Trusted Design

SilabRAT, What's Your Power?

概要

SilabRAT is an advanced Remote Access Trojan offered as Malware-as-a-Service on Darkweb forums since late 2025, developed by threat actor o1oo1 and sold for $5,000 monthly. This financially-motivated tool focuses on credential theft and cryptocurrency operations, featuring Hidden Virtual Network Computing for invisible remote control, browser profile cloning to bypass session protections, and automated cryptocurrency wallet password cracking. The RAT bypasses Chrome App-Bound Encryption, performs session hijacking, and includes keylogging, clipboard monitoring, and remote desktop capabilities. Distributed through phishing and ClickFix campaigns with operator-hosted infrastructure, SilabRAT uses ChaCha20-Poly1305 encryption for command-and-control communications. The developer also offers AsmCrypt, a companion crypter service, creating a complete malware bundle from evasion to execution and remote control.

Created: 2026-06-10

Indicators

類似Pulses

類似するPulseは見つかりませんでした。

このPulseに関連する脅威アクター (事実ベース)

APT28

Score: 21.08
Matched TTPs:
  • T1222.002 - Linux and Mac Permissions
  • T1098.007 - Additional Local or Domain Groups
  • T1131 - Authentication Package
  • T1555.003 - Credentials from Web Browsers
  • T1547.011 - Plist Modification
  • T1608.005 - Link Target
  • T1218.010 - Regsvr32
  • T1055.008 - Ptrace System Calls
MITREへのリンク →

APT29

Score: 30.26
Matched TTPs:
  • T1222.002 - Linux and Mac Permissions
  • T1099 - Timestomp
  • T1584.008 - Network Devices
  • T1202 - Indirect Command Execution
  • T1555.003 - Credentials from Web Browsers
  • T1547.011 - Plist Modification
  • T1608.005 - Link Target
  • T1556.008 - Network Provider DLL
  • T1218.010 - Regsvr32
  • T1027.004 - Compile After Delivery
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

Andariel

Score: 5.34
Matched TTPs:
  • T1171 - LLMNR/NBT-NS Poisoning and Relay
  • T1218.010 - Regsvr32
MITREへのリンク →

Magic Hound

Score: 30.65
Matched TTPs:
  • T1171 - LLMNR/NBT-NS Poisoning and Relay
  • T1099 - Timestomp
  • T1098.007 - Additional Local or Domain Groups
  • T1016.002 - Wi-Fi Discovery
  • T1547.005 - Security Support Provider
  • T1009 - Binary Padding
  • T1555.003 - Credentials from Web Browsers
  • T1590.006 - Network Security Appliances
  • T1608.005 - Link Target
  • T1597 - Search Closed Sources
  • T1562.001 - Disable or Modify Tools
  • T1027 - Obfuscated Files or Information
  • T1601.001 - Patch System Image
MITREへのリンク →

HAFNIUM

Score: 15.97
Matched TTPs:
  • T1171 - LLMNR/NBT-NS Poisoning and Relay
  • T1099 - Timestomp
  • T1555.003 - Credentials from Web Browsers
  • T1590.006 - Network Security Appliances
  • T1608.005 - Link Target
  • T1055.008 - Ptrace System Calls
MITREへのリンク →

Turla

Score: 21.11
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1099 - Timestomp
  • T1131 - Authentication Package
  • T1590.006 - Network Security Appliances
  • T1608.005 - Link Target
  • T1597 - Search Closed Sources
  • T1218.001 - Compiled HTML File
  • T1027.004 - Compile After Delivery
  • T1601.001 - Patch System Image
MITREへのリンク →

APT32

Score: 29.23
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1115 - Clipboard Data
  • T1098.007 - Additional Local or Domain Groups
  • T1547.005 - Security Support Provider
  • T1131 - Authentication Package
  • T1555.003 - Credentials from Web Browsers
  • T1590.006 - Network Security Appliances
  • T1608.005 - Link Target
  • T1562.001 - Disable or Modify Tools
  • T1027.014 - Polymorphic Code
  • T1218.010 - Regsvr32
  • T1601.001 - Patch System Image
  • T1556 - Modify Authentication Process
MITREへのリンク →

Saint Bear

Score: 9.33
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1608.005 - Link Target
  • T1597 - Search Closed Sources
  • T1218.010 - Regsvr32
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

FIN6

Score: 8.38
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1597 - Search Closed Sources
  • T1601.001 - Patch System Image
  • T1556 - Modify Authentication Process
MITREへのリンク →

Sidewinder

Score: 10.09
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1590.006 - Network Security Appliances
  • T1090 - Proxy
  • T1218.010 - Regsvr32
  • T1601.001 - Patch System Image
MITREへのリンク →

MoustachedBouncer

Score: 4.03
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

MuddyWater

Score: 18.22
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1547.011 - Plist Modification
  • T1590.006 - Network Security Appliances
  • T1051 - Shared Webroot
  • T1608.005 - Link Target
  • T1597 - Search Closed Sources
  • T1218.010 - Regsvr32
  • T1027.004 - Compile After Delivery
  • T1601.001 - Patch System Image
MITREへのリンク →

Earth Lusca

Score: 16.78
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1098.007 - Additional Local or Domain Groups
  • T1110.003 - Password Spraying
  • T1590.006 - Network Security Appliances
  • T1608.005 - Link Target
  • T1218.001 - Compiled HTML File
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Winter Vivern

Score: 10.40
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1098.007 - Additional Local or Domain Groups
  • T1090 - Proxy
  • T1218.001 - Compiled HTML File
MITREへのリンク →

Silence

Score: 8.98
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1547.011 - Plist Modification
  • T1562.001 - Disable or Modify Tools
  • T1601.001 - Patch System Image
MITREへのリンク →

Contagious Interview

Score: 26.99
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1098.007 - Additional Local or Domain Groups
  • T1547.005 - Security Support Provider
  • T1131 - Authentication Package
  • T1021.006 - Windows Remote Management
  • T1608.005 - Link Target
  • T1597 - Search Closed Sources
  • T1562.001 - Disable or Modify Tools
  • T1027.004 - Compile After Delivery
  • T1601.001 - Patch System Image
  • T1556 - Modify Authentication Process
MITREへのリンク →

LazyScripter

Score: 10.11
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1098.007 - Additional Local or Domain Groups
  • T1608.005 - Link Target
  • T1601.001 - Patch System Image
MITREへのリンク →

TA505

Score: 24.82
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1560.003 - Archive via Custom Method
  • T1527 - Application Access Token
  • T1098.007 - Additional Local or Domain Groups
  • T1016.002 - Wi-Fi Discovery
  • T1051 - Shared Webroot
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
  • T1601.001 - Patch System Image
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

FIN7

Score: 23.85
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1115 - Clipboard Data
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1608.005 - Link Target
  • T1562.001 - Disable or Modify Tools
  • T1027 - Obfuscated Files or Information
  • T1065 - Uncommonly Used Port
  • T1601.001 - Patch System Image
MITREへのリンク →

Cobalt Group

Score: 15.36
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1598.004 - Spearphishing Voice
  • T1027.014 - Polymorphic Code
  • T1218.010 - Regsvr32
  • T1601.001 - Patch System Image
MITREへのリンク →

Higaisa

Score: 7.77
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1590.006 - Network Security Appliances
  • T1218.010 - Regsvr32
  • T1665 - Hide Infrastructure
MITREへのリンク →

Kimsuky

Score: 38.50
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1213.006 - Databases
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1131 - Authentication Package
  • T1555.003 - Credentials from Web Browsers
  • T1590.006 - Network Security Appliances
  • T1609 - Container Administration Command
  • T1051 - Shared Webroot
  • T1608.005 - Link Target
  • T1597 - Search Closed Sources
  • T1027.014 - Polymorphic Code
  • T1027.004 - Compile After Delivery
  • T1601.001 - Patch System Image
  • T1537 - Transfer Data to Cloud Account
  • T1665 - Hide Infrastructure
MITREへのリンク →

Indrik Spider

Score: 8.63
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1051 - Shared Webroot
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

Leafminer

Score: 6.36
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1051 - Shared Webroot
  • T1601.001 - Patch System Image
MITREへのリンク →

Mustang Panda

Score: 25.78
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1098.007 - Additional Local or Domain Groups
  • T1555.003 - Credentials from Web Browsers
  • T1590.006 - Network Security Appliances
  • T1608.005 - Link Target
  • T1169 - Sudo
  • T1136.003 - Cloud Account
  • T1218.010 - Regsvr32
  • T1055.005 - Thread Local Storage
  • T1556 - Modify Authentication Process
MITREへのリンク →

TA578

Score: 3.99
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1608.005 - Link Target
MITREへのリンク →

Star Blizzard

Score: 9.86
Matched TTPs:
  • T1546.013 - PowerShell Profile
  • T1098.007 - Additional Local or Domain Groups
  • T1547.005 - Security Support Provider
  • T1609 - Container Administration Command
MITREへのリンク →

HEXANE

Score: 14.15
Matched TTPs:
  • T1099 - Timestomp
  • T1098.007 - Additional Local or Domain Groups
  • T1547.005 - Security Support Provider
  • T1590.006 - Network Security Appliances
  • T1065 - Uncommonly Used Port
  • T1601.001 - Patch System Image
MITREへのリンク →

Gamaredon Group

Score: 23.60
Matched TTPs:
  • T1099 - Timestomp
  • T1527 - Application Access Token
  • T1098.007 - Additional Local or Domain Groups
  • T1090 - Proxy
  • T1608.005 - Link Target
  • T1554 - Compromise Host Software Binary
  • T1597 - Search Closed Sources
  • T1562.001 - Disable or Modify Tools
  • T1601.001 - Patch System Image
MITREへのリンク →

TA2541

Score: 10.13
Matched TTPs:
  • T1099 - Timestomp
  • T1098.007 - Additional Local or Domain Groups
  • T1608.005 - Link Target
  • T1597 - Search Closed Sources
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

Lotus Blossom

Score: 4.22
Matched TTPs:
  • T1099 - Timestomp
  • T1590.006 - Network Security Appliances
MITREへのリンク →

FIN13

Score: 21.44
Matched TTPs:
  • T1099 - Timestomp
  • T1560.003 - Archive via Custom Method
  • T1584.008 - Network Devices
  • T1547.005 - Security Support Provider
  • T1555.003 - Credentials from Web Browsers
  • T1590.006 - Network Security Appliances
  • T1051 - Shared Webroot
  • T1134.001 - Token Impersonation/Theft
MITREへのリンク →

Volt Typhoon

Score: 36.43
Matched TTPs:
  • T1099 - Timestomp
  • T1560.003 - Archive via Custom Method
  • T1686.003 - Windows Host Firewall
  • T1556.002 - Password Filter DLL
  • T1547.005 - Security Support Provider
  • T1555.003 - Credentials from Web Browsers
  • T1590.006 - Network Security Appliances
  • T1083 - File and Directory Discovery
  • T1584.002 - DNS Server
  • T1065 - Uncommonly Used Port
  • T1537 - Transfer Data to Cloud Account
  • T1665 - Hide Infrastructure
MITREへのリンク →

FIN8

Score: 9.70
Matched TTPs:
  • T1099 - Timestomp
  • T1027 - Obfuscated Files or Information
  • T1601.001 - Patch System Image
  • T1556 - Modify Authentication Process
MITREへのリンク →

APT41

Score: 15.98
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1584.008 - Network Devices
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1590.006 - Network Security Appliances
  • T1027 - Obfuscated Files or Information
  • T1218.010 - Regsvr32
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

Scattered Spider

Score: 30.90
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1685.004 - Disable or Modify Linux Audit System Log
  • T1098.007 - Additional Local or Domain Groups
  • T1547.005 - Security Support Provider
  • T1590.006 - Network Security Appliances
  • T1609 - Container Administration Command
  • T1083 - File and Directory Discovery
  • T1051 - Shared Webroot
  • T1556.008 - Network Provider DLL
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

APT3

Score: 13.57
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1547.011 - Plist Modification
  • T1590.006 - Network Security Appliances
  • T1051 - Shared Webroot
  • T1218.010 - Regsvr32
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

GALLIUM

Score: 10.63
Matched TTPs:
  • T1584.008 - Network Devices
  • T1555.003 - Credentials from Web Browsers
  • T1547.011 - Plist Modification
  • T1590.006 - Network Security Appliances
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

Dragonfly

Score: 16.55
Matched TTPs:
  • T1584.008 - Network Devices
  • T1115 - Clipboard Data
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1555.003 - Credentials from Web Browsers
  • T1590.006 - Network Security Appliances
  • T1218.010 - Regsvr32
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Ke3chang

Score: 14.63
Matched TTPs:
  • T1584.008 - Network Devices
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1590.006 - Network Security Appliances
  • T1198 - SIP and Trust Provider Hijacking
  • T1090 - Proxy
MITREへのリンク →

Agrius

Score: 6.15
Matched TTPs:
  • T1584.008 - Network Devices
  • T1555.003 - Credentials from Web Browsers
  • T1597 - Search Closed Sources
MITREへのリンク →

APT5

Score: 8.20
Matched TTPs:
  • T1584.008 - Network Devices
  • T1180 - Screensaver
  • T1555.003 - Credentials from Web Browsers
MITREへのリンク →

menuPass

Score: 12.17
Matched TTPs:
  • T1584.008 - Network Devices
  • T1527 - Application Access Token
  • T1098.007 - Additional Local or Domain Groups
  • T1547.011 - Plist Modification
  • T1590.006 - Network Security Appliances
MITREへのリンク →

Threat Group-3390

Score: 17.77
Matched TTPs:
  • T1584.008 - Network Devices
  • T1115 - Clipboard Data
  • T1098.007 - Additional Local or Domain Groups
  • T1555.003 - Credentials from Web Browsers
  • T1590.006 - Network Security Appliances
  • T1218.010 - Regsvr32
  • T1537 - Transfer Data to Cloud Account
  • T1591.001 - Determine Physical Locations
MITREへのリンク →

Wizard Spider

Score: 14.09
Matched TTPs:
  • T1584.008 - Network Devices
  • T1590.006 - Network Security Appliances
  • T1083 - File and Directory Discovery
  • T1597 - Search Closed Sources
  • T1601.001 - Patch System Image
  • T1556 - Modify Authentication Process
MITREへのリンク →

Ember Bear

Score: 15.32
Matched TTPs:
  • T1584.008 - Network Devices
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1555.003 - Credentials from Web Browsers
  • T1051 - Shared Webroot
  • T1597 - Search Closed Sources
  • T1562.001 - Disable or Modify Tools
  • T1218.010 - Regsvr32
MITREへのリンク →

Chimera

Score: 8.91
Matched TTPs:
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1590.006 - Network Security Appliances
  • T1601.001 - Patch System Image
  • T1665 - Hide Infrastructure
MITREへのリンク →

OilRig

Score: 20.45
Matched TTPs:
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1566.001 - Spearphishing Attachment
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1555.003 - Credentials from Web Browsers
  • T1590.006 - Network Security Appliances
  • T1051 - Shared Webroot
  • T1218.010 - Regsvr32
  • T1556 - Modify Authentication Process
MITREへのリンク →

APT39

Score: 15.50
Matched TTPs:
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1566.001 - Spearphishing Attachment
  • T1555.003 - Credentials from Web Browsers
  • T1547.011 - Plist Modification
  • T1027.004 - Compile After Delivery
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

Tropic Trooper

Score: 17.73
Matched TTPs:
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1555.003 - Credentials from Web Browsers
  • T1590.006 - Network Security Appliances
  • T1090 - Proxy
  • T1136.003 - Cloud Account
  • T1218.010 - Regsvr32
  • T1665 - Hide Infrastructure
MITREへのリンク →

APT18

Score: 6.59
Matched TTPs:
  • T1195.001 - Compromise Software Dependencies and Development Tools
  • T1591.001 - Determine Physical Locations
MITREへのリンク →

APT42

Score: 7.53
Matched TTPs:
  • T1110.002 - Password Cracking
  • T1098.007 - Additional Local or Domain Groups
  • T1590.006 - Network Security Appliances
MITREへのリンク →

Storm-0501

Score: 15.12
Matched TTPs:
  • T1685.004 - Disable or Modify Linux Audit System Log
  • T1686.003 - Windows Host Firewall
  • T1027 - Obfuscated Files or Information
  • T1027.014 - Polymorphic Code
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

Sandworm Team

Score: 27.52
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1686.003 - Windows Host Firewall
  • T1098.007 - Additional Local or Domain Groups
  • T1016.002 - Wi-Fi Discovery
  • T1555.003 - Credentials from Web Browsers
  • T1562.001 - Disable or Modify Tools
  • T1027 - Obfuscated Files or Information
  • T1218.010 - Regsvr32
  • T1075 - Pass the Hash
  • T1601.001 - Patch System Image
MITREへのリンク →

Leviathan

Score: 15.79
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1098.007 - Additional Local or Domain Groups
  • T1555.003 - Credentials from Web Browsers
  • T1554 - Compromise Host Software Binary
  • T1027.014 - Polymorphic Code
  • T1218.010 - Regsvr32
MITREへのリンク →

Rocke

Score: 14.77
Matched TTPs:
  • T1180 - Screensaver
  • T1009 - Binary Padding
  • T1597 - Search Closed Sources
  • T1562.001 - Disable or Modify Tools
  • T1027.004 - Compile After Delivery
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

APT38

Score: 28.58
Matched TTPs:
  • T1180 - Screensaver
  • T1566.001 - Spearphishing Attachment
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1555.003 - Credentials from Web Browsers
  • T1590 - Gather Victim Network Information
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
  • T1493 - Transmitted Data Manipulation
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

Transparent Tribe

Score: 6.04
Matched TTPs:
  • T1115 - Clipboard Data
  • T1098.007 - Additional Local or Domain Groups
  • T1218.010 - Regsvr32
MITREへのリンク →

LuminousMoth

Score: 3.03
Matched TTPs:
  • T1115 - Clipboard Data
MITREへのリンク →

CURIUM

Score: 9.94
Matched TTPs:
  • T1115 - Clipboard Data
  • T1098.007 - Additional Local or Domain Groups
  • T1555.003 - Credentials from Web Browsers
  • T1218.001 - Compiled HTML File
MITREへのリンク →

Mustard Tempest

Score: 3.03
Matched TTPs:
  • T1115 - Clipboard Data
MITREへのリンク →

UNC3886

Score: 16.24
Matched TTPs:
  • T1556.002 - Password Filter DLL
  • T1009 - Binary Padding
  • T1021.006 - Windows Remote Management
  • T1597 - Search Closed Sources
  • T1218.010 - Regsvr32
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Akira

Score: 8.68
Matched TTPs:
  • T1137.005 - Outlook Rules
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

Storm-1811

Score: 8.40
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1027 - Obfuscated Files or Information
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

IndigoZebra

Score: 3.53
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1608.005 - Link Target
MITREへのリンク →

ZIRCONIUM

Score: 9.39
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1590.006 - Network Security Appliances
  • T1608.005 - Link Target
  • T1027.004 - Compile After Delivery
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

RedEcho

Score: 3.92
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Lazarus Group

Score: 30.02
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1547.011 - Plist Modification
  • T1590.006 - Network Security Appliances
  • T1608.005 - Link Target
  • T1069.001 - Local Groups
  • T1597 - Search Closed Sources
  • T1562.001 - Disable or Modify Tools
  • T1218.010 - Regsvr32
  • T1055.005 - Thread Local Storage
  • T1665 - Hide Infrastructure
  • T1556 - Modify Authentication Process
MITREへのリンク →

EXOTIC LILY

Score: 3.01
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1218.010 - Regsvr32
MITREへのリンク →

Silent Librarian

Score: 4.96
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1609 - Container Administration Command
MITREへのリンク →

Sea Turtle

Score: 4.78
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1555.003 - Credentials from Web Browsers
  • T1218.010 - Regsvr32
MITREへのリンク →

Moonstone Sleet

Score: 5.33
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1590.006 - Network Security Appliances
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

BITTER

Score: 3.01
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1218.010 - Regsvr32
MITREへのリンク →

TeamTNT

Score: 18.38
Matched TTPs:
  • T1098.007 - Additional Local or Domain Groups
  • T1009 - Binary Padding
  • T1110.003 - Password Spraying
  • T1590.006 - Network Security Appliances
  • T1051 - Shared Webroot
  • T1597 - Search Closed Sources
  • T1537 - Transfer Data to Cloud Account
  • T1665 - Hide Infrastructure
MITREへのリンク →

RedCurl

Score: 11.77
Matched TTPs:
  • T1016.002 - Wi-Fi Discovery
  • T1090 - Proxy
  • T1051 - Shared Webroot
  • T1027.004 - Compile After Delivery
MITREへのリンク →

LAPSUS$

Score: 18.37
Matched TTPs:
  • T1547.005 - Security Support Provider
  • T1020 - Automated Exfiltration
  • T1609 - Container Administration Command
  • T1556.008 - Network Provider DLL
  • T1065 - Uncommonly Used Port
MITREへのリンク →

Salt Typhoon

Score: 8.93
Matched TTPs:
  • T1009 - Binary Padding
  • T1110.003 - Password Spraying
  • T1556 - Modify Authentication Process
MITREへのリンク →

Moses Staff

Score: 5.58
Matched TTPs:
  • T1009 - Binary Padding
  • T1555.003 - Credentials from Web Browsers
  • T1590.006 - Network Security Appliances
MITREへのリンク →

ToddyCat

Score: 5.17
Matched TTPs:
  • T1009 - Binary Padding
  • T1665 - Hide Infrastructure
MITREへのリンク →

Medusa Group

Score: 15.64
Matched TTPs:
  • T1009 - Binary Padding
  • T1555.003 - Credentials from Web Browsers
  • T1590.006 - Network Security Appliances
  • T1608.005 - Link Target
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
  • T1601.001 - Patch System Image
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

Velvet Ant

Score: 6.54
Matched TTPs:
  • T1009 - Binary Padding
  • T1597 - Search Closed Sources
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

BlackByte

Score: 13.85
Matched TTPs:
  • T1009 - Binary Padding
  • T1555.003 - Credentials from Web Browsers
  • T1590.006 - Network Security Appliances
  • T1134.001 - Token Impersonation/Theft
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

SilverTerrier

Score: 3.29
Matched TTPs:
  • T1131 - Authentication Package
MITREへのリンク →

Deep Panda

Score: 4.51
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1027.014 - Polymorphic Code
MITREへのリンク →

Fox Kitten

Score: 6.15
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1051 - Shared Webroot
  • T1601.001 - Patch System Image
MITREへのリンク →

Tonto Team

Score: 8.35
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1547.011 - Plist Modification
  • T1218.010 - Regsvr32
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Play

Score: 5.13
Matched TTPs:
  • T1590.006 - Network Security Appliances
  • T1597 - Search Closed Sources
  • T1601.001 - Patch System Image
MITREへのリンク →

APT19

Score: 6.08
Matched TTPs:
  • T1590.006 - Network Security Appliances
  • T1027.014 - Polymorphic Code
  • T1601.001 - Patch System Image
MITREへのリンク →

SideCopy

Score: 5.60
Matched TTPs:
  • T1590.006 - Network Security Appliances
  • T1584.002 - DNS Server
MITREへのリンク →

INC Ransom

Score: 7.76
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

APT33

Score: 9.16
Matched TTPs:
  • T1051 - Shared Webroot
  • T1562.001 - Disable or Modify Tools
  • T1218.010 - Regsvr32
  • T1556 - Modify Authentication Process
MITREへのリンク →

Confucius

Score: 6.34
Matched TTPs:
  • T1608.005 - Link Target
  • T1218.010 - Regsvr32
  • T1665 - Hide Infrastructure
MITREへのリンク →

BRONZE BUTLER

Score: 9.48
Matched TTPs:
  • T1597 - Search Closed Sources
  • T1218.010 - Regsvr32
  • T1027.004 - Compile After Delivery
  • T1591.001 - Determine Physical Locations
MITREへのリンク →

Aquatic Panda

Score: 3.66
Matched TTPs:
  • T1597 - Search Closed Sources
  • T1601.001 - Patch System Image
MITREへのリンク →

WIRTE

Score: 5.14
Matched TTPs:
  • T1562.001 - Disable or Modify Tools
  • T1027.014 - Polymorphic Code
MITREへのリンク →

DarkVishnya

Score: 6.94
Matched TTPs:
  • T1562.001 - Disable or Modify Tools
  • T1213.003 - Code Repositories
MITREへのリンク →

TA551

Score: 4.61
Matched TTPs:
  • T1027.014 - Polymorphic Code
  • T1601.001 - Patch System Image
MITREへのリンク →

Inception

Score: 4.24
Matched TTPs:
  • T1027.014 - Polymorphic Code
  • T1218.010 - Regsvr32
MITREへのリンク →

The White Company

Score: 3.55
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

Patchwork

Score: 8.24
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1601.001 - Patch System Image
  • T1537 - Transfer Data to Cloud Account
  • T1665 - Hide Infrastructure
MITREへのリンク →

APT37

Score: 3.83
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Aoqin Dragon

Score: 3.55
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

Elderwood

Score: 3.55
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1537 - Transfer Data to Cloud Account
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.70
Matched TTPs:
  • T1608.005 - Link Target
  • T1051 - Shared Webroot
  • T1213.006 - Databases
  • T1665 - Hide Infrastructure
  • T1027.014 - Polymorphic Code
  • T1555.003 - Credentials from Web Browsers
  • T1546.013 - PowerShell Profile
  • T1537 - Transfer Data to Cloud Account
  • T1601.001 - Patch System Image
  • T1009 - Binary Padding
  • T1027.004 - Compile After Delivery
  • T1597 - Search Closed Sources
  • T1098.007 - Additional Local or Domain Groups
  • T1590.006 - Network Security Appliances
  • T1609 - Container Administration Command
  • T1131 - Authentication Package
MITREへのリンク →

Volt Typhoon

Score: 0.66
Matched TTPs:
  • T1065 - Uncommonly Used Port
  • T1686.003 - Windows Host Firewall
  • T1083 - File and Directory Discovery
  • T1665 - Hide Infrastructure
  • T1556.002 - Password Filter DLL
  • T1560.003 - Archive via Custom Method
  • T1555.003 - Credentials from Web Browsers
  • T1537 - Transfer Data to Cloud Account
  • T1099 - Timestomp
  • T1584.002 - DNS Server
  • T1590.006 - Network Security Appliances
  • T1547.005 - Security Support Provider
MITREへのリンク →

Scattered Spider

Score: 0.56
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1051 - Shared Webroot
  • T1027 - Obfuscated Files or Information
  • T1560.003 - Archive via Custom Method
  • T1556.008 - Network Provider DLL
  • T1609 - Container Administration Command
  • T1597 - Search Closed Sources
  • T1098.007 - Additional Local or Domain Groups
  • T1590.006 - Network Security Appliances
  • T1685.004 - Disable or Modify Linux Audit System Log
  • T1547.005 - Security Support Provider
MITREへのリンク →

Magic Hound

Score: 0.56
Matched TTPs:
  • T1608.005 - Link Target
  • T1562.001 - Disable or Modify Tools
  • T1016.002 - Wi-Fi Discovery
  • T1027 - Obfuscated Files or Information
  • T1171 - LLMNR/NBT-NS Poisoning and Relay
  • T1555.003 - Credentials from Web Browsers
  • T1099 - Timestomp
  • T1009 - Binary Padding
  • T1597 - Search Closed Sources
  • T1098.007 - Additional Local or Domain Groups
  • T1590.006 - Network Security Appliances
  • T1601.001 - Patch System Image
  • T1547.005 - Security Support Provider
MITREへのリンク →

APT29

Score: 0.55
Matched TTPs:
  • T1608.005 - Link Target
  • T1027.004 - Compile After Delivery
  • T1555.003 - Credentials from Web Browsers
  • T1537 - Transfer Data to Cloud Account
  • T1222.002 - Linux and Mac Permissions
  • T1099 - Timestomp
  • T1556.008 - Network Provider DLL
  • T1218.010 - Regsvr32
  • T1584.008 - Network Devices
  • T1547.011 - Plist Modification
  • T1202 - Indirect Command Execution
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る