New A0Backdoor Linked to Teams Impersonation and Quick Assist Social Engineering
概要
A new backdoor, dubbed A0Backdoor, has been discovered in connection with a campaign using email bombing and IT-support impersonation over Microsoft Teams to gain Quick Assist access. The malware's loader exhibits anti-sandbox evasion techniques, and the campaign's command-and-control has shifted to a covert DNS mail exchange-based channel. This activity is attributed to the threat group Blitz Brigantine, also known as Storm-1811 or STAC5777, and shows similarities to Black Basta-linked social-engineering tactics. The attackers use digitally signed MSI packages, often hosted on Microsoft cloud storage, to deliver their proprietary tooling. The A0Backdoor employs sophisticated techniques such as time-based execution windows, runtime decryption, and DNS tunneling for covert communication. The campaign has been active since August 2025, targeting primarily the finance and health sectors.
Created: 2026-03-09
Indicators
類似Pulses
類似するPulseは見つかりませんでした。
このPulseに関連する脅威アクター (事実ベース)
Score: 37.51
Matched TTPs:
- T1560.001 - Archive via Utility
- T1583.005 - Botnet
- T1190 - Exploit Public-Facing Application
- T1589.002 - Email Addresses
- T1593.003 - Code Repositories
- T1592.004 - Client Configurations
- T1583.003 - Virtual Private Server
- T1083 - File and Directory Discovery
- T1584.005 - Botnet
- T1583.006 - Web Services
- T1057 - Process Discovery
- T1199 - Trusted Relationship
- T1068 - Exploitation for Privilege Escalation
- T1018 - Remote System Discovery
- T1003.003 - NTDS
MITREへのリンク →
Score: 38.13
Matched TTPs:
- T1560.001 - Archive via Utility
- T1047 - Windows Management Instrumentation
- T1003.002 - Security Account Manager
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1140 - Deobfuscate/Decode Files or Information
- T1190 - Exploit Public-Facing Application
- T1036 - Masquerading
- T1090.002 - External Proxy
- T1083 - File and Directory Discovery
- T1210 - Exploitation of Remote Services
- T1199 - Trusted Relationship
- T1588.002 - Tool
- T1039 - Data from Network Shared Drive
- T1078 - Valid Accounts
- T1036.003 - Rename Legitimate Utilities
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
- T1003.003 - NTDS
MITREへのリンク →
Score: 44.49
Matched TTPs:
- T1560.001 - Archive via Utility
- T1047 - Windows Management Instrumentation
- T1003.002 - Security Account Manager
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1518.002 - Backup Software Discovery
- T1112 - Modify Registry
- T1547.004 - Winlogon Helper DLL
- T1210 - Exploitation of Remote Services
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1570 - Lateral Tool Transfer
- T1518.001 - Security Software Discovery
- T1555.004 - Windows Credential Manager
- T1018 - Remote System Discovery
- T1550.002 - Pass the Hash
- T1003.003 - NTDS
- T1569.002 - Service Execution
- T1490 - Inhibit System Recovery
MITREへのリンク →
Score: 12.15
Matched TTPs:
- T1560.001 - Archive via Utility
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1040 - Network Sniffing
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1068 - Exploitation for Privilege Escalation
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 34.88
Matched TTPs:
- T1560.001 - Archive via Utility
- T1190 - Exploit Public-Facing Application
- T1546.008 - Accessibility Features
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1102 - Web Service
- T1210 - Exploitation of Remote Services
- T1039 - Data from Network Shared Drive
- T1078 - Valid Accounts
- T1012 - Query Registry
- T1585 - Establish Accounts
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
- T1003.003 - NTDS
- T1213.005 - Messaging Applications
MITREへのリンク →
Score: 4.78
Matched TTPs:
- T1560.001 - Archive via Utility
- T1090 - Proxy
- T1588.002 - Tool
MITREへのリンク →
Score: 101.29
Matched TTPs:
- T1560.001 - Archive via Utility
- T1047 - Windows Management Instrumentation
- T1584.008 - Network Devices
- T1069 - Permission Groups Discovery
- T1497.001 - System Checks
- T1007 - System Service Discovery
- T1584.003 - Virtual Private Server
- T1140 - Deobfuscate/Decode Files or Information
- T1190 - Exploit Public-Facing Application
- T1218 - System Binary Proxy Execution
- T1010 - Application Window Discovery
- T1589 - Gather Victim Identity Information
- T1112 - Modify Registry
- T1589.002 - Email Addresses
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1584.005 - Botnet
- T1654 - Log Enumeration
- T1057 - Process Discovery
- T1591 - Gather Victim Org Information
- T1593 - Search Open Websites/Domains
- T1588.002 - Tool
- T1090.003 - Multi-hop Proxy
- T1078 - Valid Accounts
- T1068 - Exploitation for Privilege Escalation
- T1587.004 - Exploits
- T1570 - Lateral Tool Transfer
- T1012 - Query Registry
- T1614 - System Location Discovery
- T1591.004 - Identify Roles
- T1584.004 - Server
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
- T1518 - Software Discovery
- T1596.005 - Scan Databases
- T1003.003 - NTDS
- T1124 - System Time Discovery
- T1090.001 - Internal Proxy
MITREへのリンク →
Score: 15.85
Matched TTPs:
- T1560.001 - Archive via Utility
- T1114.001 - Local Email Collection
- T1566.001 - Spearphishing Attachment
- T1007 - System Service Discovery
- T1588.001 - Malware
- T1057 - Process Discovery
- T1588.002 - Tool
- T1550.002 - Pass the Hash
MITREへのリンク →
Score: 85.64
Matched TTPs:
- T1560.001 - Archive via Utility
- T1047 - Windows Management Instrumentation
- T1557 - Adversary-in-the-Middle
- T1587.001 - Malware
- T1204.002 - Malicious File
- T1598.003 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1176.002 - IDE Extensions
- T1027.016 - Junk Code Insertion
- T1219.001 - IDE Tunneling
- T1070 - Indicator Removal
- T1083 - File and Directory Discovery
- T1102 - Web Service
- T1218.005 - Mshta
- T1608 - Stage Capabilities
- T1654 - Log Enumeration
- T1027.012 - LNK Icon Smuggling
- T1583.006 - Web Services
- T1057 - Process Discovery
- T1593 - Search Open Websites/Domains
- T1678 - Delay Execution
- T1588.002 - Tool
- T1027 - Obfuscated Files or Information
- T1203 - Exploitation for Client Execution
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
- T1518 - Software Discovery
- T1622 - Debugger Evasion
- T1027.007 - Dynamic API Resolution
- T1003.003 - NTDS
MITREへのリンク →
Score: 22.14
Matched TTPs:
- T1560.001 - Archive via Utility
- T1587.001 - Malware
- T1190 - Exploit Public-Facing Application
- T1083 - File and Directory Discovery
- T1657 - Financial Theft
- T1057 - Process Discovery
- T1048 - Exfiltration Over Alternative Protocol
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1518.001 - Security Software Discovery
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 48.26
Matched TTPs:
- T1560.001 - Archive via Utility
- T1047 - Windows Management Instrumentation
- T1114.001 - Local Email Collection
- T1574.001 - DLL
- T1007 - System Service Discovery
- T1083 - File and Directory Discovery
- T1057 - Process Discovery
- T1588.002 - Tool
- T1039 - Data from Network Shared Drive
- T1078 - Valid Accounts
- T1589.001 - Credentials
- T1570 - Lateral Tool Transfer
- T1012 - Query Registry
- T1556.001 - Domain Controller Authentication
- T1111 - Multi-Factor Authentication Interception
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
- T1550.002 - Pass the Hash
- T1003.003 - NTDS
- T1569.002 - Service Execution
- T1124 - System Time Discovery
MITREへのリンク →
Score: 8.29
Matched TTPs:
- T1560.001 - Archive via Utility
- T1559.002 - Dynamic Data Exchange
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1027 - Obfuscated Files or Information
MITREへのリンク →
Score: 37.15
Matched TTPs:
- T1560.001 - Archive via Utility
- T1557 - Adversary-in-the-Middle
- T1583 - Acquire Infrastructure
- T1583.002 - DNS Server
- T1114.001 - Local Email Collection
- T1190 - Exploit Public-Facing Application
- T1583.003 - Virtual Private Server
- T1199 - Trusted Relationship
- T1588.002 - Tool
- T1566 - Phishing
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
- T1584.002 - DNS Server
- T1027.004 - Compile After Delivery
MITREへのリンク →
Score: 30.42
Matched TTPs:
- T1560.001 - Archive via Utility
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1059.010 - AutoHotKey & AutoIT
- T1140 - Deobfuscate/Decode Files or Information
- T1190 - Exploit Public-Facing Application
- T1090.002 - External Proxy
- T1083 - File and Directory Discovery
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1102.002 - Bidirectional Communication
- T1012 - Query Registry
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
- T1569.002 - Service Execution
- T1090.001 - Internal Proxy
MITREへのリンク →
Score: 30.27
Matched TTPs:
- T1560.001 - Archive via Utility
- T1114.001 - Local Email Collection
- T1587.001 - Malware
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1083 - File and Directory Discovery
- T1102 - Web Service
- T1199 - Trusted Relationship
- T1056.002 - GUI Input Capture
- T1039 - Data from Network Shared Drive
- T1027 - Obfuscated Files or Information
- T1537 - Transfer Data to Cloud Account
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 23.51
Matched TTPs:
- T1560.001 - Archive via Utility
- T1003.002 - Security Account Manager
- T1583.005 - Botnet
- T1190 - Exploit Public-Facing Application
- T1070 - Indicator Removal
- T1083 - File and Directory Discovery
- T1654 - Log Enumeration
- T1057 - Process Discovery
- T1554 - Compromise Host Software Binary
MITREへのリンク →
Score: 19.78
Matched TTPs:
- T1560.001 - Archive via Utility
- T1583 - Acquire Infrastructure
- T1003.002 - Security Account Manager
- T1140 - Deobfuscate/Decode Files or Information
- T1190 - Exploit Public-Facing Application
- T1036 - Masquerading
- T1562.001 - Disable or Modify Tools
- T1570 - Lateral Tool Transfer
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 26.05
Matched TTPs:
- T1560.001 - Archive via Utility
- T1047 - Windows Management Instrumentation
- T1003.002 - Security Account Manager
- T1574.001 - DLL
- T1190 - Exploit Public-Facing Application
- T1090.002 - External Proxy
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1027 - Obfuscated Files or Information
- T1036.003 - Rename Legitimate Utilities
- T1570 - Lateral Tool Transfer
- T1018 - Remote System Discovery
- T1550.002 - Pass the Hash
MITREへのリンク →
Score: 81.34
Matched TTPs:
- T1560.001 - Archive via Utility
- T1047 - Windows Management Instrumentation
- T1568.002 - Domain Generation Algorithms
- T1069 - Permission Groups Discovery
- T1003.002 - Security Account Manager
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1190 - Exploit Public-Facing Application
- T1595.002 - Vulnerability Scanning
- T1112 - Modify Registry
- T1546.008 - Accessibility Features
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1071.002 - File Transfer Protocols
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1027 - Obfuscated Files or Information
- T1486 - Data Encrypted for Impact
- T1195.002 - Compromise Software Supply Chain
- T1203 - Exploitation for Client Execution
- T1595.003 - Wordlist Scanning
- T1570 - Lateral Tool Transfer
- T1012 - Query Registry
- T1656 - Impersonation
- T1213.003 - Code Repositories
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
- T1550.002 - Pass the Hash
- T1596.005 - Scan Databases
- T1003.003 - NTDS
- T1569.002 - Service Execution
- T1480.001 - Environmental Keying
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 53.39
Matched TTPs:
- T1560.001 - Archive via Utility
- T1047 - Windows Management Instrumentation
- T1559.002 - Dynamic Data Exchange
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1559.001 - Component Object Model
- T1574.001 - DLL
- T1140 - Deobfuscate/Decode Files or Information
- T1190 - Exploit Public-Facing Application
- T1219 - Remote Access Tools
- T1218.003 - CMSTP
- T1090.002 - External Proxy
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1583.006 - Web Services
- T1057 - Process Discovery
- T1210 - Exploitation of Remote Services
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
- T1027.003 - Steganography
- T1027.004 - Compile After Delivery
- T1518.001 - Security Software Discovery
- T1518 - Software Discovery
MITREへのリンク →
Score: 79.35
Matched TTPs:
- T1560.001 - Archive via Utility
- T1584.008 - Network Devices
- T1559.002 - Dynamic Data Exchange
- T1204.002 - Malicious File
- T1598.003 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1040 - Network Sniffing
- T1140 - Deobfuscate/Decode Files or Information
- T1190 - Exploit Public-Facing Application
- T1036 - Masquerading
- T1557.004 - Evil Twin
- T1595.002 - Vulnerability Scanning
- T1090.002 - External Proxy
- T1583.003 - Virtual Private Server
- T1083 - File and Directory Discovery
- T1583.006 - Web Services
- T1057 - Process Discovery
- T1591 - Gather Victim Org Information
- T1210 - Exploitation of Remote Services
- T1199 - Trusted Relationship
- T1588.002 - Tool
- T1090.003 - Multi-hop Proxy
- T1039 - Data from Network Shared Drive
- T1078 - Valid Accounts
- T1068 - Exploitation for Privilege Escalation
- T1589.001 - Credentials
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
- T1189 - Drive-by Compromise
- T1498 - Network Denial of Service
- T1550.002 - Pass the Hash
- T1003.003 - NTDS
- T1211 - Exploitation for Defense Evasion
MITREへのリンク →
Score: 66.69
Matched TTPs:
- T1560.001 - Archive via Utility
- T1564.012 - File/Path Exclusions
- T1587.001 - Malware
- T1007 - System Service Discovery
- T1584.003 - Virtual Private Server
- T1140 - Deobfuscate/Decode Files or Information
- T1112 - Modify Registry
- T1547.004 - Winlogon Helper DLL
- T1090 - Proxy
- T1588.001 - Malware
- T1083 - File and Directory Discovery
- T1102 - Web Service
- T1583.006 - Web Services
- T1057 - Process Discovery
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1584.006 - Web Services
- T1068 - Exploitation for Privilege Escalation
- T1102.002 - Bidirectional Communication
- T1570 - Lateral Tool Transfer
- T1012 - Query Registry
- T1518.001 - Security Software Discovery
- T1555.004 - Windows Credential Manager
- T1189 - Drive-by Compromise
- T1584.004 - Server
- T1018 - Remote System Discovery
- T1124 - System Time Discovery
- T1090.001 - Internal Proxy
MITREへのリンク →
Score: 5.93
Matched TTPs:
- T1560.001 - Archive via Utility
- T1083 - File and Directory Discovery
- T1039 - Data from Network Shared Drive
MITREへのリンク →
Score: 38.55
Matched TTPs:
- T1560.001 - Archive via Utility
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1007 - System Service Discovery
- T1140 - Deobfuscate/Decode Files or Information
- T1036 - Masquerading
- T1550.003 - Pass the Ticket
- T1083 - File and Directory Discovery
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1039 - Data from Network Shared Drive
- T1203 - Exploitation for Client Execution
- T1027.003 - Steganography
- T1189 - Drive-by Compromise
- T1018 - Remote System Discovery
- T1518 - Software Discovery
- T1124 - System Time Discovery
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 44.09
Matched TTPs:
- T1560.001 - Archive via Utility
- T1587.001 - Malware
- T1040 - Network Sniffing
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1681 - Search Threat Vendor Data
- T1588.001 - Malware
- T1083 - File and Directory Discovery
- T1057 - Process Discovery
- T1554 - Compromise Host Software Binary
- T1212 - Exploitation for Credential Access
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1068 - Exploitation for Privilege Escalation
- T1587.004 - Exploits
- T1203 - Exploitation for Client Execution
- T1570 - Lateral Tool Transfer
- T1124 - System Time Discovery
MITREへのリンク →
Score: 100.50
Matched TTPs:
- T1560.001 - Archive via Utility
- T1557 - Adversary-in-the-Middle
- T1583 - Acquire Infrastructure
- T1587.001 - Malware
- T1204.002 - Malicious File
- T1598.003 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1007 - System Service Discovery
- T1040 - Network Sniffing
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1112 - Modify Registry
- T1027.016 - Junk Code Insertion
- T1589.002 - Email Addresses
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1657 - Financial Theft
- T1027.012 - LNK Icon Smuggling
- T1583.006 - Web Services
- T1057 - Process Discovery
- T1591 - Gather Victim Org Information
- T1071.002 - File Transfer Protocols
- T1534 - Internal Spearphishing
- T1593 - Search Open Websites/Domains
- T1588.002 - Tool
- T1566 - Phishing
- T1562.001 - Disable or Modify Tools
- T1027 - Obfuscated Files or Information
- T1218.010 - Regsvr32
- T1102.002 - Bidirectional Communication
- T1012 - Query Registry
- T1656 - Impersonation
- T1518.001 - Security Software Discovery
- T1585 - Establish Accounts
- T1111 - Multi-Factor Authentication Interception
- T1550.002 - Pass the Hash
- T1588.005 - Exploits
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 24.41
Matched TTPs:
- T1560.001 - Archive via Utility
- T1069 - Permission Groups Discovery
- T1574.001 - DLL
- T1090.002 - External Proxy
- T1546.008 - Accessibility Features
- T1083 - File and Directory Discovery
- T1057 - Process Discovery
- T1027 - Obfuscated Files or Information
- T1203 - Exploitation for Client Execution
- T1036.010 - Masquerade Account Name
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 23.84
Matched TTPs:
- T1560.001 - Archive via Utility
- T1047 - Windows Management Instrumentation
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1112 - Modify Registry
- T1055.004 - Asynchronous Procedure Call
- T1102 - Web Service
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1068 - Exploitation for Privilege Escalation
- T1486 - Data Encrypted for Impact
- T1518.001 - Security Software Discovery
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 32.97
Matched TTPs:
- T1560.001 - Archive via Utility
- T1003.002 - Security Account Manager
- T1587.001 - Malware
- T1583.005 - Botnet
- T1007 - System Service Discovery
- T1140 - Deobfuscate/Decode Files or Information
- T1190 - Exploit Public-Facing Application
- T1083 - File and Directory Discovery
- T1057 - Process Discovery
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1027 - Obfuscated Files or Information
- T1614.001 - System Language Discovery
- T1018 - Remote System Discovery
- T1003.003 - NTDS
- T1569.002 - Service Execution
MITREへのリンク →
Score: 22.18
Matched TTPs:
- T1560.001 - Archive via Utility
- T1047 - Windows Management Instrumentation
- T1112 - Modify Registry
- T1083 - File and Directory Discovery
- T1588.002 - Tool
- T1090.003 - Multi-hop Proxy
- T1012 - Query Registry
- T1134 - Access Token Manipulation
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
- T1090.001 - Internal Proxy
MITREへのリンク →
Score: 44.12
Matched TTPs:
- T1560.001 - Archive via Utility
- T1047 - Windows Management Instrumentation
- T1069 - Permission Groups Discovery
- T1003.002 - Security Account Manager
- T1587.001 - Malware
- T1574.001 - DLL
- T1140 - Deobfuscate/Decode Files or Information
- T1190 - Exploit Public-Facing Application
- T1036 - Masquerading
- T1589 - Gather Victim Identity Information
- T1083 - File and Directory Discovery
- T1657 - Financial Theft
- T1134.003 - Make and Impersonate Token
- T1588.002 - Tool
- T1046 - Network Service Discovery
- T1550.002 - Pass the Hash
- T1003.003 - NTDS
- T1556 - Modify Authentication Process
- T1090.001 - Internal Proxy
MITREへのリンク →
Score: 46.96
Matched TTPs:
- T1560.001 - Archive via Utility
- T1047 - Windows Management Instrumentation
- T1204.002 - Malicious File
- T1574.001 - DLL
- T1007 - System Service Discovery
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1595.002 - Vulnerability Scanning
- T1112 - Modify Registry
- T1090 - Proxy
- T1588.001 - Malware
- T1218.005 - Mshta
- T1583.006 - Web Services
- T1057 - Process Discovery
- T1210 - Exploitation of Remote Services
- T1588.002 - Tool
- T1584.006 - Web Services
- T1027 - Obfuscated Files or Information
- T1027.003 - Steganography
- T1189 - Drive-by Compromise
- T1584.004 - Server
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 70.94
Matched TTPs:
- T1560.001 - Archive via Utility
- T1047 - Windows Management Instrumentation
- T1114.001 - Local Email Collection
- T1204.002 - Malicious File
- T1598.003 - Spearphishing Link
- T1562 - Impair Defenses
- T1190 - Exploit Public-Facing Application
- T1589 - Gather Victim Identity Information
- T1562.004 - Disable or Modify System Firewall
- T1595.002 - Vulnerability Scanning
- T1112 - Modify Registry
- T1589.002 - Email Addresses
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1583.006 - Web Services
- T1057 - Process Discovery
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1486 - Data Encrypted for Impact
- T1573 - Encrypted Channel
- T1592.002 - Software
- T1589.001 - Credentials
- T1102.002 - Bidirectional Communication
- T1570 - Lateral Tool Transfer
- T1036.010 - Masquerade Account Name
- T1189 - Drive-by Compromise
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
- T1591.001 - Determine Physical Locations
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 25.00
Matched TTPs:
- T1560.001 - Archive via Utility
- T1047 - Windows Management Instrumentation
- T1574.001 - DLL
- T1007 - System Service Discovery
- T1595.002 - Vulnerability Scanning
- T1112 - Modify Registry
- T1588.001 - Malware
- T1654 - Log Enumeration
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1518.001 - Security Software Discovery
- T1550.002 - Pass the Hash
MITREへのリンク →
Score: 29.66
Matched TTPs:
- T1560.001 - Archive via Utility
- T1047 - Windows Management Instrumentation
- T1190 - Exploit Public-Facing Application
- T1219 - Remote Access Tools
- T1657 - Financial Theft
- T1588.002 - Tool
- T1566 - Phishing
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1570 - Lateral Tool Transfer
- T1537 - Transfer Data to Cloud Account
- T1046 - Network Service Discovery
- T1569.002 - Service Execution
MITREへのリンク →
Score: 22.48
Matched TTPs:
- T1560.001 - Archive via Utility
- T1558 - Steal or Forge Kerberos Tickets
- T1219 - Remote Access Tools
- T1657 - Financial Theft
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1531 - Account Access Removal
- T1486 - Data Encrypted for Impact
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 15.73
Matched TTPs:
- T1560.001 - Archive via Utility
- T1047 - Windows Management Instrumentation
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1083 - File and Directory Discovery
- T1057 - Process Discovery
- T1518.001 - Security Software Discovery
- T1018 - Remote System Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 13.45
Matched TTPs:
- T1047 - Windows Management Instrumentation
- T1574.001 - DLL
- T1140 - Deobfuscate/Decode Files or Information
- T1190 - Exploit Public-Facing Application
- T1090 - Proxy
- T1657 - Financial Theft
- T1588.002 - Tool
- T1078 - Valid Accounts
MITREへのリンク →
Score: 54.27
Matched TTPs:
- T1047 - Windows Management Instrumentation
- T1559.001 - Component Object Model
- T1190 - Exploit Public-Facing Application
- T1219 - Remote Access Tools
- T1608.002 - Upload Tool
- T1562.004 - Disable or Modify System Firewall
- T1112 - Modify Registry
- T1083 - File and Directory Discovery
- T1657 - Financial Theft
- T1583.006 - Web Services
- T1057 - Process Discovery
- T1588.002 - Tool
- T1090.003 - Multi-hop Proxy
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1570 - Lateral Tool Transfer
- T1518.001 - Security Software Discovery
- T1650 - Acquire Access
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
- T1003.003 - NTDS
- T1569.002 - Service Execution
- T1490 - Inhibit System Recovery
MITREへのリンク →
Score: 81.83
Matched TTPs:
- T1047 - Windows Management Instrumentation
- T1204.002 - Malicious File
- T1497.001 - System Checks
- T1566.001 - Spearphishing Attachment
- T1559.001 - Component Object Model
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1112 - Modify Registry
- T1027.016 - Junk Code Insertion
- T1090 - Proxy
- T1583.003 - Virtual Private Server
- T1083 - File and Directory Discovery
- T1568 - Dynamic Resolution
- T1102 - Web Service
- T1218.005 - Mshta
- T1480 - Execution Guardrails
- T1027.012 - LNK Icon Smuggling
- T1583.006 - Web Services
- T1491.001 - Internal Defacement
- T1057 - Process Discovery
- T1102.003 - One-Way Communication
- T1534 - Internal Spearphishing
- T1588.002 - Tool
- T1090.003 - Multi-hop Proxy
- T1562.001 - Disable or Modify Tools
- T1001 - Data Obfuscation
- T1039 - Data from Network Shared Drive
- T1027 - Obfuscated Files or Information
- T1102.002 - Bidirectional Communication
- T1012 - Query Registry
- T1027.004 - Compile After Delivery
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 62.49
Matched TTPs:
- T1047 - Windows Management Instrumentation
- T1204.002 - Malicious File
- T1598.003 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1608.004 - Drive-by Target
- T1608.001 - Upload Malware
- T1036 - Masquerading
- T1589 - Gather Victim Identity Information
- T1112 - Modify Registry
- T1027.016 - Junk Code Insertion
- T1589.002 - Email Addresses
- T1550.003 - Pass the Ticket
- T1083 - File and Directory Discovery
- T1102 - Web Service
- T1218.005 - Mshta
- T1583.006 - Web Services
- T1588.002 - Tool
- T1068 - Exploitation for Privilege Escalation
- T1218.010 - Regsvr32
- T1036.003 - Rename Legitimate Utilities
- T1203 - Exploitation for Client Execution
- T1570 - Lateral Tool Transfer
- T1012 - Query Registry
- T1189 - Drive-by Compromise
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
- T1550.002 - Pass the Hash
- T1569.002 - Service Execution
MITREへのリンク →
Score: 46.28
Matched TTPs:
- T1047 - Windows Management Instrumentation
- T1584.008 - Network Devices
- T1559.002 - Dynamic Data Exchange
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1140 - Deobfuscate/Decode Files or Information
- T1190 - Exploit Public-Facing Application
- T1595.002 - Vulnerability Scanning
- T1102.003 - One-Way Communication
- T1534 - Internal Spearphishing
- T1090.003 - Multi-hop Proxy
- T1078 - Valid Accounts
- T1218.010 - Regsvr32
- T1587.004 - Exploits
- T1589.001 - Credentials
- T1203 - Exploitation for Client Execution
- T1027.003 - Steganography
- T1189 - Drive-by Compromise
- T1584.004 - Server
MITREへのリンク →
Score: 23.44
Matched TTPs:
- T1047 - Windows Management Instrumentation
- T1574.001 - DLL
- T1040 - Network Sniffing
- T1562.004 - Disable or Modify System Firewall
- T1083 - File and Directory Discovery
- T1562.001 - Disable or Modify Tools
- T1570 - Lateral Tool Transfer
- T1569.002 - Service Execution
- T1090.001 - Internal Proxy
- T1211 - Exploitation for Defense Evasion
MITREへのリンク →
Score: 67.43
Matched TTPs:
- T1047 - Windows Management Instrumentation
- T1587.001 - Malware
- T1559.002 - Dynamic Data Exchange
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1608.004 - Drive-by Target
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1219 - Remote Access Tools
- T1562.004 - Disable or Modify System Firewall
- T1674 - Input Injection
- T1027.016 - Junk Code Insertion
- T1218.005 - Mshta
- T1608.005 - Link Target
- T1583.006 - Web Services
- T1057 - Process Discovery
- T1497.002 - User Activity Based Checks
- T1591 - Gather Victim Org Information
- T1210 - Exploitation of Remote Services
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1195.002 - Compromise Software Supply Chain
- T1102.002 - Bidirectional Communication
- T1591.004 - Identify Roles
- T1569.002 - Service Execution
- T1124 - System Time Discovery
MITREへのリンク →
Score: 17.02
Matched TTPs:
- T1047 - Windows Management Instrumentation
- T1190 - Exploit Public-Facing Application
- T1112 - Modify Registry
- T1090 - Proxy
- T1588.002 - Tool
- T1218.010 - Regsvr32
- T1134 - Access Token Manipulation
- T1569.002 - Service Execution
MITREへのリンク →
Score: 10.15
Matched TTPs:
- T1047 - Windows Management Instrumentation
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1518.001 - Security Software Discovery
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 77.98
Matched TTPs:
- T1047 - Windows Management Instrumentation
- T1027.009 - Embedded Payloads
- T1587.001 - Malware
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1140 - Deobfuscate/Decode Files or Information
- T1218 - System Binary Proxy Execution
- T1010 - Application Window Discovery
- T1562.004 - Disable or Modify System Firewall
- T1090.002 - External Proxy
- T1589.002 - Email Addresses
- T1070 - Indicator Removal
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1583.006 - Web Services
- T1491.001 - Internal Defacement
- T1057 - Process Discovery
- T1591 - Gather Victim Org Information
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1036.003 - Rename Legitimate Utilities
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
- T1012 - Query Registry
- T1189 - Drive-by Compromise
- T1584.004 - Server
- T1046 - Network Service Discovery
- T1027.007 - Dynamic API Resolution
- T1124 - System Time Discovery
- T1566.003 - Spearphishing via Service
- T1090.001 - Internal Proxy
MITREへのリンク →
Score: 92.72
Matched TTPs:
- T1047 - Windows Management Instrumentation
- T1583 - Acquire Infrastructure
- T1491.002 - External Defacement
- T1587.001 - Malware
- T1204.002 - Malicious File
- T1598.003 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1040 - Network Sniffing
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1195 - Supply Chain Compromise
- T1190 - Exploit Public-Facing Application
- T1219 - Remote Access Tools
- T1036 - Masquerading
- T1595.002 - Vulnerability Scanning
- T1589.002 - Email Addresses
- T1591.002 - Business Relationships
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1584.005 - Botnet
- T1199 - Trusted Relationship
- T1593 - Search Open Websites/Domains
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1027 - Obfuscated Files or Information
- T1486 - Data Encrypted for Impact
- T1592.002 - Software
- T1195.002 - Compromise Software Supply Chain
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
- T1570 - Lateral Tool Transfer
- T1499 - Endpoint Denial of Service
- T1584.004 - Server
- T1018 - Remote System Discovery
- T1590.001 - Domain Properties
- T1003.003 - NTDS
- T1490 - Inhibit System Recovery
MITREへのリンク →
Score: 23.99
Matched TTPs:
- T1047 - Windows Management Instrumentation
- T1583 - Acquire Infrastructure
- T1587.001 - Malware
- T1204.002 - Malicious File
- T1007 - System Service Discovery
- T1112 - Modify Registry
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1486 - Data Encrypted for Impact
- T1012 - Query Registry
- T1584.004 - Server
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 19.82
Matched TTPs:
- T1047 - Windows Management Instrumentation
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1608.001 - Upload Malware
- T1588.001 - Malware
- T1568 - Dynamic Resolution
- T1218.005 - Mshta
- T1583.006 - Web Services
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 8.92
Matched TTPs:
- T1047 - Windows Management Instrumentation
- T1057 - Process Discovery
- T1012 - Query Registry
- T1555.004 - Windows Credential Manager
MITREへのリンク →
Score: 64.02
Matched TTPs:
- T1047 - Windows Management Instrumentation
- T1003.002 - Security Account Manager
- T1587.001 - Malware
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1586.003 - Cloud Accounts
- T1190 - Exploit Public-Facing Application
- T1595.002 - Vulnerability Scanning
- T1090.002 - External Proxy
- T1546.008 - Accessibility Features
- T1550.003 - Pass the Ticket
- T1568 - Dynamic Resolution
- T1649 - Steal or Forge Authentication Certificates
- T1218.005 - Mshta
- T1021.007 - Cloud Services
- T1583.006 - Web Services
- T1199 - Trusted Relationship
- T1588.002 - Tool
- T1090.003 - Multi-hop Proxy
- T1078 - Valid Accounts
- T1068 - Exploitation for Privilege Escalation
- T1573 - Encrypted Channel
- T1203 - Exploitation for Client Execution
- T1665 - Hide Infrastructure
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 49.66
Matched TTPs:
- T1047 - Windows Management Instrumentation
- T1587.001 - Malware
- T1204.002 - Malicious File
- T1497.001 - System Checks
- T1566.001 - Spearphishing Attachment
- T1007 - System Service Discovery
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1195 - Supply Chain Compromise
- T1219 - Remote Access Tools
- T1036 - Masquerading
- T1562.004 - Disable or Modify System Firewall
- T1112 - Modify Registry
- T1057 - Process Discovery
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1068 - Exploitation for Privilege Escalation
- T1203 - Exploitation for Client Execution
- T1137.004 - Outlook Home Page
- T1012 - Query Registry
- T1555.004 - Windows Credential Manager
- T1046 - Network Service Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 18.13
Matched TTPs:
- T1047 - Windows Management Instrumentation
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1036 - Masquerading
- T1057 - Process Discovery
- T1027 - Obfuscated Files or Information
- T1518.001 - Security Software Discovery
- T1189 - Drive-by Compromise
- T1518 - Software Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 26.31
Matched TTPs:
- T1047 - Windows Management Instrumentation
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1102 - Web Service
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1068 - Exploitation for Privilege Escalation
- T1134 - Access Token Manipulation
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
- T1003.003 - NTDS
- T1569.002 - Service Execution
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 10.63
Matched TTPs:
- T1047 - Windows Management Instrumentation
- T1546.008 - Accessibility Features
- T1057 - Process Discovery
- T1218.010 - Regsvr32
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 43.13
Matched TTPs:
- T1047 - Windows Management Instrumentation
- T1003.002 - Security Account Manager
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1608.004 - Drive-by Target
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1608.002 - Upload Tool
- T1112 - Modify Registry
- T1210 - Exploitation of Remote Services
- T1199 - Trusted Relationship
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1068 - Exploitation for Privilege Escalation
- T1195.002 - Compromise Software Supply Chain
- T1203 - Exploitation for Client Execution
- T1012 - Query Registry
- T1189 - Drive-by Compromise
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 27.55
Matched TTPs:
- T1047 - Windows Management Instrumentation
- T1608.001 - Upload Malware
- T1070.008 - Clear Mailbox Data
- T1112 - Modify Registry
- T1070 - Indicator Removal
- T1583.003 - Virtual Private Server
- T1102 - Web Service
- T1588.002 - Tool
- T1656 - Impersonation
- T1518.001 - Security Software Discovery
- T1111 - Multi-Factor Authentication Interception
MITREへのリンク →
Score: 60.42
Matched TTPs:
- T1047 - Windows Management Instrumentation
- T1583 - Acquire Infrastructure
- T1491.002 - External Defacement
- T1003.002 - Security Account Manager
- T1195 - Supply Chain Compromise
- T1190 - Exploit Public-Facing Application
- T1036 - Masquerading
- T1595.002 - Vulnerability Scanning
- T1112 - Modify Registry
- T1588.001 - Malware
- T1583.003 - Virtual Private Server
- T1654 - Log Enumeration
- T1210 - Exploitation of Remote Services
- T1090.003 - Multi-hop Proxy
- T1562.001 - Disable or Modify Tools
- T1203 - Exploitation for Client Execution
- T1570 - Lateral Tool Transfer
- T1585 - Establish Accounts
- T1595.001 - Scanning IP Blocks
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
- T1550.002 - Pass the Hash
- T1588.005 - Exploits
MITREへのリンク →
Score: 58.43
Matched TTPs:
- T1047 - Windows Management Instrumentation
- T1140 - Deobfuscate/Decode Files or Information
- T1562 - Impair Defenses
- T1608.001 - Upload Malware
- T1190 - Exploit Public-Facing Application
- T1219 - Remote Access Tools
- T1562.004 - Disable or Modify System Firewall
- T1112 - Modify Registry
- T1583.003 - Virtual Private Server
- T1480 - Execution Guardrails
- T1491.001 - Internal Defacement
- T1134.003 - Make and Impersonate Token
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1068 - Exploitation for Privilege Escalation
- T1486 - Data Encrypted for Impact
- T1570 - Lateral Tool Transfer
- T1614.001 - System Language Discovery
- T1012 - Query Registry
- T1518.001 - Security Software Discovery
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
- T1569.002 - Service Execution
- T1490 - Inhibit System Recovery
MITREへのリンク →
Score: 63.38
Matched TTPs:
- T1583 - Acquire Infrastructure
- T1588.007 - Artificial Intelligence
- T1587.001 - Malware
- T1204.002 - Malicious File
- T1608.001 - Upload Malware
- T1036 - Masquerading
- T1589 - Gather Victim Identity Information
- T1681 - Search Threat Vendor Data
- T1593.003 - Code Repositories
- T1090 - Proxy
- T1583.003 - Virtual Private Server
- T1083 - File and Directory Discovery
- T1497 - Virtualization/Sandbox Evasion
- T1657 - Financial Theft
- T1480 - Execution Guardrails
- T1583.006 - Web Services
- T1593 - Search Open Websites/Domains
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1656 - Impersonation
- T1585 - Establish Accounts
- T1204.004 - Malicious Copy and Paste
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 21.24
Matched TTPs:
- T1583 - Acquire Infrastructure
- T1204.002 - Malicious File
- T1598.003 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1608.001 - Upload Malware
- T1589 - Gather Victim Identity Information
- T1598.002 - Spearphishing Attachment
- T1593 - Search Open Websites/Domains
- T1588.002 - Tool
- T1078 - Valid Accounts
MITREへのリンク →
Score: 3.84
Matched TTPs:
- T1027.009 - Embedded Payloads
MITREへのリンク →
Score: 34.41
Matched TTPs:
- T1027.009 - Embedded Payloads
- T1587.001 - Malware
- T1204.002 - Malicious File
- T1598.003 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1589.002 - Email Addresses
- T1583.003 - Virtual Private Server
- T1591 - Gather Victim Org Information
- T1027 - Obfuscated Files or Information
- T1486 - Data Encrypted for Impact
- T1195.002 - Compromise Software Supply Chain
- T1569.002 - Service Execution
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 72.80
Matched TTPs:
- T1597.002 - Purchase Technical Data
- T1589 - Gather Victim Identity Information
- T1589.002 - Email Addresses
- T1598.004 - Spearphishing Voice
- T1591.002 - Business Relationships
- T1593.003 - Code Repositories
- T1090 - Proxy
- T1588.001 - Malware
- T1583.003 - Virtual Private Server
- T1552.008 - Chat Messages
- T1199 - Trusted Relationship
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1068 - Exploitation for Privilege Escalation
- T1531 - Account Access Removal
- T1589.001 - Credentials
- T1584.002 - DNS Server
- T1656 - Impersonation
- T1591.004 - Identify Roles
- T1213.003 - Code Repositories
- T1111 - Multi-Factor Authentication Interception
- T1003.003 - NTDS
- T1213.005 - Messaging Applications
MITREへのリンク →
Score: 68.61
Matched TTPs:
- T1564.008 - Email Hiding Rules
- T1069 - Permission Groups Discovery
- T1484.002 - Trust Modification
- T1598.003 - Spearphishing Link
- T1070.008 - Clear Mailbox Data
- T1589 - Gather Victim Identity Information
- T1598.004 - Spearphishing Voice
- T1090 - Proxy
- T1588.001 - Malware
- T1083 - File and Directory Discovery
- T1657 - Financial Theft
- T1021.007 - Cloud Services
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1078 - Valid Accounts
- T1068 - Exploitation for Privilege Escalation
- T1486 - Data Encrypted for Impact
- T1656 - Impersonation
- T1213.003 - Code Repositories
- T1018 - Remote System Discovery
- T1538 - Cloud Service Dashboard
- T1003.003 - NTDS
- T1490 - Inhibit System Recovery
- T1213.005 - Messaging Applications
MITREへのリンク →
Score: 14.10
Matched TTPs:
- T1564.008 - Email Hiding Rules
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1056.002 - GUI Input Capture
- T1090.003 - Multi-hop Proxy
- T1078 - Valid Accounts
MITREへのリンク →
Score: 18.63
Matched TTPs:
- T1568.002 - Domain Generation Algorithms
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1036 - Masquerading
- T1589.002 - Email Addresses
- T1218.005 - Mshta
- T1218.010 - Regsvr32
- T1027.003 - Steganography
MITREへのリンク →
Score: 31.33
Matched TTPs:
- T1584.008 - Network Devices
- T1598.003 - Spearphishing Link
- T1218.007 - Msiexec
- T1140 - Deobfuscate/Decode Files or Information
- T1036 - Masquerading
- T1583.006 - Web Services
- T1090.003 - Multi-hop Proxy
- T1068 - Exploitation for Privilege Escalation
- T1102.002 - Bidirectional Communication
- T1012 - Query Registry
- T1665 - Hide Infrastructure
- T1124 - System Time Discovery
MITREへのリンク →
Score: 23.80
Matched TTPs:
- T1069 - Permission Groups Discovery
- T1559.002 - Dynamic Data Exchange
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1218.007 - Msiexec
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1112 - Modify Registry
- T1588.001 - Malware
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1486 - Data Encrypted for Impact
MITREへのリンク →
Score: 17.37
Matched TTPs:
- T1003.002 - Security Account Manager
- T1574.001 - DLL
- T1195.002 - Compromise Software Supply Chain
- T1036.003 - Rename Legitimate Utilities
- T1012 - Query Registry
- T1189 - Drive-by Compromise
- T1584.004 - Server
MITREへのリンク →
Score: 60.80
Matched TTPs:
- T1003.002 - Security Account Manager
- T1204.002 - Malicious File
- T1598.003 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1608.004 - Drive-by Target
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1595.002 - Vulnerability Scanning
- T1112 - Modify Registry
- T1591.002 - Business Relationships
- T1583.003 - Virtual Private Server
- T1083 - File and Directory Discovery
- T1598.002 - Spearphishing Attachment
- T1071.002 - File Transfer Protocols
- T1210 - Exploitation of Remote Services
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1187 - Forced Authentication
- T1195.002 - Compromise Software Supply Chain
- T1203 - Exploitation for Client Execution
- T1012 - Query Registry
- T1036.010 - Masquerade Account Name
- T1189 - Drive-by Compromise
- T1584.004 - Server
- T1018 - Remote System Discovery
- T1003.003 - NTDS
MITREへのリンク →
Score: 22.71
Matched TTPs:
- T1583.002 - DNS Server
- T1190 - Exploit Public-Facing Application
- T1546.008 - Accessibility Features
- T1583.003 - Virtual Private Server
- T1584.005 - Botnet
- T1566 - Phishing
- T1078 - Valid Accounts
- T1203 - Exploitation for Client Execution
- T1189 - Drive-by Compromise
MITREへのリンク →
Score: 32.20
Matched TTPs:
- T1583.002 - DNS Server
- T1204.002 - Malicious File
- T1608.001 - Upload Malware
- T1010 - Application Window Discovery
- T1589 - Gather Victim Identity Information
- T1589.002 - Email Addresses
- T1057 - Process Discovery
- T1534 - Internal Spearphishing
- T1588.002 - Tool
- T1102.002 - Bidirectional Communication
- T1591.004 - Identify Roles
- T1018 - Remote System Discovery
- T1518 - Software Discovery
MITREへのリンク →
Score: 25.72
Matched TTPs:
- T1114.001 - Local Email Collection
- T1566.001 - Spearphishing Attachment
- T1140 - Deobfuscate/Decode Files or Information
- T1190 - Exploit Public-Facing Application
- T1036 - Masquerading
- T1595.002 - Vulnerability Scanning
- T1056.003 - Web Portal Capture
- T1583.003 - Virtual Private Server
- T1083 - File and Directory Discovery
- T1584.006 - Web Services
- T1189 - Drive-by Compromise
MITREへのリンク →
Score: 19.12
Matched TTPs:
- T1587.001 - Malware
- T1574.001 - DLL
- T1608.004 - Drive-by Target
- T1608.001 - Upload Malware
- T1112 - Modify Registry
- T1588.001 - Malware
- T1083 - File and Directory Discovery
- T1608.005 - Link Target
- T1588.002 - Tool
MITREへのリンク →
Score: 14.33
Matched TTPs:
- T1587.001 - Malware
- T1040 - Network Sniffing
- T1190 - Exploit Public-Facing Application
- T1602.002 - Network Device Configuration Dump
- T1562.004 - Disable or Modify System Firewall
- T1588.002 - Tool
MITREへのリンク →
Score: 10.95
Matched TTPs:
- T1587.001 - Malware
- T1204.002 - Malicious File
- T1036 - Masquerading
- T1083 - File and Directory Discovery
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
- T1570 - Lateral Tool Transfer
MITREへのリンク →
Score: 6.76
Matched TTPs:
- T1587.001 - Malware
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1588.002 - Tool
MITREへのリンク →
Score: 36.94
Matched TTPs:
- T1587.001 - Malware
- T1007 - System Service Discovery
- T1140 - Deobfuscate/Decode Files or Information
- T1608.001 - Upload Malware
- T1219 - Remote Access Tools
- T1036 - Masquerading
- T1562.004 - Disable or Modify System Firewall
- T1595.002 - Vulnerability Scanning
- T1083 - File and Directory Discovery
- T1102 - Web Service
- T1057 - Process Discovery
- T1048 - Exfiltration Over Alternative Protocol
- T1562.001 - Disable or Modify Tools
- T1518.001 - Security Software Discovery
- T1595.001 - Scanning IP Blocks
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 29.45
Matched TTPs:
- T1559.002 - Dynamic Data Exchange
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1219 - Remote Access Tools
- T1218.003 - CMSTP
- T1218.008 - Odbcconf
- T1588.002 - Tool
- T1068 - Exploitation for Privilege Escalation
- T1218.010 - Regsvr32
- T1195.002 - Compromise Software Supply Chain
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 26.11
Matched TTPs:
- T1559.002 - Dynamic Data Exchange
- T1204.002 - Malicious File
- T1598.003 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1598.002 - Spearphishing Attachment
- T1057 - Process Discovery
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1518 - Software Discovery
- T1124 - System Time Discovery
MITREへのリンク →
Score: 16.90
Matched TTPs:
- T1559.002 - Dynamic Data Exchange
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1057 - Process Discovery
- T1027 - Obfuscated Files or Information
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
- T1027.003 - Steganography
- T1189 - Drive-by Compromise
MITREへのリンク →
Score: 17.73
Matched TTPs:
- T1559.002 - Dynamic Data Exchange
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1608.001 - Upload Malware
- T1568 - Dynamic Resolution
- T1588.002 - Tool
- T1068 - Exploitation for Privilege Escalation
- T1573 - Encrypted Channel
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 21.02
Matched TTPs:
- T1559.002 - Dynamic Data Exchange
- T1204.002 - Malicious File
- T1598.003 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1112 - Modify Registry
- T1083 - File and Directory Discovery
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1189 - Drive-by Compromise
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 11.27
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1140 - Deobfuscate/Decode Files or Information
- T1657 - Financial Theft
- T1614.001 - System Language Discovery
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 5.55
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 6.71
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1218.007 - Msiexec
- T1189 - Drive-by Compromise
MITREへのリンク →
Score: 4.92
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1203 - Exploitation for Client Execution
- T1189 - Drive-by Compromise
MITREへのリンク →
Score: 11.24
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1608.004 - Drive-by Target
- T1568 - Dynamic Resolution
- T1203 - Exploitation for Client Execution
- T1189 - Drive-by Compromise
MITREへのリンク →
Score: 6.83
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1140 - Deobfuscate/Decode Files or Information
- T1588.002 - Tool
- T1218.010 - Regsvr32
MITREへのリンク →
Score: 8.45
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1189 - Drive-by Compromise
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 4.80
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1588.002 - Tool
- T1027 - Obfuscated Files or Information
MITREへのリンク →
Score: 20.18
Matched TTPs:
- T1204.002 - Malicious File
- T1598.003 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1608.004 - Drive-by Target
- T1583.003 - Virtual Private Server
- T1584.006 - Web Services
- T1189 - Drive-by Compromise
- T1124 - System Time Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 26.19
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1140 - Deobfuscate/Decode Files or Information
- T1547.004 - Winlogon Helper DLL
- T1083 - File and Directory Discovery
- T1057 - Process Discovery
- T1573 - Encrypted Channel
- T1203 - Exploitation for Client Execution
- T1027.003 - Steganography
- T1518.001 - Security Software Discovery
- T1046 - Network Service Discovery
- T1518 - Software Discovery
MITREへのリンク →
Score: 6.38
Matched TTPs:
- T1204.002 - Malicious File
- T1083 - File and Directory Discovery
- T1189 - Drive-by Compromise
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 6.64
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1588.002 - Tool
- T1187 - Forced Authentication
MITREへのリンク →
Score: 12.25
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1036 - Masquerading
- T1068 - Exploitation for Privilege Escalation
- T1189 - Drive-by Compromise
- T1056.004 - Credential API Hooking
MITREへのリンク →
Score: 15.16
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1608.001 - Upload Malware
- T1036 - Masquerading
- T1588.001 - Malware
- T1102 - Web Service
- T1218.005 - Mshta
- T1583.006 - Web Services
MITREへのリンク →
Score: 13.50
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1140 - Deobfuscate/Decode Files or Information
- T1057 - Process Discovery
- T1203 - Exploitation for Client Execution
- T1124 - System Time Discovery
- T1090.001 - Internal Proxy
MITREへのリンク →
Score: 4.95
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1218.007 - Msiexec
MITREへのリンク →
Score: 34.49
Matched TTPs:
- T1204.002 - Malicious File
- T1574.001 - DLL
- T1140 - Deobfuscate/Decode Files or Information
- T1036 - Masquerading
- T1585.003 - Cloud Accounts
- T1588.002 - Tool
- T1486 - Data Encrypted for Impact
- T1566.004 - Spearphishing Voice
- T1667 - Email Bombing
- T1570 - Lateral Tool Transfer
- T1656 - Impersonation
- T1036.010 - Masquerade Account Name
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 19.92
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1083 - File and Directory Discovery
- T1102 - Web Service
- T1218.005 - Mshta
- T1057 - Process Discovery
- T1588.002 - Tool
- T1090.003 - Multi-hop Proxy
- T1218.010 - Regsvr32
- T1203 - Exploitation for Client Execution
- T1518 - Software Discovery
MITREへのリンク →
Score: 12.70
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1608.001 - Upload Malware
- T1589.002 - Email Addresses
- T1102 - Web Service
- T1203 - Exploitation for Client Execution
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 4.19
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 20.17
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1608.001 - Upload Malware
- T1112 - Modify Registry
- T1589.002 - Email Addresses
- T1497 - Virtualization/Sandbox Evasion
- T1583.006 - Web Services
- T1562.001 - Disable or Modify Tools
- T1203 - Exploitation for Client Execution
- T1656 - Impersonation
MITREへのリンク →
Score: 5.47
Matched TTPs:
- T1204.002 - Malicious File
- T1574.001 - DLL
- T1588.002 - Tool
- T1068 - Exploitation for Privilege Escalation
MITREへのリンク →
Score: 3.16
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 3.85
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1036 - Masquerading
MITREへのリンク →
Score: 7.71
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1140 - Deobfuscate/Decode Files or Information
- T1112 - Modify Registry
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
MITREへのリンク →
Score: 12.16
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1140 - Deobfuscate/Decode Files or Information
- T1112 - Modify Registry
- T1588.002 - Tool
- T1218.010 - Regsvr32
- T1189 - Drive-by Compromise
MITREへのリンク →
Score: 20.11
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1608.001 - Upload Malware
- T1218.005 - Mshta
- T1598.002 - Spearphishing Attachment
- T1614 - System Location Discovery
- T1518.001 - Security Software Discovery
- T1518 - Software Discovery
MITREへのリンク →
Score: 12.48
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1090.002 - External Proxy
- T1210 - Exploitation of Remote Services
- T1068 - Exploitation for Privilege Escalation
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 15.78
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1588.001 - Malware
- T1057 - Process Discovery
- T1592.002 - Software
- T1203 - Exploitation for Client Execution
- T1027.003 - Steganography
- T1189 - Drive-by Compromise
MITREへのリンク →
Score: 39.25
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1565.003 - Runtime Data Manipulation
- T1218.007 - Msiexec
- T1140 - Deobfuscate/Decode Files or Information
- T1562.004 - Disable or Modify System Firewall
- T1112 - Modify Registry
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1057 - Process Discovery
- T1588.002 - Tool
- T1562.001 - Disable or Modify Tools
- T1486 - Data Encrypted for Impact
- T1036.003 - Rename Legitimate Utilities
- T1518.001 - Security Software Discovery
- T1565.002 - Transmitted Data Manipulation
- T1189 - Drive-by Compromise
- T1569.002 - Service Execution
MITREへのリンク →
Score: 8.03
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1218.007 - Msiexec
- T1140 - Deobfuscate/Decode Files or Information
- T1057 - Process Discovery
MITREへのリンク →
Score: 6.98
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1007 - System Service Discovery
- T1083 - File and Directory Discovery
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 25.21
Matched TTPs:
- T1204.002 - Malicious File
- T1497.001 - System Checks
- T1566.001 - Spearphishing Attachment
- T1140 - Deobfuscate/Decode Files or Information
- T1083 - File and Directory Discovery
- T1497 - Virtualization/Sandbox Evasion
- T1057 - Process Discovery
- T1497.002 - User Activity Based Checks
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1189 - Drive-by Compromise
- T1124 - System Time Discovery
MITREへのリンク →
Score: 7.65
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1124 - System Time Discovery
MITREへのリンク →
Score: 4.52
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1583.006 - Web Services
- T1588.002 - Tool
MITREへのリンク →
Score: 12.45
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1112 - Modify Registry
- T1090.002 - External Proxy
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1018 - Remote System Discovery
- T1569.002 - Service Execution
MITREへのリンク →
Score: 8.81
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1083 - File and Directory Discovery
- T1218.005 - Mshta
- T1583.006 - Web Services
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 8.98
Matched TTPs:
- T1204.002 - Malicious File
- T1566.001 - Spearphishing Attachment
- T1574.001 - DLL
- T1190 - Exploit Public-Facing Application
- T1588.002 - Tool
- T1203 - Exploitation for Client Execution
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 31.23
Matched TTPs:
- T1484.002 - Trust Modification
- T1190 - Exploit Public-Facing Application
- T1657 - Financial Theft
- T1021.007 - Cloud Services
- T1057 - Process Discovery
- T1486 - Data Encrypted for Impact
- T1218.010 - Regsvr32
- T1614.001 - System Language Discovery
- T1518.001 - Security Software Discovery
- T1537 - Transfer Data to Cloud Account
- T1490 - Inhibit System Recovery
MITREへのリンク →
Score: 5.17
Matched TTPs:
- T1497.001 - System Checks
- T1574.001 - DLL
MITREへのリンク →
Score: 11.10
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1589.002 - Email Addresses
- T1608.005 - Link Target
- T1588.002 - Tool
- T1078 - Valid Accounts
MITREへのリンク →
Score: 10.56
Matched TTPs:
- T1574.001 - DLL
- T1190 - Exploit Public-Facing Application
- T1588.001 - Malware
- T1588.002 - Tool
- T1027 - Obfuscated Files or Information
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 6.77
Matched TTPs:
- T1608.004 - Drive-by Target
- T1608.001 - Upload Malware
- T1189 - Drive-by Compromise
MITREへのリンク →
Score: 4.04
Matched TTPs:
- T1007 - System Service Discovery
- T1057 - Process Discovery
MITREへのリンク →
Score: 12.78
Matched TTPs:
- T1040 - Network Sniffing
- T1219 - Remote Access Tools
- T1588.002 - Tool
- T1200 - Hardware Additions
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 25.62
Matched TTPs:
- T1140 - Deobfuscate/Decode Files or Information
- T1190 - Exploit Public-Facing Application
- T1562.004 - Disable or Modify System Firewall
- T1102 - Web Service
- T1057 - Process Discovery
- T1562.001 - Disable or Modify Tools
- T1027 - Obfuscated Files or Information
- T1027.004 - Compile After Delivery
- T1518.001 - Security Software Discovery
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 13.02
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1219 - Remote Access Tools
- T1199 - Trusted Relationship
- T1566 - Phishing
- T1195.002 - Compromise Software Supply Chain
MITREへのリンク →
Score: 8.19
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1595.002 - Vulnerability Scanning
- T1595.003 - Wordlist Scanning
MITREへのリンク →
Score: 9.60
Matched TTPs:
- T1219 - Remote Access Tools
- T1562.004 - Disable or Modify System Firewall
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1102.002 - Bidirectional Communication
MITREへのリンク →
Score: 8.97
Matched TTPs:
- T1659 - Content Injection
- T1090 - Proxy
- T1068 - Exploitation for Privilege Escalation
MITREへのリンク →
Score: 6.56
Matched TTPs:
- T1090.002 - External Proxy
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 11.76
Matched TTPs:
- T1055.013 - Process Doppelgänging
- T1083 - File and Directory Discovery
- T1588.002 - Tool
- T1189 - Drive-by Compromise
- T1018 - Remote System Discovery
- T1046 - Network Service Discovery
MITREへのリンク →
Score: 8.15
Matched TTPs:
- T1090 - Proxy
- T1083 - File and Directory Discovery
- T1189 - Drive-by Compromise
- T1518 - Software Discovery
MITREへのリンク →
Score: 11.77
Matched TTPs:
- T1090 - Proxy
- T1583.006 - Web Services
- T1199 - Trusted Relationship
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1102.002 - Bidirectional Communication
MITREへのリンク →
Score: 3.31
Matched TTPs:
- T1588.001 - Malware
- T1588.002 - Tool
MITREへのリンク →
Score: 8.67
Matched TTPs:
- T1542.002 - Component Firmware
- T1480.001 - Environmental Keying
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1568 - Dynamic Resolution
MITREへのリンク →
Score: 5.81
Matched TTPs:
- T1657 - Financial Theft
- T1566 - Phishing
MITREへのリンク →
Score: 4.86
Matched TTPs:
- T1657 - Financial Theft
- T1486 - Data Encrypted for Impact
MITREへのリンク →
Score: 6.14
Matched TTPs:
- T1657 - Financial Theft
- T1071.002 - File Transfer Protocols
MITREへのリンク →
Score: 5.45
Matched TTPs:
- T1583.006 - Web Services
- T1585 - Establish Accounts
MITREへのリンク →
Score: 4.51
Matched TTPs:
- T1588.002 - Tool
- T1078 - Valid Accounts
- T1570 - Lateral Tool Transfer
MITREへのリンク →
Score: 3.19
Matched TTPs:
- T1078 - Valid Accounts
- T1046 - Network Service Discovery
MITREへのリンク →
このPulseに関連する脅威アクター (推論ベース)
Score: 0.70
Matched TTPs:
- T1584.008 - Network Devices
- T1518 - Software Discovery
- T1654 - Log Enumeration
- T1570 - Lateral Tool Transfer
- T1591 - Gather Victim Org Information
- T1218 - System Binary Proxy Execution
- T1057 - Process Discovery
- T1010 - Application Window Discovery
- T1190 - Exploit Public-Facing Application
- T1124 - System Time Discovery
- T1497.001 - System Checks
- T1140 - Deobfuscate/Decode Files or Information
- T1589.002 - Email Addresses
- T1588.002 - Tool
- T1614 - System Location Discovery
- T1593 - Search Open Websites/Domains
- T1584.004 - Server
- T1047 - Windows Management Instrumentation
- T1090.001 - Internal Proxy
- T1587.004 - Exploits
- T1560.001 - Archive via Utility
- T1007 - System Service Discovery
- T1090.003 - Multi-hop Proxy
- T1012 - Query Registry
- T1068 - Exploitation for Privilege Escalation
- T1584.005 - Botnet
- T1069 - Permission Groups Discovery
- T1078 - Valid Accounts
- T1083 - File and Directory Discovery
- T1112 - Modify Registry
- T1584.003 - Virtual Private Server
- T1090 - Proxy
- T1046 - Network Service Discovery
- T1003.003 - NTDS
- T1589 - Gather Victim Identity Information
- T1591.004 - Identify Roles
- T1018 - Remote System Discovery
- T1596.005 - Scan Databases
MITREへのリンク →
Score: 0.69
Matched TTPs:
- T1027.016 - Junk Code Insertion
- T1111 - Multi-Factor Authentication Interception
- T1204.002 - Malicious File
- T1218.010 - Regsvr32
- T1027.012 - LNK Icon Smuggling
- T1591 - Gather Victim Org Information
- T1057 - Process Discovery
- T1583.006 - Web Services
- T1218.005 - Mshta
- T1566.001 - Spearphishing Attachment
- T1190 - Exploit Public-Facing Application
- T1566 - Phishing
- T1608.001 - Upload Malware
- T1140 - Deobfuscate/Decode Files or Information
- T1589.002 - Email Addresses
- T1588.002 - Tool
- T1593 - Search Open Websites/Domains
- T1027 - Obfuscated Files or Information
- T1534 - Internal Spearphishing
- T1585 - Establish Accounts
- T1598.003 - Spearphishing Link
- T1560.001 - Archive via Utility
- T1587.001 - Malware
- T1007 - System Service Discovery
- T1012 - Query Registry
- T1102.002 - Bidirectional Communication
- T1518.001 - Security Software Discovery
- T1102.001 - Dead Drop Resolver
- T1588.005 - Exploits
- T1657 - Financial Theft
- T1071.002 - File Transfer Protocols
- T1040 - Network Sniffing
- T1583 - Acquire Infrastructure
- T1562.001 - Disable or Modify Tools
- T1083 - File and Directory Discovery
- T1112 - Modify Registry
- T1557 - Adversary-in-the-Middle
- T1562.004 - Disable or Modify System Firewall
- T1656 - Impersonation
- T1550.002 - Pass the Hash
MITREへのリンク →
Score: 0.64
Matched TTPs:
- T1204.002 - Malicious File
- T1036 - Masquerading
- T1486 - Data Encrypted for Impact
- T1570 - Lateral Tool Transfer
- T1591.002 - Business Relationships
- T1566.001 - Spearphishing Attachment
- T1190 - Exploit Public-Facing Application
- T1608.001 - Upload Malware
- T1199 - Trusted Relationship
- T1140 - Deobfuscate/Decode Files or Information
- T1490 - Inhibit System Recovery
- T1589.002 - Email Addresses
- T1588.002 - Tool
- T1499 - Endpoint Denial of Service
- T1195 - Supply Chain Compromise
- T1593 - Search Open Websites/Domains
- T1027 - Obfuscated Files or Information
- T1584.004 - Server
- T1047 - Windows Management Instrumentation
- T1491.002 - External Defacement
- T1598.003 - Spearphishing Link
- T1587.001 - Malware
- T1102.002 - Bidirectional Communication
- T1590.001 - Domain Properties
- T1040 - Network Sniffing
- T1584.005 - Botnet
- T1583 - Acquire Infrastructure
- T1078 - Valid Accounts
- T1195.002 - Compromise Software Supply Chain
- T1083 - File and Directory Discovery
- T1090 - Proxy
- T1595.002 - Vulnerability Scanning
- T1203 - Exploitation for Client Execution
- T1219 - Remote Access Tools
- T1592.002 - Software
- T1003.003 - NTDS
- T1018 - Remote System Discovery
MITREへのリンク →
Score: 0.59
Matched TTPs:
- T1027.016 - Junk Code Insertion
- T1204.002 - Malicious File
- T1518 - Software Discovery
- T1654 - Log Enumeration
- T1027.012 - LNK Icon Smuggling
- T1057 - Process Discovery
- T1583.006 - Web Services
- T1218.005 - Mshta
- T1678 - Delay Execution
- T1622 - Debugger Evasion
- T1608 - Stage Capabilities
- T1566.001 - Spearphishing Attachment
- T1608.001 - Upload Malware
- T1140 - Deobfuscate/Decode Files or Information
- T1574.001 - DLL
- T1588.002 - Tool
- T1102 - Web Service
- T1593 - Search Open Websites/Domains
- T1027 - Obfuscated Files or Information
- T1047 - Windows Management Instrumentation
- T1598.003 - Spearphishing Link
- T1560.001 - Archive via Utility
- T1587.001 - Malware
- T1219.001 - IDE Tunneling
- T1070 - Indicator Removal
- T1027.007 - Dynamic API Resolution
- T1083 - File and Directory Discovery
- T1557 - Adversary-in-the-Middle
- T1203 - Exploitation for Client Execution
- T1046 - Network Service Discovery
- T1003.003 - NTDS
- T1018 - Remote System Discovery
- T1176.002 - IDE Extensions
MITREへのリンク →
Score: 0.57
Matched TTPs:
- T1027.016 - Junk Code Insertion
- T1039 - Data from Network Shared Drive
- T1583.003 - Virtual Private Server
- T1204.002 - Malicious File
- T1027.012 - LNK Icon Smuggling
- T1057 - Process Discovery
- T1583.006 - Web Services
- T1218.005 - Mshta
- T1559.001 - Component Object Model
- T1566.001 - Spearphishing Attachment
- T1497.001 - System Checks
- T1608.001 - Upload Malware
- T1140 - Deobfuscate/Decode Files or Information
- T1480 - Execution Guardrails
- T1588.002 - Tool
- T1102 - Web Service
- T1491.001 - Internal Defacement
- T1027 - Obfuscated Files or Information
- T1534 - Internal Spearphishing
- T1047 - Windows Management Instrumentation
- T1090.003 - Multi-hop Proxy
- T1518.001 - Security Software Discovery
- T1012 - Query Registry
- T1102.002 - Bidirectional Communication
- T1562.001 - Disable or Modify Tools
- T1001 - Data Obfuscation
- T1083 - File and Directory Discovery
- T1027.004 - Compile After Delivery
- T1112 - Modify Registry
- T1090 - Proxy
- T1568 - Dynamic Resolution
- T1102.003 - One-Way Communication
MITREへのリンク →
Score: 0.56
Matched TTPs:
- T1568.002 - Domain Generation Algorithms
- T1486 - Data Encrypted for Impact
- T1570 - Lateral Tool Transfer
- T1480.001 - Environmental Keying
- T1595.003 - Wordlist Scanning
- T1566.001 - Spearphishing Attachment
- T1190 - Exploit Public-Facing Application
- T1213.003 - Code Repositories
- T1574.001 - DLL
- T1588.002 - Tool
- T1546.008 - Accessibility Features
- T1027 - Obfuscated Files or Information
- T1047 - Windows Management Instrumentation
- T1560.001 - Archive via Utility
- T1012 - Query Registry
- T1102.001 - Dead Drop Resolver
- T1071.002 - File Transfer Protocols
- T1069 - Permission Groups Discovery
- T1078 - Valid Accounts
- T1003.002 - Security Account Manager
- T1569.002 - Service Execution
- T1195.002 - Compromise Software Supply Chain
- T1083 - File and Directory Discovery
- T1112 - Modify Registry
- T1090 - Proxy
- T1595.002 - Vulnerability Scanning
- T1203 - Exploitation for Client Execution
- T1656 - Impersonation
- T1046 - Network Service Discovery
- T1003.003 - NTDS
- T1018 - Remote System Discovery
- T1596.005 - Scan Databases
- T1550.002 - Pass the Hash
MITREへのリンク →
Related CVEs
このPulseに見つかったCVEはありません。
Pulse – 脅威アクター グラフ
← Pulse一覧に戻る
Trusted Design