Trusted Design

BeatBanker: both banker and miner for Android

概要

BeatBanker is a sophisticated Android malware campaign targeting Brazil. It spreads through phishing attacks using a fake Google Play Store website. The malware combines a cryptocurrency miner and a banking Trojan capable of hijacking devices and overlaying screens. It employs creative persistence mechanisms, including playing an inaudible audio loop. BeatBanker monitors device status, disguises itself as legitimate apps, and targets cryptocurrency transactions on Binance and Trust Wallet. Recent variants have replaced the banking module with the BTMOB remote administration tool, expanding its capabilities. The threat demonstrates advanced evasion techniques, uses Firebase Cloud Messaging for command and control, and targets multiple browsers for data collection. Victims are primarily located in Brazil, with some samples spreading via WhatsApp.

Created: 2026-03-10

Indicators

類似Pulses

類似するPulseは見つかりませんでした。

このPulseに関連する脅威アクター (事実ベース)

Mustang Panda

Score: 14.27
Matched TTPs:
  • T1557 - Adversary-in-the-Middle
  • T1598.003 - Spearphishing Link
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Kimsuky

Score: 30.89
Matched TTPs:
  • T1557 - Adversary-in-the-Middle
  • T1598.003 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1657 - Financial Theft
  • T1534 - Internal Spearphishing
  • T1562.001 - Disable or Modify Tools
  • T1111 - Multi-Factor Authentication Interception
  • T1550.002 - Pass the Hash
  • T1204.001 - Malicious Link
MITREへのリンク →

Sea Turtle

Score: 19.32
Matched TTPs:
  • T1557 - Adversary-in-the-Middle
  • T1583.002 - DNS Server
  • T1213.006 - Databases
  • T1190 - Exploit Public-Facing Application
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Inception

Score: 6.73
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Dark Caracal

Score: 5.42
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1083 - File and Directory Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Elderwood

Score: 4.45
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Darkhotel

Score: 9.30
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1080 - Taint Shared Content
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Transparent Tribe

Score: 7.48
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1608.004 - Drive-by Target
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

APT28

Score: 17.28
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1598.003 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
  • T1589.001 - Credentials
  • T1203 - Exploitation for Client Execution
  • T1550.002 - Pass the Hash
  • T1204.001 - Malicious Link
MITREへのリンク →

APT18

Score: 4.32
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
MITREへのリンク →

Leviathan

Score: 22.38
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1586.001 - Social Media Accounts
  • T1190 - Exploit Public-Facing Application
  • T1534 - Internal Spearphishing
  • T1078 - Valid Accounts
  • T1587.004 - Exploits
  • T1589.001 - Credentials
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Sidewinder

Score: 12.02
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1598.003 - Spearphishing Link
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

APT39

Score: 7.15
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
  • T1204.001 - Malicious Link
MITREへのリンク →

Lazarus Group

Score: 16.28
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1562.004 - Disable or Modify System Firewall
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Saint Bear

Score: 6.24
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1562.001 - Disable or Modify Tools
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

APT33

Score: 5.87
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

BITTER

Score: 6.71
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

TA505

Score: 7.09
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1204.001 - Malicious Link
MITREへのリンク →

Higaisa

Score: 4.56
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1016 - System Network Configuration Discovery
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT19

Score: 3.06
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1016 - System Network Configuration Discovery
MITREへのリンク →

Fox Kitten

Score: 11.41
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
MITREへのリンク →

Threat Group-3390

Score: 13.08
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1003.002 - Security Account Manager
  • T1608.004 - Drive-by Target
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

TA2541

Score: 7.09
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1218.005 - Mshta
  • T1562.001 - Disable or Modify Tools
  • T1204.001 - Malicious Link
MITREへのリンク →

Malteiro

Score: 4.12
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1657 - Financial Theft
MITREへのリンク →

Magic Hound

Score: 28.05
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1598.003 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1016 - System Network Configuration Discovery
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1573 - Encrypted Channel
  • T1589.001 - Credentials
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Storm-1811

Score: 6.46
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1486 - Data Encrypted for Impact
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Blue Mockingbird

Score: 9.25
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1190 - Exploit Public-Facing Application
  • T1090 - Proxy
  • T1134 - Access Token Manipulation
MITREへのリンク →

Tropic Trooper

Score: 9.48
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Contagious Interview

Score: 17.97
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1090 - Proxy
  • T1204.005 - Malicious Library
  • T1083 - File and Directory Discovery
  • T1657 - Financial Theft
  • T1562.001 - Disable or Modify Tools
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

menuPass

Score: 9.85
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
MITREへのリンク →

Moses Staff

Score: 6.87
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1016 - System Network Configuration Discovery
MITREへのリンク →

TeamTNT

Score: 12.63
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1562.004 - Disable or Modify System Firewall
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1595.001 - Scanning IP Blocks
MITREへのリンク →

Putter Panda

Score: 3.39
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

OilRig

Score: 20.88
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1556.002 - Password Filter DLL
  • T1562.004 - Disable or Modify System Firewall
  • T1016 - System Network Configuration Discovery
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
  • T1137.004 - Outlook Home Page
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT32

Score: 17.80
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1598.003 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1203 - Exploitation for Client Execution
  • T1550.002 - Pass the Hash
  • T1204.001 - Malicious Link
MITREへのリンク →

Moonstone Sleet

Score: 10.39
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1598.003 - Spearphishing Link
  • T1016 - System Network Configuration Discovery
  • T1486 - Data Encrypted for Impact
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Mustard Tempest

Score: 8.93
Matched TTPs:
  • T1583.008 - Malvertising
  • T1608.004 - Drive-by Target
  • T1204.001 - Malicious Link
MITREへのリンク →

Daggerfly

Score: 3.95
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1204.001 - Malicious Link
MITREへのリンク →

GALLIUM

Score: 9.70
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1078 - Valid Accounts
  • T1550.002 - Pass the Hash
MITREへのリンク →

APT29

Score: 23.96
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1218.005 - Mshta
  • T1021.007 - Cloud Services
  • T1078 - Valid Accounts
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

FIN13

Score: 16.23
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1657 - Financial Theft
  • T1134.003 - Make and Impersonate Token
  • T1550.002 - Pass the Hash
MITREへのリンク →

Dragonfly

Score: 17.58
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1598.003 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Ke3chang

Score: 12.10
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
MITREへのリンク →

Agrius

Score: 5.86
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

APT41

Score: 32.57
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1546.008 - Accessibility Features
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1203 - Exploitation for Client Execution
  • T1595.003 - Wordlist Scanning
  • T1213.003 - Code Repositories
  • T1550.002 - Pass the Hash
  • T1596.005 - Scan Databases
MITREへのリンク →

APT5

Score: 9.21
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
MITREへのリンク →

Wizard Spider

Score: 15.93
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1518.002 - Backup Software Discovery
  • T1016 - System Network Configuration Discovery
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1550.002 - Pass the Hash
  • T1204.001 - Malicious Link
MITREへのリンク →

Ember Bear

Score: 14.23
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1562.001 - Disable or Modify Tools
  • T1203 - Exploitation for Client Execution
  • T1595.001 - Scanning IP Blocks
  • T1550.002 - Pass the Hash
MITREへのリンク →

Axiom

Score: 11.52
Matched TTPs:
  • T1583.002 - DNS Server
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

HEXANE

Score: 8.94
Matched TTPs:
  • T1583.002 - DNS Server
  • T1016 - System Network Configuration Discovery
  • T1534 - Internal Spearphishing
MITREへのリンク →

RedCurl

Score: 6.10
Matched TTPs:
  • T1080 - Taint Shared Content
  • T1083 - File and Directory Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

Gamaredon Group

Score: 19.82
Matched TTPs:
  • T1080 - Taint Shared Content
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1534 - Internal Spearphishing
  • T1562.001 - Disable or Modify Tools
  • T1027.004 - Compile After Delivery
  • T1204.001 - Malicious Link
MITREへのリンク →

BRONZE BUTLER

Score: 8.03
Matched TTPs:
  • T1080 - Taint Shared Content
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Cinnamon Tempest

Score: 11.20
Matched TTPs:
  • T1080 - Taint Shared Content
  • T1190 - Exploit Public-Facing Application
  • T1090 - Proxy
  • T1657 - Financial Theft
  • T1078 - Valid Accounts
MITREへのリンク →

Scattered Spider

Score: 35.74
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1598.003 - Spearphishing Link
  • T1070.008 - Clear Mailbox Data
  • T1598.004 - Spearphishing Voice
  • T1016 - System Network Configuration Discovery
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1657 - Financial Theft
  • T1021.007 - Cloud Services
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1213.003 - Code Repositories
MITREへのリンク →

Storm-0501

Score: 14.31
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1021.007 - Cloud Services
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Sandworm Team

Score: 26.48
Matched TTPs:
  • T1213.006 - Databases
  • T1586.001 - Social Media Accounts
  • T1598.003 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1203 - Exploitation for Client Execution
  • T1499 - Endpoint Denial of Service
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN6

Score: 13.21
Matched TTPs:
  • T1213.006 - Databases
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1134 - Access Token Manipulation
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Turla

Score: 15.51
Matched TTPs:
  • T1213.006 - Databases
  • T1016 - System Network Configuration Discovery
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1584.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

Silent Librarian

Score: 7.73
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.005 - Link Target
  • T1078 - Valid Accounts
MITREへのリンク →

ZIRCONIUM

Score: 5.29
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1016 - System Network Configuration Discovery
  • T1204.001 - Malicious Link
MITREへのリンク →

Star Blizzard

Score: 3.88
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1078 - Valid Accounts
MITREへのリンク →

CURIUM

Score: 11.64
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1584.006 - Web Services
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Patchwork

Score: 6.61
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1083 - File and Directory Discovery
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

HAFNIUM

Score: 8.08
Matched TTPs:
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
MITREへのリンク →

LuminousMoth

Score: 9.54
Matched TTPs:
  • T1608.004 - Drive-by Target
  • T1083 - File and Directory Discovery
  • T1608.005 - Link Target
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN7

Score: 22.69
Matched TTPs:
  • T1608.004 - Drive-by Target
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1674 - Input Injection
  • T1218.005 - Mshta
  • T1608.005 - Link Target
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1204.001 - Malicious Link
MITREへのリンク →

Strider

Score: 4.13
Matched TTPs:
  • T1556.002 - Password Filter DLL
MITREへのリンク →

UNC3886

Score: 17.80
Matched TTPs:
  • T1070.007 - Clear Network Connection History and Configurations
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1587.004 - Exploits
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Volt Typhoon

Score: 20.11
Matched TTPs:
  • T1070.007 - Clear Network Connection History and Configurations
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
  • T1587.004 - Exploits
  • T1596.005 - Scan Databases
MITREへのリンク →

Rocke

Score: 9.23
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1562.001 - Disable or Modify Tools
  • T1027.004 - Compile After Delivery
MITREへのリンク →

BlackTech

Score: 4.32
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Medusa Group

Score: 14.67
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1657 - Financial Theft
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

BlackByte

Score: 14.98
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1016 - System Network Configuration Discovery
  • T1134.003 - Make and Impersonate Token
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

ToddyCat

Score: 7.63
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Winter Vivern

Score: 7.75
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1584.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

Earth Lusca

Score: 12.60
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1090 - Proxy
  • T1218.005 - Mshta
  • T1584.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

Volatile Cedar

Score: 5.60
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1595.003 - Wordlist Scanning
MITREへのリンク →

INC Ransom

Score: 9.56
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Play

Score: 9.98
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1657 - Financial Theft
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
MITREへのリンク →

MuddyWater

Score: 18.98
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1218.003 - CMSTP
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1562.001 - Disable or Modify Tools
  • T1203 - Exploitation for Client Execution
  • T1027.004 - Compile After Delivery
  • T1204.001 - Malicious Link
MITREへのリンク →

Salt Typhoon

Score: 8.35
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1602.002 - Network Device Configuration Dump
  • T1562.004 - Disable or Modify System Firewall
MITREへのリンク →

Akira

Score: 12.62
Matched TTPs:
  • T1558 - Steal or Forge Kerberos Tickets
  • T1657 - Financial Theft
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

APT42

Score: 9.22
Matched TTPs:
  • T1070.008 - Clear Mailbox Data
  • T1016 - System Network Configuration Discovery
  • T1111 - Multi-Factor Authentication Interception
MITREへのリンク →

Cobalt Group

Score: 6.99
Matched TTPs:
  • T1218.003 - CMSTP
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Carbanak

Score: 3.77
Matched TTPs:
  • T1562.004 - Disable or Modify System Firewall
  • T1078 - Valid Accounts
MITREへのリンク →

APT38

Score: 16.02
Matched TTPs:
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1565.002 - Transmitted Data Manipulation
  • T1204.001 - Malicious Link
MITREへのリンク →

Velvet Ant

Score: 5.44
Matched TTPs:
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

LAPSUS$

Score: 18.80
Matched TTPs:
  • T1598.004 - Spearphishing Voice
  • T1090 - Proxy
  • T1078 - Valid Accounts
  • T1589.001 - Credentials
  • T1213.003 - Code Repositories
  • T1111 - Multi-Factor Authentication Interception
MITREへのリンク →

admin@338

Score: 4.26
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Lotus Blossom

Score: 6.61
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1134 - Access Token Manipulation
MITREへのリンク →

APT3

Score: 8.91
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1546.008 - Accessibility Features
  • T1083 - File and Directory Discovery
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

SideCopy

Score: 3.81
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1218.005 - Mshta
MITREへのリンク →

APT1

Score: 4.22
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1550.002 - Pass the Hash
MITREへのリンク →

Chimera

Score: 23.08
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
  • T1110.004 - Credential Stuffing
  • T1589.001 - Credentials
  • T1556.001 - Domain Controller Authentication
  • T1111 - Multi-Factor Authentication Interception
  • T1550.002 - Pass the Hash
MITREへのリンク →

Deep Panda

Score: 3.29
Matched TTPs:
  • T1546.008 - Accessibility Features
MITREへのリンク →

Windigo

Score: 3.64
Matched TTPs:
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
MITREへのリンク →

POLONIUM

Score: 3.77
Matched TTPs:
  • T1090 - Proxy
  • T1078 - Valid Accounts
MITREへのリンク →

Confucius

Score: 6.49
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

LazyScripter

Score: 3.70
Matched TTPs:
  • T1218.005 - Mshta
  • T1204.001 - Malicious Link
MITREへのリンク →

Water Galura

Score: 4.86
Matched TTPs:
  • T1657 - Financial Theft
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Indrik Spider

Score: 5.56
Matched TTPs:
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Aquatic Panda

Score: 4.54
Matched TTPs:
  • T1562.001 - Disable or Modify Tools
  • T1550.002 - Pass the Hash
MITREへのリンク →

FIN8

Score: 5.13
Matched TTPs:
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1204.001 - Malicious Link
MITREへのリンク →

EXOTIC LILY

Score: 5.38
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Windshift

Score: 3.88
Matched TTPs:
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Scattered Spider

Score: 0.70
Matched TTPs:
  • T1213.003 - Code Repositories
  • T1078 - Valid Accounts
  • T1657 - Financial Theft
  • T1016 - System Network Configuration Discovery
  • T1484.002 - Trust Modification
  • T1486 - Data Encrypted for Impact
  • T1083 - File and Directory Discovery
  • T1598.004 - Spearphishing Voice
  • T1562.001 - Disable or Modify Tools
  • T1598.003 - Spearphishing Link
  • T1070.008 - Clear Mailbox Data
  • T1090 - Proxy
  • T1021.007 - Cloud Services
MITREへのリンク →

APT41

Score: 0.64
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1546.008 - Accessibility Features
  • T1078 - Valid Accounts
  • T1213.003 - Code Repositories
  • T1016 - System Network Configuration Discovery
  • T1486 - Data Encrypted for Impact
  • T1083 - File and Directory Discovery
  • T1550.002 - Pass the Hash
  • T1190 - Exploit Public-Facing Application
  • T1596.005 - Scan Databases
  • T1595.003 - Wordlist Scanning
  • T1090 - Proxy
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Kimsuky

Score: 0.61
Matched TTPs:
  • T1218.005 - Mshta
  • T1657 - Financial Theft
  • T1016 - System Network Configuration Discovery
  • T1204.001 - Malicious Link
  • T1083 - File and Directory Discovery
  • T1557 - Adversary-in-the-Middle
  • T1550.002 - Pass the Hash
  • T1190 - Exploit Public-Facing Application
  • T1562.001 - Disable or Modify Tools
  • T1562.004 - Disable or Modify System Firewall
  • T1598.003 - Spearphishing Link
  • T1111 - Multi-Factor Authentication Interception
  • T1534 - Internal Spearphishing
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る