AI-Assisted Lure Factory Targets Developers & Gamers
概要
A large-scale malware campaign tracked as TroyDen's Lure Factory has been identified distributing LuaJIT-based infostealers through over 300 delivery packages hosted on GitHub. The operation uses AI-generated lure names incorporating obscure biological taxonomy and medical terminology to target developers, gamers, Roblox players, and crypto users. The malware employs a two-component design with a renamed LuaJIT runtime and encrypted Lua payload that evades sandbox detection through anti-analysis checks and extreme sleep delays. Upon execution, it disables proxy detection, captures desktop screenshots, performs geolocation, and exfiltrates data to C2 servers in Frankfurt. The infrastructure demonstrates scalability with multiple IP addresses serving identical encrypted commands, while maintaining simultaneous campaigns across gaming cheats, developer tools, phone trackers, and VPN crackers.
Created: 2026-05-11
Indicators
類似Pulses
類似するPulseは見つかりませんでした。
このPulseに関連する脅威アクター (事実ベース)
Score: 15.44
Matched TTPs:
- T1560.001 - Archive via Utility
- T1171 - LLMNR/NBT-NS Poisoning and Relay
- T1099 - Timestomp
- T1555.003 - Credentials from Web Browsers
- T1590.006 - Network Security Appliances
- T1608.005 - Link Target
- T1056 - Input Capture
MITREへのリンク →
Score: 16.37
Matched TTPs:
- T1560.001 - Archive via Utility
- T1584.008 - Network Devices
- T1527 - Application Access Token
- T1598.003 - Spearphishing Link
- T1098.007 - Additional Local or Domain Groups
- T1547.011 - Plist Modification
- T1590.006 - Network Security Appliances
- T1055.004 - Asynchronous Procedure Call
MITREへのリンク →
Score: 18.11
Matched TTPs:
- T1560.001 - Archive via Utility
- T1584.008 - Network Devices
- T1598.003 - Spearphishing Link
- T1183 - Image File Execution Options Injection
- T1590.006 - Network Security Appliances
- T1083 - File and Directory Discovery
- T1597 - Search Closed Sources
- T1056 - Input Capture
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 4.87
Matched TTPs:
- T1560.001 - Archive via Utility
- T1598.003 - Spearphishing Link
- T1562.001 - Disable or Modify Tools
MITREへのリンク →
Score: 8.51
Matched TTPs:
- T1560.001 - Archive via Utility
- T1555.003 - Credentials from Web Browsers
- T1177 - LSASS Driver
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 40.05
Matched TTPs:
- T1560.001 - Archive via Utility
- T1099 - Timestomp
- T1560.003 - Archive via Custom Method
- T1686.003 - Windows Host Firewall
- T1003.007 - Proc Filesystem
- T1556.002 - Password Filter DLL
- T1547.005 - Security Support Provider
- T1555.003 - Credentials from Web Browsers
- T1590.006 - Network Security Appliances
- T1083 - File and Directory Discovery
- T1055.004 - Asynchronous Procedure Call
- T1102 - Web Service
- T1584.002 - DNS Server
- T1665 - Hide Infrastructure
MITREへのリンク →
Score: 15.28
Matched TTPs:
- T1560.001 - Archive via Utility
- T1587.003 - Digital Certificates
- T1598.003 - Spearphishing Link
- T1003.007 - Proc Filesystem
- T1098.007 - Additional Local or Domain Groups
- T1183 - Image File Execution Options Injection
- T1590.006 - Network Security Appliances
- T1055.004 - Asynchronous Procedure Call
MITREへのリンク →
Score: 33.48
Matched TTPs:
- T1560.001 - Archive via Utility
- T1546.013 - PowerShell Profile
- T1598.003 - Spearphishing Link
- T1098.007 - Additional Local or Domain Groups
- T1555.003 - Credentials from Web Browsers
- T1183 - Image File Execution Options Injection
- T1590.006 - Network Security Appliances
- T1055.004 - Asynchronous Procedure Call
- T1102 - Web Service
- T1608.005 - Link Target
- T1169 - Sudo
- T1136.003 - Cloud Account
- T1056 - Input Capture
- T1055.005 - Thread Local Storage
MITREへのリンク →
Score: 6.72
Matched TTPs:
- T1560.001 - Archive via Utility
- T1590.006 - Network Security Appliances
- T1597 - Search Closed Sources
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 17.32
Matched TTPs:
- T1560.001 - Archive via Utility
- T1587.003 - Digital Certificates
- T1003.007 - Proc Filesystem
- T1590.006 - Network Security Appliances
- T1055.004 - Asynchronous Procedure Call
- T1056 - Input Capture
- T1601.001 - Patch System Image
- T1665 - Hide Infrastructure
MITREへのリンク →
Score: 8.16
Matched TTPs:
- T1560.001 - Archive via Utility
- T1587.003 - Digital Certificates
- T1098.007 - Additional Local or Domain Groups
- T1555.003 - Credentials from Web Browsers
MITREへのリンク →
Score: 13.17
Matched TTPs:
- T1560.001 - Archive via Utility
- T1598.003 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1555.003 - Credentials from Web Browsers
- T1547.011 - Plist Modification
- T1027.004 - Compile After Delivery
MITREへのリンク →
Score: 15.00
Matched TTPs:
- T1560.001 - Archive via Utility
- T1587.003 - Digital Certificates
- T1598.003 - Spearphishing Link
- T1016.002 - Wi-Fi Discovery
- T1090 - Proxy
- T1027.004 - Compile After Delivery
MITREへのリンク →
Score: 14.97
Matched TTPs:
- T1560.001 - Archive via Utility
- T1584.008 - Network Devices
- T1180 - Screensaver
- T1555.003 - Credentials from Web Browsers
- T1055.004 - Asynchronous Procedure Call
- T1102 - Web Service
MITREへのリンク →
Score: 7.75
Matched TTPs:
- T1560.001 - Archive via Utility
- T1584.008 - Network Devices
- T1555.003 - Credentials from Web Browsers
- T1597 - Search Closed Sources
MITREへのリンク →
Score: 11.90
Matched TTPs:
- T1560.001 - Archive via Utility
- T1584.008 - Network Devices
- T1555.003 - Credentials from Web Browsers
- T1547.011 - Plist Modification
- T1590.006 - Network Security Appliances
- T1055.004 - Asynchronous Procedure Call
MITREへのリンク →
Score: 25.73
Matched TTPs:
- T1560.001 - Archive via Utility
- T1560.003 - Archive via Custom Method
- T1584.008 - Network Devices
- T1598.003 - Spearphishing Link
- T1562.004 - Disable or Modify System Firewall
- T1590.006 - Network Security Appliances
- T1177 - LSASS Driver
- T1055.004 - Asynchronous Procedure Call
- T1027 - Obfuscated Files or Information
- T1573 - Encrypted Channel
- T1030 - Data Transfer Size Limits
MITREへのリンク →
Score: 22.54
Matched TTPs:
- T1560.001 - Archive via Utility
- T1546.013 - PowerShell Profile
- T1598.003 - Spearphishing Link
- T1518.002 - Backup Software Discovery
- T1547.011 - Plist Modification
- T1590.006 - Network Security Appliances
- T1055.004 - Asynchronous Procedure Call
- T1608.005 - Link Target
- T1597 - Search Closed Sources
- T1027.004 - Compile After Delivery
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 23.96
Matched TTPs:
- T1560.001 - Archive via Utility
- T1222.002 - Linux and Mac Permissions
- T1598.003 - Spearphishing Link
- T1098.007 - Additional Local or Domain Groups
- T1131 - Authentication Package
- T1562.004 - Disable or Modify System Firewall
- T1555.003 - Credentials from Web Browsers
- T1547.011 - Plist Modification
- T1608.005 - Link Target
- T1197 - BITS Jobs
MITREへのリンク →
Score: 33.11
Matched TTPs:
- T1560.001 - Archive via Utility
- T1113 - Screen Capture
- T1546.013 - PowerShell Profile
- T1099 - Timestomp
- T1003.007 - Proc Filesystem
- T1131 - Authentication Package
- T1590.006 - Network Security Appliances
- T1055.004 - Asynchronous Procedure Call
- T1608.005 - Link Target
- T1597 - Search Closed Sources
- T1218.001 - Compiled HTML File
- T1056 - Input Capture
- T1027.004 - Compile After Delivery
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 12.97
Matched TTPs:
- T1560.001 - Archive via Utility
- T1598.003 - Spearphishing Link
- T1003.007 - Proc Filesystem
- T1592.004 - Client Configurations
- T1597 - Search Closed Sources
- T1027.004 - Compile After Delivery
MITREへのリンク →
Score: 12.20
Matched TTPs:
- T1560.001 - Archive via Utility
- T1556.002 - Password Filter DLL
- T1009 - Binary Padding
- T1597 - Search Closed Sources
- T1027.004 - Compile After Delivery
MITREへのリンク →
Score: 53.53
Matched TTPs:
- T1560.001 - Archive via Utility
- T1546.013 - PowerShell Profile
- T1213.006 - Databases
- T1598.003 - Spearphishing Link
- T1003.007 - Proc Filesystem
- T1098.007 - Additional Local or Domain Groups
- T1009 - Binary Padding
- T1131 - Authentication Package
- T1555.003 - Credentials from Web Browsers
- T1183 - Image File Execution Options Injection
- T1590.006 - Network Security Appliances
- T1546.008 - Accessibility Features
- T1609 - Container Administration Command
- T1608.005 - Link Target
- T1597 - Search Closed Sources
- T1027.014 - Polymorphic Code
- T1056 - Input Capture
- T1030 - Data Transfer Size Limits
- T1027.004 - Compile After Delivery
- T1197 - BITS Jobs
- T1601.001 - Patch System Image
- T1665 - Hide Infrastructure
MITREへのリンク →
Score: 14.11
Matched TTPs:
- T1560.001 - Archive via Utility
- T1560.003 - Archive via Custom Method
- T1547.011 - Plist Modification
- T1590.006 - Network Security Appliances
- T1177 - LSASS Driver
- T1055.004 - Asynchronous Procedure Call
MITREへのリンク →
Score: 9.42
Matched TTPs:
- T1560.001 - Archive via Utility
- T1099 - Timestomp
- T1598.003 - Spearphishing Link
- T1027 - Obfuscated Files or Information
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 17.74
Matched TTPs:
- T1560.001 - Archive via Utility
- T1584.008 - Network Devices
- T1003.007 - Proc Filesystem
- T1590.006 - Network Security Appliances
- T1198 - SIP and Trust Provider Hijacking
- T1090 - Proxy
- T1055.004 - Asynchronous Procedure Call
MITREへのリンク →
Score: 7.54
Matched TTPs:
- T1560.001 - Archive via Utility
- T1099 - Timestomp
- T1590.006 - Network Security Appliances
- T1055.004 - Asynchronous Procedure Call
MITREへのリンク →
Score: 22.25
Matched TTPs:
- T1560.001 - Archive via Utility
- T1099 - Timestomp
- T1560.003 - Archive via Custom Method
- T1584.008 - Network Devices
- T1547.005 - Security Support Provider
- T1555.003 - Credentials from Web Browsers
- T1590.006 - Network Security Appliances
- T1055.004 - Asynchronous Procedure Call
- T1134.001 - Token Impersonation/Theft
MITREへのリンク →
Score: 23.39
Matched TTPs:
- T1560.001 - Archive via Utility
- T1546.013 - PowerShell Profile
- T1003.007 - Proc Filesystem
- T1098.007 - Additional Local or Domain Groups
- T1562.004 - Disable or Modify System Firewall
- T1590.006 - Network Security Appliances
- T1055.004 - Asynchronous Procedure Call
- T1608.005 - Link Target
- T1218.001 - Compiled HTML File
- T1056 - Input Capture
- T1027.004 - Compile After Delivery
MITREへのリンク →
Score: 42.14
Matched TTPs:
- T1560.001 - Archive via Utility
- T1171 - LLMNR/NBT-NS Poisoning and Relay
- T1099 - Timestomp
- T1587.003 - Digital Certificates
- T1098.007 - Additional Local or Domain Groups
- T1016.002 - Wi-Fi Discovery
- T1547.005 - Security Support Provider
- T1009 - Binary Padding
- T1562.004 - Disable or Modify System Firewall
- T1555.003 - Credentials from Web Browsers
- T1183 - Image File Execution Options Injection
- T1590.006 - Network Security Appliances
- T1055.004 - Asynchronous Procedure Call
- T1608.005 - Link Target
- T1597 - Search Closed Sources
- T1562.001 - Disable or Modify Tools
- T1027 - Obfuscated Files or Information
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 13.81
Matched TTPs:
- T1560.001 - Archive via Utility
- T1003.007 - Proc Filesystem
- T1562.004 - Disable or Modify System Firewall
- T1102 - Web Service
- T1597 - Search Closed Sources
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 11.09
Matched TTPs:
- T1560.001 - Archive via Utility
- T1083 - File and Directory Discovery
- T1055.004 - Asynchronous Procedure Call
- T1597 - Search Closed Sources
- T1027 - Obfuscated Files or Information
MITREへのリンク →
Score: 12.28
Matched TTPs:
- T1560.001 - Archive via Utility
- T1137.005 - Outlook Rules
- T1597 - Search Closed Sources
- T1027 - Obfuscated Files or Information
- T1056 - Input Capture
MITREへのリンク →
Score: 10.51
Matched TTPs:
- T1560.001 - Archive via Utility
- T1009 - Binary Padding
- T1055.004 - Asynchronous Procedure Call
- T1056 - Input Capture
- T1665 - Hide Infrastructure
MITREへのリンク →
Score: 32.55
Matched TTPs:
- T1113 - Screen Capture
- T1546.013 - PowerShell Profile
- T1598.003 - Spearphishing Link
- T1098.007 - Additional Local or Domain Groups
- T1547.005 - Security Support Provider
- T1131 - Authentication Package
- T1555.003 - Credentials from Web Browsers
- T1590.006 - Network Security Appliances
- T1592.004 - Client Configurations
- T1055.004 - Asynchronous Procedure Call
- T1608.005 - Link Target
- T1562.001 - Disable or Modify Tools
- T1027.014 - Polymorphic Code
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 41.85
Matched TTPs:
- T1222.002 - Linux and Mac Permissions
- T1099 - Timestomp
- T1584.008 - Network Devices
- T1598.003 - Spearphishing Link
- T1202 - Indirect Command Execution
- T1562.004 - Disable or Modify System Firewall
- T1555.003 - Credentials from Web Browsers
- T1547.011 - Plist Modification
- T1177 - LSASS Driver
- T1592.004 - Client Configurations
- T1568 - Dynamic Resolution
- T1608.005 - Link Target
- T1556.008 - Network Provider DLL
- T1027.004 - Compile After Delivery
MITREへのリンク →
Score: 41.00
Matched TTPs:
- T1666 - Modify Cloud Resource Hierarchy
- T1560.003 - Archive via Custom Method
- T1685.004 - Disable or Modify Linux Audit System Log
- T1098.007 - Additional Local or Domain Groups
- T1547.005 - Security Support Provider
- T1590.006 - Network Security Appliances
- T1609 - Container Administration Command
- T1083 - File and Directory Discovery
- T1556.008 - Network Provider DLL
- T1597 - Search Closed Sources
- T1027 - Obfuscated Files or Information
- T1056 - Input Capture
- T1030 - Data Transfer Size Limits
- T1197 - BITS Jobs
MITREへのリンク →
Score: 5.01
Matched TTPs:
- T1666 - Modify Cloud Resource Hierarchy
- T1598.003 - Spearphishing Link
MITREへのリンク →
Score: 6.45
Matched TTPs:
- T1171 - LLMNR/NBT-NS Poisoning and Relay
- T1598.003 - Spearphishing Link
- T1055.004 - Asynchronous Procedure Call
MITREへのリンク →
Score: 9.69
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1598.003 - Spearphishing Link
- T1608.005 - Link Target
- T1597 - Search Closed Sources
- T1030 - Data Transfer Size Limits
MITREへのリンク →
Score: 6.51
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1598.003 - Spearphishing Link
- T1597 - Search Closed Sources
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 9.47
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1598.003 - Spearphishing Link
- T1590.006 - Network Security Appliances
- T1090 - Proxy
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 17.15
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1587.003 - Digital Certificates
- T1598.003 - Spearphishing Link
- T1098.007 - Additional Local or Domain Groups
- T1562.004 - Disable or Modify System Firewall
- T1090 - Proxy
- T1218.001 - Compiled HTML File
MITREへのリンク →
Score: 9.86
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1598.003 - Spearphishing Link
- T1547.011 - Plist Modification
- T1562.001 - Disable or Modify Tools
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 27.45
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1098.007 - Additional Local or Domain Groups
- T1547.005 - Security Support Provider
- T1131 - Authentication Package
- T1183 - Image File Execution Options Injection
- T1608.005 - Link Target
- T1597 - Search Closed Sources
- T1562.001 - Disable or Modify Tools
- T1056 - Input Capture
- T1030 - Data Transfer Size Limits
- T1027.004 - Compile After Delivery
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 8.24
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1598.003 - Spearphishing Link
- T1098.007 - Additional Local or Domain Groups
- T1608.005 - Link Target
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 21.12
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1560.003 - Archive via Custom Method
- T1527 - Application Access Token
- T1598.003 - Spearphishing Link
- T1098.007 - Additional Local or Domain Groups
- T1016.002 - Wi-Fi Discovery
- T1597 - Search Closed Sources
- T1027 - Obfuscated Files or Information
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 20.26
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1598.003 - Spearphishing Link
- T1098.007 - Additional Local or Domain Groups
- T1009 - Binary Padding
- T1608.005 - Link Target
- T1562.001 - Disable or Modify Tools
- T1027 - Obfuscated Files or Information
- T1573 - Encrypted Channel
- T1056 - Input Capture
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 19.06
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1598.003 - Spearphishing Link
- T1518.002 - Backup Software Discovery
- T1598.004 - Spearphishing Voice
- T1027.014 - Polymorphic Code
- T1573 - Encrypted Channel
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 7.15
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1598.003 - Spearphishing Link
- T1590.006 - Network Security Appliances
- T1665 - Hide Infrastructure
MITREへのリンク →
Score: 12.93
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1003.007 - Proc Filesystem
- T1183 - Image File Execution Options Injection
- T1597 - Search Closed Sources
- T1027 - Obfuscated Files or Information
- T1056 - Input Capture
MITREへのリンク →
Score: 8.37
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1101 - Security Support Provider
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 3.99
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1608.005 - Link Target
MITREへのリンク →
Score: 13.02
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1598.003 - Spearphishing Link
- T1098.007 - Additional Local or Domain Groups
- T1547.005 - Security Support Provider
- T1183 - Image File Execution Options Injection
- T1609 - Container Administration Command
MITREへのリンク →
Score: 16.56
Matched TTPs:
- T1099 - Timestomp
- T1098.007 - Additional Local or Domain Groups
- T1547.005 - Security Support Provider
- T1183 - Image File Execution Options Injection
- T1590.006 - Network Security Appliances
- T1055.004 - Asynchronous Procedure Call
- T1056 - Input Capture
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 24.47
Matched TTPs:
- T1099 - Timestomp
- T1527 - Application Access Token
- T1598.003 - Spearphishing Link
- T1098.007 - Additional Local or Domain Groups
- T1090 - Proxy
- T1608.005 - Link Target
- T1554 - Compromise Host Software Binary
- T1597 - Search Closed Sources
- T1562.001 - Disable or Modify Tools
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 8.95
Matched TTPs:
- T1099 - Timestomp
- T1598.003 - Spearphishing Link
- T1098.007 - Additional Local or Domain Groups
- T1608.005 - Link Target
- T1597 - Search Closed Sources
MITREへのリンク →
Score: 4.54
Matched TTPs:
- T1682 - Query Public AI Services
MITREへのリンク →
Score: 9.37
Matched TTPs:
- T1584.008 - Network Devices
- T1530 - Data from Cloud Storage
- T1573 - Encrypted Channel
MITREへのリンク →
Score: 18.42
Matched TTPs:
- T1584.008 - Network Devices
- T1598.003 - Spearphishing Link
- T1098.007 - Additional Local or Domain Groups
- T1009 - Binary Padding
- T1562.004 - Disable or Modify System Firewall
- T1555.003 - Credentials from Web Browsers
- T1590.006 - Network Security Appliances
- T1573 - Encrypted Channel
- T1027.004 - Compile After Delivery
MITREへのリンク →
Score: 19.03
Matched TTPs:
- T1584.008 - Network Devices
- T1598.003 - Spearphishing Link
- T1098.007 - Additional Local or Domain Groups
- T1218.003 - CMSTP
- T1555.003 - Credentials from Web Browsers
- T1590.006 - Network Security Appliances
- T1055.004 - Asynchronous Procedure Call
- T1573 - Encrypted Channel
- T1056 - Input Capture
MITREへのリンク →
Score: 16.60
Matched TTPs:
- T1584.008 - Network Devices
- T1562.004 - Disable or Modify System Firewall
- T1555.003 - Credentials from Web Browsers
- T1102 - Web Service
- T1597 - Search Closed Sources
- T1562.001 - Disable or Modify Tools
- T1056 - Input Capture
MITREへのリンク →
Score: 15.08
Matched TTPs:
- T1685.004 - Disable or Modify Linux Audit System Log
- T1686.003 - Windows Host Firewall
- T1027 - Obfuscated Files or Information
- T1027.014 - Polymorphic Code
- T1056 - Input Capture
MITREへのリンク →
Score: 40.28
Matched TTPs:
- T1484.002 - Trust Modification
- T1686.003 - Windows Host Firewall
- T1598.003 - Spearphishing Link
- T1098.007 - Additional Local or Domain Groups
- T1016.002 - Wi-Fi Discovery
- T1562.004 - Disable or Modify System Firewall
- T1555.003 - Credentials from Web Browsers
- T1183 - Image File Execution Options Injection
- T1546.008 - Accessibility Features
- T1055.004 - Asynchronous Procedure Call
- T1562.001 - Disable or Modify Tools
- T1027 - Obfuscated Files or Information
- T1573 - Encrypted Channel
- T1075 - Pass the Hash
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 22.06
Matched TTPs:
- T1484.002 - Trust Modification
- T1598.003 - Spearphishing Link
- T1098.007 - Additional Local or Domain Groups
- T1562.004 - Disable or Modify System Firewall
- T1555.003 - Credentials from Web Browsers
- T1183 - Image File Execution Options Injection
- T1554 - Compromise Host Software Binary
- T1027.014 - Polymorphic Code
- T1056 - Input Capture
MITREへのリンク →
Score: 12.72
Matched TTPs:
- T1180 - Screensaver
- T1009 - Binary Padding
- T1597 - Search Closed Sources
- T1562.001 - Disable or Modify Tools
- T1027.004 - Compile After Delivery
MITREへのリンク →
Score: 29.14
Matched TTPs:
- T1180 - Screensaver
- T1598.003 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1098.007 - Additional Local or Domain Groups
- T1009 - Binary Padding
- T1555.003 - Credentials from Web Browsers
- T1055.004 - Asynchronous Procedure Call
- T1590 - Gather Victim Network Information
- T1597 - Search Closed Sources
- T1027 - Obfuscated Files or Information
- T1493 - Transmitted Data Manipulation
MITREへのリンク →
Score: 30.68
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1098.007 - Additional Local or Domain Groups
- T1009 - Binary Padding
- T1183 - Image File Execution Options Injection
- T1547.011 - Plist Modification
- T1590.006 - Network Security Appliances
- T1055.004 - Asynchronous Procedure Call
- T1608.005 - Link Target
- T1069.001 - Local Groups
- T1597 - Search Closed Sources
- T1562.001 - Disable or Modify Tools
- T1055.005 - Thread Local Storage
- T1665 - Hide Infrastructure
MITREへのリンク →
Score: 16.10
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1555.003 - Credentials from Web Browsers
- T1590.006 - Network Security Appliances
- T1090 - Proxy
- T1055.004 - Asynchronous Procedure Call
- T1136.003 - Cloud Account
- T1665 - Hide Infrastructure
MITREへのリンク →
Score: 6.60
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1003.007 - Proc Filesystem
- T1590.006 - Network Security Appliances
- T1055.004 - Asynchronous Procedure Call
MITREへのリンク →
Score: 6.02
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1562.001 - Disable or Modify Tools
- T1027.014 - Polymorphic Code
MITREへのリンク →
Score: 3.62
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1027.014 - Polymorphic Code
MITREへのリンク →
Score: 4.68
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1098.007 - Additional Local or Domain Groups
- T1183 - Image File Execution Options Injection
MITREへのリンク →
Score: 9.42
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1530 - Data from Cloud Storage
- T1601.001 - Patch System Image
- T1665 - Hide Infrastructure
MITREへのリンク →
Score: 5.48
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1027.014 - Polymorphic Code
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 7.73
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1608.005 - Link Target
- T1056 - Input Capture
- T1665 - Hide Infrastructure
MITREへのリンク →
Score: 6.95
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1590.006 - Network Security Appliances
- T1027.014 - Polymorphic Code
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 6.48
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1590.006 - Network Security Appliances
- T1584.002 - DNS Server
MITREへのリンク →
Score: 16.07
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1566.001 - Spearphishing Attachment
- T1003.007 - Proc Filesystem
- T1098.007 - Additional Local or Domain Groups
- T1009 - Binary Padding
- T1555.003 - Credentials from Web Browsers
- T1590.006 - Network Security Appliances
- T1055.004 - Asynchronous Procedure Call
MITREへのリンク →
Score: 14.86
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1098.007 - Additional Local or Domain Groups
- T1183 - Image File Execution Options Injection
- T1590.006 - Network Security Appliances
- T1027 - Obfuscated Files or Information
- T1573 - Encrypted Channel
- T1197 - BITS Jobs
MITREへのリンク →
Score: 3.22
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1027.004 - Compile After Delivery
MITREへのリンク →
Score: 7.73
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1555.003 - Credentials from Web Browsers
- T1547.011 - Plist Modification
- T1027.004 - Compile After Delivery
MITREへのリンク →
Score: 3.22
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1027.004 - Compile After Delivery
MITREへのリンク →
Score: 10.07
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1098.007 - Additional Local or Domain Groups
- T1555.003 - Credentials from Web Browsers
- T1183 - Image File Execution Options Injection
- T1218.001 - Compiled HTML File
MITREへのリンク →
Score: 4.40
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1098.007 - Additional Local or Domain Groups
- T1608.005 - Link Target
MITREへのリンク →
Score: 5.41
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1686 - Disable or Modify System Firewall
MITREへのリンク →
Score: 3.27
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1562.001 - Disable or Modify Tools
MITREへのリンク →
Score: 16.81
Matched TTPs:
- T1003.007 - Proc Filesystem
- T1098.007 - Additional Local or Domain Groups
- T1009 - Binary Padding
- T1562.004 - Disable or Modify System Firewall
- T1590.006 - Network Security Appliances
- T1055.004 - Asynchronous Procedure Call
- T1597 - Search Closed Sources
- T1665 - Hide Infrastructure
MITREへのリンク →
Score: 4.26
Matched TTPs:
- T1003.007 - Proc Filesystem
- T1055.004 - Asynchronous Procedure Call
MITREへのリンク →
Score: 3.84
Matched TTPs:
- T1530 - Data from Cloud Storage
MITREへのリンク →
Score: 11.43
Matched TTPs:
- T1098.007 - Additional Local or Domain Groups
- T1027 - Obfuscated Files or Information
- T1486 - Data Encrypted for Impact
- T1030 - Data Transfer Size Limits
MITREへのリンク →
Score: 8.31
Matched TTPs:
- T1098.007 - Additional Local or Domain Groups
- T1183 - Image File Execution Options Injection
- T1590.006 - Network Security Appliances
- T1030 - Data Transfer Size Limits
MITREへのリンク →
Score: 12.79
Matched TTPs:
- T1098.007 - Additional Local or Domain Groups
- T1590.006 - Network Security Appliances
- T1608.005 - Link Target
- T1056 - Input Capture
- T1027.004 - Compile After Delivery
- T1197 - BITS Jobs
MITREへのリンク →
Score: 3.92
Matched TTPs:
- T1098.007 - Additional Local or Domain Groups
- T1562.001 - Disable or Modify Tools
MITREへのリンク →
Score: 11.09
Matched TTPs:
- T1098.007 - Additional Local or Domain Groups
- T1183 - Image File Execution Options Injection
- T1546.008 - Accessibility Features
- T1609 - Container Administration Command
MITREへのリンク →
Score: 22.02
Matched TTPs:
- T1218.003 - CMSTP
- T1009 - Binary Padding
- T1555.003 - Credentials from Web Browsers
- T1183 - Image File Execution Options Injection
- T1590.006 - Network Security Appliances
- T1608.005 - Link Target
- T1597 - Search Closed Sources
- T1027 - Obfuscated Files or Information
- T1056 - Input Capture
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 13.25
Matched TTPs:
- T1547.005 - Security Support Provider
- T1609 - Container Administration Command
- T1556.008 - Network Provider DLL
- T1030 - Data Transfer Size Limits
MITREへのリンク →
Score: 5.58
Matched TTPs:
- T1009 - Binary Padding
- T1555.003 - Credentials from Web Browsers
- T1590.006 - Network Security Appliances
MITREへのリンク →
Score: 8.27
Matched TTPs:
- T1009 - Binary Padding
- T1055.004 - Asynchronous Procedure Call
- T1597 - Search Closed Sources
- T1562.001 - Disable or Modify Tools
MITREへのリンク →
Score: 13.85
Matched TTPs:
- T1009 - Binary Padding
- T1555.003 - Credentials from Web Browsers
- T1590.006 - Network Security Appliances
- T1134.001 - Token Impersonation/Theft
- T1597 - Search Closed Sources
- T1027 - Obfuscated Files or Information
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1131 - Authentication Package
MITREへのリンク →
Score: 4.36
Matched TTPs:
- T1562.004 - Disable or Modify System Firewall
- T1555.003 - Credentials from Web Browsers
MITREへのリンク →
Score: 3.50
Matched TTPs:
- T1555.003 - Credentials from Web Browsers
- T1055.004 - Asynchronous Procedure Call
MITREへのリンク →
Score: 7.80
Matched TTPs:
- T1555.003 - Credentials from Web Browsers
- T1177 - LSASS Driver
- T1027.014 - Polymorphic Code
MITREへのリンク →
Score: 4.02
Matched TTPs:
- T1608.005 - Link Target
- T1056 - Input Capture
MITREへのリンク →
Score: 6.94
Matched TTPs:
- T1562.001 - Disable or Modify Tools
- T1213.003 - Code Repositories
MITREへのリンク →
Score: 4.79
Matched TTPs:
- T1573 - Encrypted Channel
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 4.35
Matched TTPs:
- T1056 - Input Capture
- T1027.004 - Compile After Delivery
MITREへのリンク →
このPulseに関連する脅威アクター (推論ベース)
Score: 0.70
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1027.014 - Polymorphic Code
- T1555.003 - Credentials from Web Browsers
- T1131 - Authentication Package
- T1030 - Data Transfer Size Limits
- T1546.008 - Accessibility Features
- T1197 - BITS Jobs
- T1665 - Hide Infrastructure
- T1213.006 - Databases
- T1098.007 - Additional Local or Domain Groups
- T1609 - Container Administration Command
- T1183 - Image File Execution Options Injection
- T1608.005 - Link Target
- T1003.007 - Proc Filesystem
- T1598.003 - Spearphishing Link
- T1597 - Search Closed Sources
- T1560.001 - Archive via Utility
- T1601.001 - Patch System Image
- T1027.004 - Compile After Delivery
- T1590.006 - Network Security Appliances
- T1009 - Binary Padding
- T1056 - Input Capture
MITREへのリンク →
Score: 0.55
Matched TTPs:
- T1597 - Search Closed Sources
- T1562.001 - Disable or Modify Tools
- T1027 - Obfuscated Files or Information
- T1560.001 - Archive via Utility
- T1601.001 - Patch System Image
- T1098.007 - Additional Local or Domain Groups
- T1183 - Image File Execution Options Injection
- T1016.002 - Wi-Fi Discovery
- T1099 - Timestomp
- T1608.005 - Link Target
- T1055.004 - Asynchronous Procedure Call
- T1555.003 - Credentials from Web Browsers
- T1590.006 - Network Security Appliances
- T1562.004 - Disable or Modify System Firewall
- T1171 - LLMNR/NBT-NS Poisoning and Relay
- T1009 - Binary Padding
- T1547.005 - Security Support Provider
- T1587.003 - Digital Certificates
MITREへのリンク →
Related CVEs
このPulseに見つかったCVEはありません。
Pulse – 脅威アクター グラフ
← Pulse一覧に戻る
Trusted Design