.016 - Installer Packages
- T1027.018 - Invisible Unicode
- T1578.001 - Create Snapshot
MITREへのリンク →
Score: 43.01
Matched TTPs:
- T1606.002 - SAML Tokens
- T1543.003 - Windows Service
- T1115 - Clipboard Data
- T1091 - Replication Through Removable Media
- T1098.007 - Additional Local or Domain Groups
- T1009 - Binary Padding
- T1011.001 - Exfiltration Over Bluetooth
- T1218.012 - Verclsid
- T1584.005 - Botnet
- T1608.005 - Link Target
- T1057 - Process Discovery
- T1199 - Trusted Relationship
- T1157 - Dylib Hijacking
- T1027 - Obfuscated Files or Information
- T1547.002 - Authentication Package
- T1065 - Uncommonly Used Port
- T1027.018 - Invisible Unicode
- T1578.001 - Create Snapshot
MITREへのリンク →
Score: 55.13
Matched TTPs:
- T1685.004 - Disable or Modify Linux Audit System Log
- T1566.002 - Spearphishing Link
- T1098.007 - Additional Local or Domain Groups
- T1547.005 - Security Support Provider
- T1019 - System Firmware
- T1045 - Software Packing
- T1136.002 - Domain Account
- T1219.001 - IDE Tunneling
- T1552.003 - Shell History
- T1619 - Cloud Storage Object Discovery
- T1199 - Trusted Relationship
- T1597 - Search Closed Sources
- T1157 - Dylib Hijacking
- T1039 - Data from Network Shared Drive
- T1027 - Obfuscated Files or Information
- T1030 - Data Transfer Size Limits
- T1197 - BITS Jobs
- T1564.003 - Hidden Window
- T1027.002 - Software Packing
- T1588.005 - Exploits
MITREへのリンク →
Score: 12.62
Matched TTPs:
- T1685.004 - Disable or Modify Linux Audit System Log
- T1574.008 - Path Interception by Search Order Hijacking
- T1552.003 - Shell History
- T1027 - Obfuscated Files or Information
MITREへのリンク →
Score: 16.74
Matched TTPs:
- T1063 - Security Software Discovery
- T1199 - Trusted Relationship
- T1597 - Search Closed Sources
- T1157 - Dylib Hijacking
- T1039 - Data from Network Shared Drive
- T1203 - Exploitation for Client Execution
- T1209 - Time Providers
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 8.65
Matched TTPs:
- T1543.003 - Windows Service
- T1089 - Disabling Security Tools
- T1199 - Trusted Relationship
- T1218.010 - Regsvr32
- T1209 - Time Providers
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 24.49
Matched TTPs:
- T1543.003 - Windows Service
- T1089 - Disabling Security Tools
- T1518.002 - Backup Software Discovery
- T1219.001 - IDE Tunneling
- T1218.012 - Verclsid
- T1608.005 - Link Target
- T1199 - Trusted Relationship
- T1597 - Search Closed Sources
- T1547.002 - Authentication Package
- T1218.010 - Regsvr32
- T1059.013 - Container CLI/API
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 9.95
Matched TTPs:
- T1543.003 - Windows Service
- T1219.001 - IDE Tunneling
- T1218.012 - Verclsid
- T1608.005 - Link Target
- T1218.010 - Regsvr32
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 4.57
Matched TTPs:
- T1543.003 - Windows Service
- T1059.012 - Hypervisor CLI
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 17.40
Matched TTPs:
- T1543.003 - Windows Service
- T1115 - Clipboard Data
- T1091 - Replication Through Removable Media
- T1557.003 - DHCP Spoofing
- T1059.012 - Hypervisor CLI
- T1543.002 - Systemd Service
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 4.54
Matched TTPs:
- T1543.003 - Windows Service
- T1089 - Disabling Security Tools
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 9.52
Matched TTPs:
- T1543.003 - Windows Service
- T1199 - Trusted Relationship
- T1157 - Dylib Hijacking
- T1039 - Data from Network Shared Drive
- T1027 - Obfuscated Files or Information
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 13.29
Matched TTPs:
- T1543.003 - Windows Service
- T1089 - Disabling Security Tools
- T1177 - LSASS Driver
- T1219.001 - IDE Tunneling
- T1218.010 - Regsvr32
- T1203 - Exploitation for Client Execution
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 8.56
Matched TTPs:
- T1543.003 - Windows Service
- T1098.007 - Additional Local or Domain Groups
- T1183 - Image File Execution Options Injection
- T1136.002 - Domain Account
- T1199 - Trusted Relationship
MITREへのリンク →
Score: 9.28
Matched TTPs:
- T1543.003 - Windows Service
- T1558 - Steal or Forge Kerberos Tickets
- T1059.012 - Hypervisor CLI
- T1027.018 - Invisible Unicode
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 13.14
Matched TTPs:
- T1543.003 - Windows Service
- T1518.002 - Backup Software Discovery
- T1199 - Trusted Relationship
- T1039 - Data from Network Shared Drive
- T1218.010 - Regsvr32
- T1209 - Time Providers
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 4.23
Matched TTPs:
- T1543.003 - Windows Service
- T1157 - Dylib Hijacking
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 29.54
Matched TTPs:
- T1543.003 - Windows Service
- T1089 - Disabling Security Tools
- T1091 - Replication Through Removable Media
- T1098.007 - Additional Local or Domain Groups
- T1557.003 - DHCP Spoofing
- T1045 - Software Packing
- T1136.002 - Domain Account
- T1218.012 - Verclsid
- T1608.005 - Link Target
- T1199 - Trusted Relationship
- T1218.001 - Compiled HTML File
- T1059.012 - Hypervisor CLI
- T1546.016 - Installer Packages
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 5.47
Matched TTPs:
- T1543.003 - Windows Service
- T1024 - Custom Cryptographic Protocol
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 15.69
Matched TTPs:
- T1543.003 - Windows Service
- T1566.002 - Spearphishing Link
- T1089 - Disabling Security Tools
- T1219.001 - IDE Tunneling
- T1199 - Trusted Relationship
- T1218.010 - Regsvr32
- T1059.012 - Hypervisor CLI
- T1027.018 - Invisible Unicode
- T1008 - Fallback Channels
MITREへのリンク →
Score: 15.30
Matched TTPs:
- T1543.003 - Windows Service
- T1091 - Replication Through Removable Media
- T1098.007 - Additional Local or Domain Groups
- T1558 - Steal or Forge Kerberos Tickets
- T1136.002 - Domain Account
- T1218.012 - Verclsid
- T1608.005 - Link Target
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 17.25
Matched TTPs:
- T1543.003 - Windows Service
- T1091 - Replication Through Removable Media
- T1098.007 - Additional Local or Domain Groups
- T1183 - Image File Execution Options Injection
- T1175 - Component Object Model and Distributed COM
- T1199 - Trusted Relationship
- T1030 - Data Transfer Size Limits
- T1132.002 - Non-Standard Encoding
MITREへのリンク →
Score: 27.37
Matched TTPs:
- T1566.002 - Spearphishing Link
- T1115 - Clipboard Data
- T1098.007 - Additional Local or Domain Groups
- T1555.003 - Credentials from Web Browsers
- T1557.003 - DHCP Spoofing
- T1183 - Image File Execution Options Injection
- T1175 - Component Object Model and Distributed COM
- T1218.001 - Compiled HTML File
- T1059.012 - Hypervisor CLI
- T1578.001 - Create Snapshot
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 21.26
Matched TTPs:
- T1089 - Disabling Security Tools
- T1219.001 - IDE Tunneling
- T1199 - Trusted Relationship
- T1157 - Dylib Hijacking
- T1592.003 - Firmware
- T1059.003 - Windows Command Shell
- T1132.002 - Non-Standard Encoding
- T1209 - Time Providers
- T1578.001 - Create Snapshot
MITREへのリンク →
Score: 12.49
Matched TTPs:
- T1089 - Disabling Security Tools
- T1574.008 - Path Interception by Search Order Hijacking
- T1045 - Software Packing
- T1552.003 - Shell History
- T1199 - Trusted Relationship
- T1157 - Dylib Hijacking
MITREへのリンク →
Score: 11.30
Matched TTPs:
- T1089 - Disabling Security Tools
- T1009 - Binary Padding
- T1219.001 - IDE Tunneling
- T1597 - Search Closed Sources
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 6.79
Matched TTPs:
- T1089 - Disabling Security Tools
- T1059.012 - Hypervisor CLI
- T1008 - Fallback Channels
MITREへのリンク →
Score: 7.09
Matched TTPs:
- T1089 - Disabling Security Tools
- T1555.003 - Credentials from Web Browsers
- T1039 - Data from Network Shared Drive
- T1218.010 - Regsvr32
MITREへのリンク →
Score: 6.84
Matched TTPs:
- T1089 - Disabling Security Tools
- T1136.002 - Domain Account
- T1199 - Trusted Relationship
- T1597 - Search Closed Sources
MITREへのリンク →
Score: 17.00
Matched TTPs:
- T1089 - Disabling Security Tools
- T1558 - Steal or Forge Kerberos Tickets
- T1219.001 - IDE Tunneling
- T1199 - Trusted Relationship
- T1597 - Search Closed Sources
- T1218.010 - Regsvr32
- T1059.012 - Hypervisor CLI
- T1578.001 - Create Snapshot
- T1008 - Fallback Channels
MITREへのリンク →
Score: 9.67
Matched TTPs:
- T1089 - Disabling Security Tools
- T1091 - Replication Through Removable Media
- T1218.012 - Verclsid
- T1657 - Financial Theft
MITREへのリンク →
Score: 3.50
Matched TTPs:
- T1089 - Disabling Security Tools
- T1209 - Time Providers
MITREへのリンク →
Score: 11.24
Matched TTPs:
- T1089 - Disabling Security Tools
- T1555.003 - Credentials from Web Browsers
- T1136.002 - Domain Account
- T1199 - Trusted Relationship
- T1203 - Exploitation for Client Execution
- T1209 - Time Providers
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1574.014 - AppDomainManager
MITREへのリンク →
Score: 7.05
Matched TTPs:
- T1024 - Custom Cryptographic Protocol
- T1098.007 - Additional Local or Domain Groups
- T1608.005 - Link Target
- T1199 - Trusted Relationship
MITREへのリンク →
Score: 42.84
Matched TTPs:
- T1091 - Replication Through Removable Media
- T1098.007 - Additional Local or Domain Groups
- T1045 - Software Packing
- T1175 - Component Object Model and Distributed COM
- T1219.001 - IDE Tunneling
- T1218.012 - Verclsid
- T1608.005 - Link Target
- T1606.001 - Web Cookies
- T1554 - Compromise Host Software Binary
- T1055.014 - VDSO Hijacking
- T1199 - Trusted Relationship
- T1597 - Search Closed Sources
- T1061 - Graphical User Interface
- T1547.002 - Authentication Package
- T1203 - Exploitation for Client Execution
- T1059.013 - Container CLI/API
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 21.87
Matched TTPs:
- T1091 - Replication Through Removable Media
- T1009 - Binary Padding
- T1555.003 - Credentials from Web Browsers
- T1175 - Component Object Model and Distributed COM
- T1606.001 - Web Cookies
- T1597 - Search Closed Sources
- T1157 - Dylib Hijacking
- T1039 - Data from Network Shared Drive
- T1027 - Obfuscated Files or Information
- T1209 - Time Providers
MITREへのリンク →
Score: 12.62
Matched TTPs:
- T1137.005 - Outlook Rules
- T1552.003 - Shell History
- T1597 - Search Closed Sources
- T1157 - Dylib Hijacking
- T1027 - Obfuscated Files or Information
MITREへのリンク →
Score: 21.91
Matched TTPs:
- T1098.007 - Additional Local or Domain Groups
- T1009 - Binary Padding
- T1555.003 - Credentials from Web Browsers
- T1219.001 - IDE Tunneling
- T1218.012 - Verclsid
- T1199 - Trusted Relationship
- T1597 - Search Closed Sources
- T1027 - Obfuscated Files or Information
- T1493 - Transmitted Data Manipulation
- T1059.012 - Hypervisor CLI
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 18.81
Matched TTPs:
- T1098.007 - Additional Local or Domain Groups
- T1558 - Steal or Forge Kerberos Tickets
- T1548 - Abuse Elevation Control Mechanism
- T1175 - Component Object Model and Distributed COM
- T1219.001 - IDE Tunneling
- T1218.001 - Compiled HTML File
- T1059.012 - Hypervisor CLI
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 8.71
Matched TTPs:
- T1558 - Steal or Forge Kerberos Tickets
- T1039 - Data from Network Shared Drive
- T1203 - Exploitation for Client Execution
- T1059.012 - Hypervisor CLI
MITREへのリンク →
Score: 8.97
Matched TTPs:
- T1055.003 - Thread Execution Hijacking
- T1045 - Software Packing
- T1039 - Data from Network Shared Drive
MITREへのリンク →
Score: 29.07
Matched TTPs:
- T1218.003 - CMSTP
- T1009 - Binary Padding
- T1555.003 - Credentials from Web Browsers
- T1183 - Image File Execution Options Injection
- T1219.001 - IDE Tunneling
- T1552.003 - Shell History
- T1608.005 - Link Target
- T1199 - Trusted Relationship
- T1597 - Search Closed Sources
- T1157 - Dylib Hijacking
- T1027 - Obfuscated Files or Information
- T1598 - Phishing for Information
- T1209 - Time Providers
MITREへのリンク →
Score: 7.01
Matched TTPs:
- T1009 - Binary Padding
- T1199 - Trusted Relationship
- T1157 - Dylib Hijacking
- T1547.002 - Authentication Package
MITREへのリンク →
Score: 12.81
Matched TTPs:
- T1009 - Binary Padding
- T1597 - Search Closed Sources
- T1059.013 - Container CLI/API
- T1209 - Time Providers
- T1008 - Fallback Channels
MITREへのリンク →
Score: 8.83
Matched TTPs:
- T1009 - Binary Padding
- T1219.001 - IDE Tunneling
- T1203 - Exploitation for Client Execution
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 5.05
Matched TTPs:
- T1555.003 - Credentials from Web Browsers
- T1177 - LSASS Driver
MITREへのリンク →
Score: 5.90
Matched TTPs:
- T1555.003 - Credentials from Web Browsers
- T1002 - Data Compressed
MITREへのリンク →
Score: 3.19
Matched TTPs:
- T1045 - Software Packing
- T1199 - Trusted Relationship
MITREへのリンク →
Score: 5.41
Matched TTPs:
- T1045 - Software Packing
- T1219.001 - IDE Tunneling
- T1059.012 - Hypervisor CLI
MITREへのリンク →
Score: 9.02
Matched TTPs:
- T1045 - Software Packing
- T1608.005 - Link Target
- T1199 - Trusted Relationship
- T1157 - Dylib Hijacking
- T1547.002 - Authentication Package
MITREへのリンク →
Score: 3.91
Matched TTPs:
- T1219.001 - IDE Tunneling
- T1199 - Trusted Relationship
- T1209 - Time Providers
MITREへのリンク →
Score: 5.68
Matched TTPs:
- T1219.001 - IDE Tunneling
- T1199 - Trusted Relationship
- T1059.012 - Hypervisor CLI
- T1209 - Time Providers
MITREへのリンク →
Score: 13.99
Matched TTPs:
- T1552.003 - Shell History
- T1199 - Trusted Relationship
- T1562.013 - Disable or Modify Network Device Firewall
- T1597 - Search Closed Sources
- T1157 - Dylib Hijacking
- T1027 - Obfuscated Files or Information
- T1209 - Time Providers
MITREへのリンク →
Score: 5.81
Matched TTPs:
- T1552.003 - Shell History
- T1562.013 - Disable or Modify Network Device Firewall
MITREへのリンク →
Score: 4.86
Matched TTPs:
- T1552.003 - Shell History
- T1027 - Obfuscated Files or Information
MITREへのリンク →
Score: 6.14
Matched TTPs:
- T1552.003 - Shell History
- T1041 - Exfiltration Over C2 Channel
MITREへのリンク →
Score: 5.45
Matched TTPs:
- T1608.005 - Link Target
- T1656 - Impersonation
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1562.013 - Disable or Modify Network Device Firewall
MITREへのリンク →
Score: 3.19
Matched TTPs:
- T1157 - Dylib Hijacking
- T1209 - Time Providers
MITREへのリンク →
Score: 5.66
Matched TTPs:
- T1547.002 - Authentication Package
- T1218.010 - Regsvr32
- T1059.012 - Hypervisor CLI
MITREへのリンク →
Score: 3.89
Matched TTPs:
- T1547.002 - Authentication Package
- T1218.010 - Regsvr32
MITREへのリンク →
Score: 4.09
Matched TTPs:
- T1218.010 - Regsvr32
- T1578.001 - Create Snapshot
MITREへのリンク →
このPulseに関連する脅威アクター (推論ベース)
Score: 0.70
Matched TTPs:
- T1555.003 - Credentials from Web Browsers
- T1656 - Impersonation
- T1690 - Prevent Command History Logging
- T1683.001 - Written Content
- T1098.007 - Additional Local or Domain Groups
- T1037 - Boot or Logon Initialization Scripts
- T1547.002 - Authentication Package
- T1030 - Data Transfer Size Limits
- T1197 - BITS Jobs
- T1114 - Email Collection
- T1003.003 - NTDS
- T1008 - Fallback Channels
- T1562.013 - Disable or Modify Network Device Firewall
- T1041 - Exfiltration Over C2 Channel
- T1009 - Binary Padding
- T1152 - Launchctl
- T1597 - Search Closed Sources
- T1543.003 - Windows Service
- T1055.014 - VDSO Hijacking
- T1057 - Process Discovery
- T1091 - Replication Through Removable Media
- T1218.012 - Verclsid
- T1566.002 - Spearphishing Link
- T1024 - Custom Cryptographic Protocol
- T1606.002 - SAML Tokens
- T1608.005 - Link Target
- T1102.003 - One-Way Communication
- T1027.018 - Invisible Unicode
- T1219.001 - IDE Tunneling
- T1132.002 - Non-Standard Encoding
- T1033 - System Owner/User Discovery
- T1552.003 - Shell History
- T1183 - Image File Execution Options Injection
- T1199 - Trusted Relationship
- T1557.003 - DHCP Spoofing
MITREへのリンク →
Score: 0.58
Matched TTPs:
- T1555.003 - Credentials from Web Browsers
- T1045 - Software Packing
- T1098.007 - Additional Local or Domain Groups
- T1547.002 - Authentication Package
- T1005 - Data from Local System
- T1063 - Security Software Discovery
- T1111 - Multi-Factor Authentication Interception
- T1218.010 - Regsvr32
- T1564.008 - Email Hiding Rules
- T1114 - Email Collection
- T1027 - Obfuscated Files or Information
- T1187 - Forced Authentication
- T1543.003 - Windows Service
- T1075 - Pass the Hash
- T1546.016 - Installer Packages
- T1558 - Steal or Forge Kerberos Tickets
- T1157 - Dylib Hijacking
- T1091 - Replication Through Removable Media
- T1566.002 - Spearphishing Link
- T1606.002 - SAML Tokens
- T1102.003 - One-Way Communication
- T1027.018 - Invisible Unicode
- T1219.001 - IDE Tunneling
- T1033 - System Owner/User Discovery
- T1049 - System Network Connections Discovery
- T1193 - Spearphishing Attachment
- T1183 - Image File Execution Options Injection
- T1199 - Trusted Relationship
- T1557.003 - DHCP Spoofing
- T1484.002 - Trust Modification
MITREへのリンク →
Related CVEs
このPulseに見つかったCVEはありません。
Pulse – 脅威アクター グラフ
← Pulse一覧に戻る
Trusted Design