Trusted Design

Cryptowall Spam: My Resume Protects All Your Files

概要

Talos has found a new SPAM campaign that is using multiple layers of obfuscation to attempt to evade detection. Spammers are always evolving to get their messages to the end users by bypassing SPAM filters while still appearing convincing enough to get a user to complete the actions required to infect the system. The end payload for this campaign is Cryptowall 3.0. Talos has covered this threat repeatedly and this is another example of how the success of Ransomware has pushed it to one of the top threats we are seeing today. Whether its Exploit Kits or SPAM messages threat actors are pushing as many different variants of Ransomware as possible.

Created: 2026-02-23

Indicators

類似Pulses

CRYPTOWALL 4 - THE EVOLUTION CONTINUES (score: 0.79)
MarsJoke Ransomware Mimics CTB-Locker (score: 0.76)
CryptoWall v4 Emerges Days After Cyber Threat Alliance Report (score: 0.72)
CryptoApp ransomware: changes & active campaign (score: 0.72)
Analysis of a piece of ransomware in development (CryptoApp) (score: 0.72)

このPulseに関連する脅威アクター (事実ベース)

Lazarus Group

Score: 20.28

Matched TTPs:

T1132.001 - Standard Encoding
T1677 - Poisoned Pipeline Execution
T1562.001 - Disable or Modify Tools
T1055.005 - Thread Local Storage
T1105 - Ingress Tool Transfer
T1216 - System Script Proxy Execution

MITREへのリンク →

TA577

Score: 3.84

Matched TTPs:

T1132.001 - Standard Encoding

MITREへのリンク →

Moonstone Sleet

Score: 11.60

Matched TTPs:

T1132.001 - Standard Encoding
T1091 - Replication Through Removable Media
T1027 - Obfuscated Files or Information
T1197 - BITS Jobs

MITREへのリンク →

Mustard Tempest

Score: 6.51

Matched TTPs:

T1682 - Query Public AI Services
T1091 - Replication Through Removable Media

MITREへのリンク →

Sandworm Team

Score: 12.20

Matched TTPs:

T1091 - Replication Through Removable Media
T1049 - System Network Connections Discovery
T1562.001 - Disable or Modify Tools
T1027 - Obfuscated Files or Information
T1601.001 - Patch System Image

MITREへのリンク →

TA2541

Score: 7.58

Matched TTPs:

T1091 - Replication Through Removable Media
T1136.002 - Domain Account
T1546.017 - Udev Rules

MITREへのリンク →

Earth Lusca

Score: 4.43

Matched TTPs:

T1091 - Replication Through Removable Media
T1136.002 - Domain Account

MITREへのリンク →

Mustang Panda

Score: 12.39

Matched TTPs:

T1091 - Replication Through Removable Media
T1677 - Poisoned Pipeline Execution
T1055.005 - Thread Local Storage
T1105 - Ingress Tool Transfer

MITREへのリンク →

LuminousMoth

Score: 7.10

Matched TTPs:

T1091 - Replication Through Removable Media
T1136.002 - Domain Account
T1105 - Ingress Tool Transfer

MITREへのリンク →

Kimsuky

Score: 17.22

Matched TTPs:

T1091 - Replication Through Removable Media
T1552.003 - Shell History
T1562.013 - Disable or Modify Network Device Firewall
T1197 - BITS Jobs
T1601.001 - Patch System Image
T1003.003 - NTDS

MITREへのリンク →

LazyScripter

Score: 6.30

Matched TTPs:

T1091 - Replication Through Removable Media
T1136.002 - Domain Account
T1601.001 - Patch System Image

MITREへのリンク →

Gamaredon Group

Score: 9.39

Matched TTPs:

T1091 - Replication Through Removable Media
T1562.001 - Disable or Modify Tools
T1601.001 - Patch System Image
T1546.017 - Udev Rules

MITREへのリンク →

Threat Group-3390

Score: 5.12

Matched TTPs:

T1091 - Replication Through Removable Media
T1546.017 - Udev Rules

MITREへのリンク →

SideCopy

Score: 6.11

Matched TTPs:

T1091 - Replication Through Removable Media
T1584.002 - DNS Server

MITREへのリンク →

TA505

Score: 8.64

Matched TTPs:

T1091 - Replication Through Removable Media
T1136.002 - Domain Account
T1027 - Obfuscated Files or Information
T1601.001 - Patch System Image

MITREへのリンク →

BlackByte

Score: 4.31

Matched TTPs:

T1091 - Replication Through Removable Media
T1027 - Obfuscated Files or Information

MITREへのリンク →

APT32

Score: 12.75

Matched TTPs:

T1091 - Replication Through Removable Media
T1592.004 - Client Configurations
T1562.001 - Disable or Modify Tools
T1601.001 - Patch System Image
T1105 - Ingress Tool Transfer

MITREへのリンク →

HEXANE

Score: 3.84

Matched TTPs:

T1091 - Replication Through Removable Media
T1601.001 - Patch System Image

MITREへのリンク →

Contagious Interview

Score: 8.76

Matched TTPs:

T1091 - Replication Through Removable Media
T1552.003 - Shell History
T1562.001 - Disable or Modify Tools
T1601.001 - Patch System Image

MITREへのリンク →

FIN7

Score: 11.24

Matched TTPs:

T1091 - Replication Through Removable Media
T1562.001 - Disable or Modify Tools
T1027 - Obfuscated Files or Information
T1601.001 - Patch System Image
T1105 - Ingress Tool Transfer

MITREへのリンク →

APT42

Score: 5.59

Matched TTPs:

T1091 - Replication Through Removable Media
T1677 - Poisoned Pipeline Execution

MITREへのリンク →

Ember Bear

Score: 8.99

Matched TTPs:

T1136.002 - Domain Account
T1562.001 - Disable or Modify Tools
T1003.003 - NTDS

MITREへのリンク →

LAPSUS$

Score: 6.30

Matched TTPs:

T1136.002 - Domain Account
T1556.008 - Network Provider DLL

MITREへのリンク →

Aquatic Panda

Score: 4.32

Matched TTPs:

T1136.002 - Domain Account
T1601.001 - Patch System Image

MITREへのリンク →

Turla

Score: 4.32

Matched TTPs:

T1136.002 - Domain Account
T1601.001 - Patch System Image

MITREへのリンク →

Scattered Spider

Score: 14.61

Matched TTPs:

T1136.002 - Domain Account
T1552.003 - Shell History
T1556.008 - Network Provider DLL
T1027 - Obfuscated Files or Information
T1197 - BITS Jobs

MITREへのリンク →

APT5

Score: 3.62

Matched TTPs:

T1677 - Poisoned Pipeline Execution

MITREへのリンク →

APT29

Score: 7.69

Matched TTPs:

T1592.004 - Client Configurations
T1556.008 - Network Provider DLL

MITREへのリンク →

BRONZE BUTLER

Score: 3.84

Matched TTPs:

T1592.004 - Client Configurations

MITREへのリンク →

Rocke

Score: 9.20

Matched TTPs:

T1114.003 - Email Forwarding Rule
T1562.001 - Disable or Modify Tools
T1105 - Ingress Tool Transfer

MITREへのリンク →

Gorgon Group

Score: 4.13

Matched TTPs:

T1114.003 - Email Forwarding Rule

MITREへのリンク →

HAFNIUM

Score: 10.42

Matched TTPs:

T1049 - System Network Connections Discovery
T1105 - Ingress Tool Transfer
T1055.008 - Ptrace System Calls

MITREへのリンク →

Axiom

Score: 6.91

Matched TTPs:

T1049 - System Network Connections Discovery
T1562.013 - Disable or Modify Network Device Firewall

MITREへのリンク →

Volt Typhoon

Score: 7.75

Matched TTPs:

T1049 - System Network Connections Discovery
T1584.002 - DNS Server

MITREへのリンク →

INC Ransom

Score: 8.15

Matched TTPs:

T1552.003 - Shell History
T1562.013 - Disable or Modify Network Device Firewall
T1027 - Obfuscated Files or Information

MITREへのリンク →

FIN13

Score: 5.19

Matched TTPs:

T1552.003 - Shell History
T1105 - Ingress Tool Transfer

MITREへのリンク →

Storm-0501

Score: 4.86

Matched TTPs:

T1552.003 - Shell History
T1027 - Obfuscated Files or Information

MITREへのリンク →

AppleJeus

Score: 5.81

Matched TTPs:

T1552.003 - Shell History
T1562.013 - Disable or Modify Network Device Firewall

MITREへのリンク →

Akira

Score: 4.86

Matched TTPs:

T1552.003 - Shell History
T1027 - Obfuscated Files or Information

MITREへのリンク →

Medusa Group

Score: 19.43

Matched TTPs:

T1552.003 - Shell History
T1027 - Obfuscated Files or Information
T1598 - Phishing for Information
T1601.001 - Patch System Image
T1216 - System Script Proxy Execution
T1094 - Custom Command and Control Protocol

MITREへのリンク →

Water Galura

Score: 4.86

Matched TTPs:

T1552.003 - Shell History
T1027 - Obfuscated Files or Information

MITREへのリンク →

Play

Score: 4.39

Matched TTPs:

T1552.003 - Shell History
T1601.001 - Patch System Image

MITREへのリンク →

Sea Turtle

Score: 3.29

Matched TTPs:

T1562.013 - Disable or Modify Network Device Firewall

MITREへのリンク →

GOLD SOUTHFIELD

Score: 5.15

Matched TTPs:

T1562.013 - Disable or Modify Network Device Firewall
T1601.001 - Patch System Image

MITREへのリンク →

Silence

Score: 4.26

Matched TTPs:

T1562.001 - Disable or Modify Tools
T1601.001 - Patch System Image

MITREへのリンク →

Magic Hound

Score: 6.60

Matched TTPs:

T1562.001 - Disable or Modify Tools
T1027 - Obfuscated Files or Information
T1601.001 - Patch System Image

MITREへのリンク →

APT38

Score: 5.96

Matched TTPs:

T1027 - Obfuscated Files or Information
T1216 - System Script Proxy Execution

MITREへのリンク →

FIN8

Score: 4.20

Matched TTPs:

T1027 - Obfuscated Files or Information
T1601.001 - Patch System Image

MITREへのリンク →

ZIRCONIUM

Score: 3.44

Matched TTPs:

T1197 - BITS Jobs

MITREへのリンク →

APT28

Score: 10.24

Matched TTPs:

T1197 - BITS Jobs
T1105 - Ingress Tool Transfer
T1055.008 - Ptrace System Calls

MITREへのリンク →

Molerats

Score: 3.15

Matched TTPs:

T1546.017 - Udev Rules

MITREへのリンク →

Higaisa

Score: 3.15

Matched TTPs:

T1546.017 - Udev Rules

MITREへのリンク →

Mofang

Score: 3.15

Matched TTPs:

T1546.017 - Udev Rules

MITREへのリンク →

Leviathan

Score: 3.15

Matched TTPs:

T1546.017 - Udev Rules

MITREへのリンク →

APT37

Score: 3.62

Matched TTPs:

T1216 - System Script Proxy Execution

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Medusa Group

Score: 0.83

Matched TTPs:

T1027 - Obfuscated Files or Information
T1216 - System Script Proxy Execution
T1094 - Custom Command and Control Protocol
T1598 - Phishing for Information
T1552.003 - Shell History
T1601.001 - Patch System Image

MITREへのリンク →

Lazarus Group

Score: 0.80

Matched TTPs:

T1132.001 - Standard Encoding
T1055.005 - Thread Local Storage
T1105 - Ingress Tool Transfer
T1677 - Poisoned Pipeline Execution
T1216 - System Script Proxy Execution
T1562.001 - Disable or Modify Tools

MITREへのリンク →

Kimsuky

Score: 0.69

Matched TTPs:

T1091 - Replication Through Removable Media
T1562.013 - Disable or Modify Network Device Firewall
T1197 - BITS Jobs
T1003.003 - NTDS
T1552.003 - Shell History
T1601.001 - Patch System Image

MITREへのリンク →

Scattered Spider

Score: 0.64

Matched TTPs:

T1027 - Obfuscated Files or Information
T1136.002 - Domain Account
T1197 - BITS Jobs
T1556.008 - Network Provider DLL
T1552.003 - Shell History

MITREへのリンク →

FIN7

Score: 0.55

Matched TTPs:

T1091 - Replication Through Removable Media
T1027 - Obfuscated Files or Information
T1105 - Ingress Tool Transfer
T1562.001 - Disable or Modify Tools
T1601.001 - Patch System Image

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る