Poisoning the well: AI supply chain attacks on Hugging Face and OpenClaw
概要
Threat actors are actively exploiting AI distribution platforms like Hugging Face and ClawHub to deliver malware by embedding malicious code within models, datasets, and agent extensions. Over 575 malicious skills across 13 developer accounts were identified in the OpenClaw ecosystem, targeting Windows and macOS with trojans, cryptominers, and AMOS stealer. Attackers abuse trust relationships between users and AI platforms through indirect prompt injection, where hidden instructions cause AI agents to execute malicious actions on behalf of users. Trojanized skills masquerade as legitimate tools while instructing users to execute encoded commands or install hidden malicious dependencies. On Hugging Face, repositories host payloads within multistep infection chains disguised as legitimate applications. These campaigns employ social engineering, obfuscation, encryption, in-memory execution, process injection, and persistence techniques to evade detection while establishing covert command-and-control communica...
Created: 2026-06-10
Indicators
類似Pulses
類似するPulseは見つかりませんでした。
このPulseに関連する脅威アクター (事実ベース)
Score: 24.64
Matched TTPs:
- T1222.002 - Linux and Mac Permissions
- T1586.003 - Cloud Accounts
- T1098.007 - Additional Local or Domain Groups
- T1131 - Authentication Package
- T1555.003 - Credentials from Web Browsers
- T1547.011 - Plist Modification
- T1574.009 - Path Interception by Unquoted Path
- T1055.008 - Ptrace System Calls
MITREへのリンク →
Score: 31.84
Matched TTPs:
- T1222.002 - Linux and Mac Permissions
- T1099 - Timestomp
- T1584.008 - Network Devices
- T1202 - Indirect Command Execution
- T1555.003 - Credentials from Web Browsers
- T1547.011 - Plist Modification
- T1177 - LSASS Driver
- T1592.004 - Client Configurations
- T1556.008 - Network Provider DLL
- T1027.004 - Compile After Delivery
MITREへのリンク →
Score: 38.98
Matched TTPs:
- T1666 - Modify Cloud Resource Hierarchy
- T1109 - Component Firmware
- T1560.003 - Archive via Custom Method
- T1685.004 - Disable or Modify Linux Audit System Log
- T1098.007 - Additional Local or Domain Groups
- T1547.005 - Security Support Provider
- T1609 - Container Administration Command
- T1083 - File and Directory Discovery
- T1087.004 - Cloud Account
- T1556.008 - Network Provider DLL
- T1597 - Search Closed Sources
- T1027 - Obfuscated Files or Information
- T1565.002 - Transmitted Data Manipulation
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1666 - Modify Cloud Resource Hierarchy
MITREへのリンク →
Score: 20.15
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1099 - Timestomp
- T1003.007 - Proc Filesystem
- T1131 - Authentication Package
- T1597 - Search Closed Sources
- T1218.001 - Compiled HTML File
- T1027.004 - Compile After Delivery
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 24.24
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1098.007 - Additional Local or Domain Groups
- T1547.005 - Security Support Provider
- T1131 - Authentication Package
- T1555.003 - Credentials from Web Browsers
- T1055.013 - Process Doppelgänging
- T1592.004 - Client Configurations
- T1087.004 - Cloud Account
- T1027.014 - Polymorphic Code
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 6.11
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1055.013 - Process Doppelgänging
- T1597 - Search Closed Sources
MITREへのリンク →
Score: 7.97
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1055.013 - Process Doppelgänging
- T1597 - Search Closed Sources
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 7.12
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1090 - Proxy
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 16.83
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1518.002 - Backup Software Discovery
- T1547.011 - Plist Modification
- T1087.004 - Cloud Account
- T1597 - Search Closed Sources
- T1027.004 - Compile After Delivery
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 15.82
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1003.007 - Proc Filesystem
- T1098.007 - Additional Local or Domain Groups
- T1110.003 - Password Spraying
- T1218.001 - Compiled HTML File
- T1027.004 - Compile After Delivery
MITREへのリンク →
Score: 14.71
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1098.007 - Additional Local or Domain Groups
- T1055.013 - Process Doppelgänging
- T1090 - Proxy
- T1087.004 - Cloud Account
- T1218.001 - Compiled HTML File
MITREへのリンク →
Score: 6.58
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1547.011 - Plist Modification
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 26.52
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1586.003 - Cloud Accounts
- T1098.007 - Additional Local or Domain Groups
- T1547.005 - Security Support Provider
- T1131 - Authentication Package
- T1183 - Image File Execution Options Injection
- T1087.004 - Cloud Account
- T1597 - Search Closed Sources
- T1027.004 - Compile After Delivery
- T1565.002 - Transmitted Data Manipulation
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 8.10
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1195.001 - Compromise Software Dependencies and Development Tools
- T1098.007 - Additional Local or Domain Groups
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 20.24
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1560.003 - Archive via Custom Method
- T1527 - Application Access Token
- T1098.007 - Additional Local or Domain Groups
- T1016.002 - Wi-Fi Discovery
- T1597 - Search Closed Sources
- T1027 - Obfuscated Files or Information
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 18.05
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1195.001 - Compromise Software Dependencies and Development Tools
- T1098.007 - Additional Local or Domain Groups
- T1009 - Binary Padding
- T1055.013 - Process Doppelgänging
- T1027 - Obfuscated Files or Information
- T1573 - Encrypted Channel
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 20.93
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1195.001 - Compromise Software Dependencies and Development Tools
- T1518.002 - Backup Software Discovery
- T1598.004 - Spearphishing Voice
- T1027.014 - Polymorphic Code
- T1573 - Encrypted Channel
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 3.95
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1087.004 - Cloud Account
MITREへのリンク →
Score: 48.33
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1109 - Component Firmware
- T1213.006 - Databases
- T1003.007 - Proc Filesystem
- T1098.007 - Additional Local or Domain Groups
- T1009 - Binary Padding
- T1131 - Authentication Package
- T1555.003 - Credentials from Web Browsers
- T1183 - Image File Execution Options Injection
- T1546.008 - Accessibility Features
- T1609 - Container Administration Command
- T1087.004 - Cloud Account
- T1597 - Search Closed Sources
- T1027.014 - Polymorphic Code
- T1027.004 - Compile After Delivery
- T1565.002 - Transmitted Data Manipulation
- T1601.001 - Patch System Image
- T1003.003 - NTDS
MITREへのリンク →
Score: 10.92
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1003.007 - Proc Filesystem
- T1183 - Image File Execution Options Injection
- T1597 - Search Closed Sources
- T1027 - Obfuscated Files or Information
MITREへのリンク →
Score: 8.37
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1101 - Security Support Provider
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 27.59
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1098.007 - Additional Local or Domain Groups
- T1555.003 - Credentials from Web Browsers
- T1183 - Image File Execution Options Injection
- T1055.013 - Process Doppelgänging
- T1087.004 - Cloud Account
- T1169 - Sudo
- T1136.003 - Cloud Account
- T1565.002 - Transmitted Data Manipulation
- T1055.005 - Thread Local Storage
MITREへのリンク →
Score: 7.94
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1109 - Component Firmware
- T1565.002 - Transmitted Data Manipulation
MITREへのリンク →
Score: 15.18
Matched TTPs:
- T1546.013 - PowerShell Profile
- T1109 - Component Firmware
- T1098.007 - Additional Local or Domain Groups
- T1547.005 - Security Support Provider
- T1183 - Image File Execution Options Injection
- T1609 - Container Administration Command
MITREへのリンク →
Score: 8.45
Matched TTPs:
- T1109 - Component Firmware
- T1087.004 - Cloud Account
- T1574.009 - Path Interception by Unquoted Path
MITREへのリンク →
Score: 29.31
Matched TTPs:
- T1109 - Component Firmware
- T1484.002 - Trust Modification
- T1098.007 - Additional Local or Domain Groups
- T1016.002 - Wi-Fi Discovery
- T1555.003 - Credentials from Web Browsers
- T1183 - Image File Execution Options Injection
- T1546.008 - Accessibility Features
- T1087.004 - Cloud Account
- T1027 - Obfuscated Files or Information
- T1573 - Encrypted Channel
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 5.78
Matched TTPs:
- T1109 - Component Firmware
- T1099 - Timestomp
MITREへのリンク →
Score: 6.84
Matched TTPs:
- T1109 - Component Firmware
- T1098.007 - Additional Local or Domain Groups
- T1183 - Image File Execution Options Injection
MITREへのリンク →
Score: 26.83
Matched TTPs:
- T1099 - Timestomp
- T1586.003 - Cloud Accounts
- T1098.007 - Additional Local or Domain Groups
- T1016.002 - Wi-Fi Discovery
- T1547.005 - Security Support Provider
- T1009 - Binary Padding
- T1555.003 - Credentials from Web Browsers
- T1183 - Image File Execution Options Injection
- T1597 - Search Closed Sources
- T1027 - Obfuscated Files or Information
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 11.34
Matched TTPs:
- T1099 - Timestomp
- T1098.007 - Additional Local or Domain Groups
- T1547.005 - Security Support Provider
- T1183 - Image File Execution Options Injection
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 21.16
Matched TTPs:
- T1099 - Timestomp
- T1527 - Application Access Token
- T1098.007 - Additional Local or Domain Groups
- T1090 - Proxy
- T1087.004 - Cloud Account
- T1554 - Compromise Host Software Binary
- T1597 - Search Closed Sources
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 6.06
Matched TTPs:
- T1099 - Timestomp
- T1098.007 - Additional Local or Domain Groups
- T1597 - Search Closed Sources
MITREへのリンク →
Score: 17.45
Matched TTPs:
- T1099 - Timestomp
- T1560.003 - Archive via Custom Method
- T1584.008 - Network Devices
- T1547.005 - Security Support Provider
- T1555.003 - Credentials from Web Browsers
- T1134.001 - Token Impersonation/Theft
MITREへのリンク →
Score: 8.64
Matched TTPs:
- T1099 - Timestomp
- T1555.003 - Credentials from Web Browsers
- T1055.008 - Ptrace System Calls
MITREへのリンク →
Score: 25.14
Matched TTPs:
- T1099 - Timestomp
- T1560.003 - Archive via Custom Method
- T1003.007 - Proc Filesystem
- T1556.002 - Password Filter DLL
- T1547.005 - Security Support Provider
- T1555.003 - Credentials from Web Browsers
- T1083 - File and Directory Discovery
- T1584.002 - DNS Server
MITREへのリンク →
Score: 6.95
Matched TTPs:
- T1099 - Timestomp
- T1027 - Obfuscated Files or Information
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 4.54
Matched TTPs:
- T1682 - Query Public AI Services
MITREへのリンク →
Score: 20.62
Matched TTPs:
- T1560.003 - Archive via Custom Method
- T1584.008 - Network Devices
- T1195.001 - Compromise Software Dependencies and Development Tools
- T1177 - LSASS Driver
- T1027 - Obfuscated Files or Information
- T1573 - Encrypted Channel
- T1574.009 - Path Interception by Unquoted Path
MITREへのリンク →
Score: 11.29
Matched TTPs:
- T1560.003 - Archive via Custom Method
- T1547.011 - Plist Modification
- T1177 - LSASS Driver
- T1087.004 - Cloud Account
MITREへのリンク →
Score: 5.52
Matched TTPs:
- T1584.008 - Network Devices
- T1573 - Encrypted Channel
MITREへのリンク →
Score: 9.08
Matched TTPs:
- T1584.008 - Network Devices
- T1555.003 - Credentials from Web Browsers
- T1547.011 - Plist Modification
- T1087.004 - Cloud Account
MITREへのリンク →
Score: 19.96
Matched TTPs:
- T1584.008 - Network Devices
- T1098.007 - Additional Local or Domain Groups
- T1009 - Binary Padding
- T1555.003 - Credentials from Web Browsers
- T1055.013 - Process Doppelgänging
- T1531 - Account Access Removal
- T1573 - Encrypted Channel
- T1027.004 - Compile After Delivery
MITREへのリンク →
Score: 20.00
Matched TTPs:
- T1584.008 - Network Devices
- T1195.001 - Compromise Software Dependencies and Development Tools
- T1003.007 - Proc Filesystem
- T1055.013 - Process Doppelgänging
- T1198 - SIP and Trust Provider Hijacking
- T1090 - Proxy
- T1087.004 - Cloud Account
MITREへのリンク →
Score: 8.13
Matched TTPs:
- T1584.008 - Network Devices
- T1555.003 - Credentials from Web Browsers
- T1087.004 - Cloud Account
- T1597 - Search Closed Sources
MITREへのリンク →
Score: 8.20
Matched TTPs:
- T1584.008 - Network Devices
- T1180 - Screensaver
- T1555.003 - Credentials from Web Browsers
MITREへのリンク →
Score: 10.70
Matched TTPs:
- T1584.008 - Network Devices
- T1527 - Application Access Token
- T1098.007 - Additional Local or Domain Groups
- T1547.011 - Plist Modification
MITREへのリンク →
Score: 12.24
Matched TTPs:
- T1584.008 - Network Devices
- T1098.007 - Additional Local or Domain Groups
- T1555.003 - Credentials from Web Browsers
- T1573 - Encrypted Channel
- T1574.009 - Path Interception by Unquoted Path
MITREへのリンク →
Score: 14.13
Matched TTPs:
- T1584.008 - Network Devices
- T1183 - Image File Execution Options Injection
- T1083 - File and Directory Discovery
- T1087.004 - Cloud Account
- T1597 - Search Closed Sources
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 13.03
Matched TTPs:
- T1584.008 - Network Devices
- T1195.001 - Compromise Software Dependencies and Development Tools
- T1555.003 - Credentials from Web Browsers
- T1597 - Search Closed Sources
- T1003.003 - NTDS
MITREへのリンク →
Score: 9.11
Matched TTPs:
- T1195.001 - Compromise Software Dependencies and Development Tools
- T1003.007 - Proc Filesystem
- T1087.004 - Cloud Account
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 17.77
Matched TTPs:
- T1195.001 - Compromise Software Dependencies and Development Tools
- T1003.007 - Proc Filesystem
- T1098.007 - Additional Local or Domain Groups
- T1009 - Binary Padding
- T1555.003 - Credentials from Web Browsers
- T1055.013 - Process Doppelgänging
- T1592.002 - Software
MITREへのリンク →
Score: 13.91
Matched TTPs:
- T1195.001 - Compromise Software Dependencies and Development Tools
- T1555.003 - Credentials from Web Browsers
- T1547.011 - Plist Modification
- T1055.013 - Process Doppelgänging
- T1087.004 - Cloud Account
- T1027.004 - Compile After Delivery
MITREへのリンク →
Score: 11.93
Matched TTPs:
- T1195.001 - Compromise Software Dependencies and Development Tools
- T1555.003 - Credentials from Web Browsers
- T1090 - Proxy
- T1136.003 - Cloud Account
MITREへのリンク →
Score: 15.99
Matched TTPs:
- T1685.004 - Disable or Modify Linux Audit System Log
- T1027 - Obfuscated Files or Information
- T1027.014 - Polymorphic Code
- T1565.002 - Transmitted Data Manipulation
- T1055.009 - Proc Memory
MITREへのリンク →
Score: 18.55
Matched TTPs:
- T1484.002 - Trust Modification
- T1098.007 - Additional Local or Domain Groups
- T1555.003 - Credentials from Web Browsers
- T1183 - Image File Execution Options Injection
- T1087.004 - Cloud Account
- T1554 - Compromise Host Software Binary
- T1027.014 - Polymorphic Code
MITREへのリンク →
Score: 10.32
Matched TTPs:
- T1180 - Screensaver
- T1009 - Binary Padding
- T1597 - Search Closed Sources
- T1027.004 - Compile After Delivery
MITREへのリンク →
Score: 22.68
Matched TTPs:
- T1180 - Screensaver
- T1098.007 - Additional Local or Domain Groups
- T1009 - Binary Padding
- T1555.003 - Credentials from Web Browsers
- T1590 - Gather Victim Network Information
- T1597 - Search Closed Sources
- T1027 - Obfuscated Files or Information
- T1493 - Transmitted Data Manipulation
MITREへのリンク →
Score: 10.51
Matched TTPs:
- T1003.007 - Proc Filesystem
- T1592.004 - Client Configurations
- T1597 - Search Closed Sources
- T1027.004 - Compile After Delivery
MITREへのリンク →
Score: 12.02
Matched TTPs:
- T1003.007 - Proc Filesystem
- T1098.007 - Additional Local or Domain Groups
- T1009 - Binary Padding
- T1110.003 - Password Spraying
- T1597 - Search Closed Sources
MITREへのリンク →
Score: 6.18
Matched TTPs:
- T1003.007 - Proc Filesystem
- T1597 - Search Closed Sources
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 6.33
Matched TTPs:
- T1003.007 - Proc Filesystem
- T1098.007 - Additional Local or Domain Groups
- T1183 - Image File Execution Options Injection
MITREへのリンク →
Score: 10.61
Matched TTPs:
- T1556.002 - Password Filter DLL
- T1009 - Binary Padding
- T1597 - Search Closed Sources
- T1027.004 - Compile After Delivery
MITREへのリンク →
Score: 8.68
Matched TTPs:
- T1137.005 - Outlook Rules
- T1597 - Search Closed Sources
- T1027 - Obfuscated Files or Information
MITREへのリンク →
Score: 17.97
Matched TTPs:
- T1586.003 - Cloud Accounts
- T1009 - Binary Padding
- T1555.003 - Credentials from Web Browsers
- T1134.001 - Token Impersonation/Theft
- T1087.004 - Cloud Account
- T1597 - Search Closed Sources
- T1027 - Obfuscated Files or Information
MITREへのリンク →
Score: 11.32
Matched TTPs:
- T1098.007 - Additional Local or Domain Groups
- T1027 - Obfuscated Files or Information
- T1486 - Data Encrypted for Impact
- T1565.002 - Transmitted Data Manipulation
MITREへのリンク →
Score: 5.83
Matched TTPs:
- T1098.007 - Additional Local or Domain Groups
- T1087.004 - Cloud Account
- T1027.004 - Compile After Delivery
MITREへのリンク →
Score: 21.33
Matched TTPs:
- T1098.007 - Additional Local or Domain Groups
- T1009 - Binary Padding
- T1183 - Image File Execution Options Injection
- T1547.011 - Plist Modification
- T1087.004 - Cloud Account
- T1069.001 - Local Groups
- T1597 - Search Closed Sources
- T1055.005 - Thread Local Storage
MITREへのリンク →
Score: 3.80
Matched TTPs:
- T1098.007 - Additional Local or Domain Groups
- T1183 - Image File Execution Options Injection
MITREへのリンク →
Score: 11.09
Matched TTPs:
- T1098.007 - Additional Local or Domain Groups
- T1183 - Image File Execution Options Injection
- T1546.008 - Accessibility Features
- T1609 - Container Administration Command
MITREへのリンク →
Score: 3.28
Matched TTPs:
- T1098.007 - Additional Local or Domain Groups
- T1555.003 - Credentials from Web Browsers
MITREへのリンク →
Score: 9.07
Matched TTPs:
- T1098.007 - Additional Local or Domain Groups
- T1183 - Image File Execution Options Injection
- T1027 - Obfuscated Files or Information
- T1573 - Encrypted Channel
MITREへのリンク →
Score: 11.16
Matched TTPs:
- T1098.007 - Additional Local or Domain Groups
- T1555.003 - Credentials from Web Browsers
- T1183 - Image File Execution Options Injection
- T1087.004 - Cloud Account
- T1218.001 - Compiled HTML File
MITREへのリンク →
Score: 13.09
Matched TTPs:
- T1016.002 - Wi-Fi Discovery
- T1090 - Proxy
- T1027.004 - Compile After Delivery
- T1055.009 - Proc Memory
MITREへのリンク →
Score: 10.21
Matched TTPs:
- T1547.005 - Security Support Provider
- T1609 - Container Administration Command
- T1556.008 - Network Provider DLL
MITREへのリンク →
Score: 6.19
Matched TTPs:
- T1009 - Binary Padding
- T1110.003 - Password Spraying
MITREへのリンク →
Score: 4.11
Matched TTPs:
- T1009 - Binary Padding
- T1555.003 - Credentials from Web Browsers
MITREへのリンク →
Score: 12.39
Matched TTPs:
- T1009 - Binary Padding
- T1555.003 - Credentials from Web Browsers
- T1183 - Image File Execution Options Injection
- T1597 - Search Closed Sources
- T1027 - Obfuscated Files or Information
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 4.14
Matched TTPs:
- T1009 - Binary Padding
- T1597 - Search Closed Sources
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1131 - Authentication Package
MITREへのリンク →
Score: 7.80
Matched TTPs:
- T1555.003 - Credentials from Web Browsers
- T1177 - LSASS Driver
- T1027.014 - Polymorphic Code
MITREへのリンク →
Score: 9.26
Matched TTPs:
- T1555.003 - Credentials from Web Browsers
- T1177 - LSASS Driver
- T1055.013 - Process Doppelgänging
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 6.85
Matched TTPs:
- T1555.003 - Credentials from Web Browsers
- T1547.011 - Plist Modification
- T1027.004 - Compile After Delivery
MITREへのリンク →
Score: 5.09
Matched TTPs:
- T1547.011 - Plist Modification
- T1055.013 - Process Doppelgänging
MITREへのリンク →
Score: 4.31
Matched TTPs:
- T1055.013 - Process Doppelgänging
- T1087.004 - Cloud Account
MITREへのリンク →
Score: 6.95
Matched TTPs:
- T1055.013 - Process Doppelgänging
- T1027.014 - Polymorphic Code
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 4.68
Matched TTPs:
- T1055.013 - Process Doppelgänging
- T1027.004 - Compile After Delivery
MITREへのリンク →
Score: 11.60
Matched TTPs:
- T1083 - File and Directory Discovery
- T1597 - Search Closed Sources
- T1027 - Obfuscated Files or Information
- T1055.009 - Proc Memory
MITREへのリンク →
Score: 7.10
Matched TTPs:
- T1597 - Search Closed Sources
- T1574.009 - Path Interception by Unquoted Path
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1531 - Account Access Removal
MITREへのリンク →
Score: 4.61
Matched TTPs:
- T1027.014 - Polymorphic Code
- T1601.001 - Patch System Image
MITREへのリンク →
Score: 4.79
Matched TTPs:
- T1573 - Encrypted Channel
- T1601.001 - Patch System Image
MITREへのリンク →
このPulseに関連する脅威アクター (推論ベース)
Score: 0.70
Matched TTPs:
- T1098.007 - Additional Local or Domain Groups
- T1601.001 - Patch System Image
- T1109 - Component Firmware
- T1131 - Authentication Package
- T1003.007 - Proc Filesystem
- T1009 - Binary Padding
- T1546.013 - PowerShell Profile
- T1555.003 - Credentials from Web Browsers
- T1183 - Image File Execution Options Injection
- T1597 - Search Closed Sources
- T1027.004 - Compile After Delivery
- T1546.008 - Accessibility Features
- T1565.002 - Transmitted Data Manipulation
- T1609 - Container Administration Command
- T1027.014 - Polymorphic Code
- T1003.003 - NTDS
- T1087.004 - Cloud Account
- T1213.006 - Databases
MITREへのリンク →
Score: 0.56
Matched TTPs:
- T1556.008 - Network Provider DLL
- T1685.004 - Disable or Modify Linux Audit System Log
- T1098.007 - Additional Local or Domain Groups
- T1560.003 - Archive via Custom Method
- T1027 - Obfuscated Files or Information
- T1609 - Container Administration Command
- T1109 - Component Firmware
- T1597 - Search Closed Sources
- T1547.005 - Security Support Provider
- T1565.002 - Transmitted Data Manipulation
- T1666 - Modify Cloud Resource Hierarchy
- T1083 - File and Directory Discovery
- T1087.004 - Cloud Account
MITREへのリンク →
Related CVEs
このPulseに見つかったCVEはありません。
Pulse – 脅威アクター グラフ
← Pulse一覧に戻る
Trusted Design