Trusted Design

Cryptowall Spam: My Resume Protects All Your Files

概要

Talos has found a new SPAM campaign that is using multiple layers of obfuscation to attempt to evade detection. Spammers are always evolving to get their messages to the end users by bypassing SPAM filters while still appearing convincing enough to get a user to complete the actions required to infect the system. The end payload for this campaign is Cryptowall 3.0. Talos has covered this threat repeatedly and this is another example of how the success of Ransomware has pushed it to one of the top threats we are seeing today. Whether its Exploit Kits or SPAM messages threat actors are pushing as many different variants of Ransomware as possible.

Created: 2026-02-23

Indicators

類似Pulses

CRYPTOWALL 4 - THE EVOLUTION CONTINUES (score: 0.79)
MarsJoke Ransomware Mimics CTB-Locker (score: 0.76)
CryptoWall v4 Emerges Days After Cyber Threat Alliance Report (score: 0.72)
CryptoApp ransomware: changes & active campaign (score: 0.72)
Analysis of a piece of ransomware in development (CryptoApp) (score: 0.72)

このPulseに関連する脅威アクター (事実ベース)

Lazarus Group

Score: 20.28

Matched TTPs:

T1027.009 - Embedded Payloads
T1070 - Indicator Removal
T1571 - Non-Standard Port
T1027.007 - Dynamic API Resolution
T1564.001 - Hidden Files and Directories
T1529 - System Shutdown/Reboot

MITREへのリンク →

TA577

Score: 3.84

Matched TTPs:

T1027.009 - Embedded Payloads

MITREへのリンク →

Moonstone Sleet

Score: 11.60

Matched TTPs:

T1027.009 - Embedded Payloads
T1608.001 - Upload Malware
T1486 - Data Encrypted for Impact
T1598 - Phishing for Information

MITREへのリンク →

Mustard Tempest

Score: 6.51

Matched TTPs:

T1583.008 - Malvertising
T1608.001 - Upload Malware

MITREへのリンク →

Sandworm Team

Score: 12.20

Matched TTPs:

T1608.001 - Upload Malware
T1584.005 - Botnet
T1571 - Non-Standard Port
T1486 - Data Encrypted for Impact
T1027.010 - Command Obfuscation

MITREへのリンク →

TA2541

Score: 7.58

Matched TTPs:

T1608.001 - Upload Malware
T1588.001 - Malware
T1027.015 - Compression

MITREへのリンク →

Earth Lusca

Score: 4.43

Matched TTPs:

T1608.001 - Upload Malware
T1588.001 - Malware

MITREへのリンク →

Mustang Panda

Score: 12.39

Matched TTPs:

T1608.001 - Upload Malware
T1070 - Indicator Removal
T1027.007 - Dynamic API Resolution
T1564.001 - Hidden Files and Directories

MITREへのリンク →

LuminousMoth

Score: 7.10

Matched TTPs:

T1608.001 - Upload Malware
T1588.001 - Malware
T1564.001 - Hidden Files and Directories

MITREへのリンク →

Kimsuky

Score: 17.22

Matched TTPs:

T1608.001 - Upload Malware
T1657 - Financial Theft
T1566 - Phishing
T1598 - Phishing for Information
T1027.010 - Command Obfuscation
T1588.005 - Exploits

MITREへのリンク →

LazyScripter

Score: 6.30

Matched TTPs:

T1608.001 - Upload Malware
T1588.001 - Malware
T1027.010 - Command Obfuscation

MITREへのリンク →

Gamaredon Group

Score: 9.39

Matched TTPs:

T1608.001 - Upload Malware
T1571 - Non-Standard Port
T1027.010 - Command Obfuscation
T1027.015 - Compression

MITREへのリンク →

Threat Group-3390

Score: 5.12

Matched TTPs:

T1608.001 - Upload Malware
T1027.015 - Compression

MITREへのリンク →

SideCopy

Score: 6.11

Matched TTPs:

T1608.001 - Upload Malware
T1614 - System Location Discovery

MITREへのリンク →

TA505

Score: 8.64

Matched TTPs:

T1608.001 - Upload Malware
T1588.001 - Malware
T1486 - Data Encrypted for Impact
T1027.010 - Command Obfuscation

MITREへのリンク →

BlackByte

Score: 4.31

Matched TTPs:

T1608.001 - Upload Malware
T1486 - Data Encrypted for Impact

MITREへのリンク →

APT32

Score: 12.75

Matched TTPs:

T1608.001 - Upload Malware
T1550.003 - Pass the Ticket
T1571 - Non-Standard Port
T1027.010 - Command Obfuscation
T1564.001 - Hidden Files and Directories

MITREへのリンク →

HEXANE

Score: 3.84

Matched TTPs:

T1608.001 - Upload Malware
T1027.010 - Command Obfuscation

MITREへのリンク →

Contagious Interview

Score: 8.76

Matched TTPs:

T1608.001 - Upload Malware
T1657 - Financial Theft
T1571 - Non-Standard Port
T1027.010 - Command Obfuscation

MITREへのリンク →

FIN7

Score: 11.24

Matched TTPs:

T1608.001 - Upload Malware
T1571 - Non-Standard Port
T1486 - Data Encrypted for Impact
T1027.010 - Command Obfuscation
T1564.001 - Hidden Files and Directories

MITREへのリンク →

APT42

Score: 5.59

Matched TTPs:

T1608.001 - Upload Malware
T1070 - Indicator Removal

MITREへのリンク →

Ember Bear

Score: 8.99

Matched TTPs:

T1588.001 - Malware
T1571 - Non-Standard Port
T1588.005 - Exploits

MITREへのリンク →

LAPSUS$

Score: 6.30

Matched TTPs:

T1588.001 - Malware
T1621 - Multi-Factor Authentication Request Generation

MITREへのリンク →

Aquatic Panda

Score: 4.32

Matched TTPs:

T1588.001 - Malware
T1027.010 - Command Obfuscation

MITREへのリンク →

Turla

Score: 4.32

Matched TTPs:

T1588.001 - Malware
T1027.010 - Command Obfuscation

MITREへのリンク →

Scattered Spider

Score: 14.61

Matched TTPs:

T1588.001 - Malware
T1657 - Financial Theft
T1621 - Multi-Factor Authentication Request Generation
T1486 - Data Encrypted for Impact
T1598 - Phishing for Information

MITREへのリンク →

APT5

Score: 3.62

Matched TTPs:

T1070 - Indicator Removal

MITREへのリンク →

APT29

Score: 7.69

Matched TTPs:

T1550.003 - Pass the Ticket
T1621 - Multi-Factor Authentication Request Generation

MITREへのリンク →

BRONZE BUTLER

Score: 3.84

Matched TTPs:

T1550.003 - Pass the Ticket

MITREへのリンク →

Rocke

Score: 9.20

Matched TTPs:

T1055.002 - Portable Executable Injection
T1571 - Non-Standard Port
T1564.001 - Hidden Files and Directories

MITREへのリンク →

Gorgon Group

Score: 4.13

Matched TTPs:

T1055.002 - Portable Executable Injection

MITREへのリンク →

HAFNIUM

Score: 10.42

Matched TTPs:

T1584.005 - Botnet
T1564.001 - Hidden Files and Directories
T1550.001 - Application Access Token

MITREへのリンク →

Axiom

Score: 6.91

Matched TTPs:

T1584.005 - Botnet
T1566 - Phishing

MITREへのリンク →

Volt Typhoon

Score: 7.75

Matched TTPs:

T1584.005 - Botnet
T1614 - System Location Discovery

MITREへのリンク →

INC Ransom

Score: 8.15

Matched TTPs:

T1657 - Financial Theft
T1566 - Phishing
T1486 - Data Encrypted for Impact

MITREへのリンク →

FIN13

Score: 5.19

Matched TTPs:

T1657 - Financial Theft
T1564.001 - Hidden Files and Directories

MITREへのリンク →

Storm-0501

Score: 4.86

Matched TTPs:

T1657 - Financial Theft
T1486 - Data Encrypted for Impact

MITREへのリンク →

AppleJeus

Score: 5.81

Matched TTPs:

T1657 - Financial Theft
T1566 - Phishing

MITREへのリンク →

Akira

Score: 4.86

Matched TTPs:

T1657 - Financial Theft
T1486 - Data Encrypted for Impact

MITREへのリンク →

Medusa Group

Score: 19.43

Matched TTPs:

T1657 - Financial Theft
T1486 - Data Encrypted for Impact
T1650 - Acquire Access
T1027.010 - Command Obfuscation
T1529 - System Shutdown/Reboot
T1218.014 - MMC

MITREへのリンク →

Water Galura

Score: 4.86

Matched TTPs:

T1657 - Financial Theft
T1486 - Data Encrypted for Impact

MITREへのリンク →

Play

Score: 4.39

Matched TTPs:

T1657 - Financial Theft
T1027.010 - Command Obfuscation

MITREへのリンク →

Sea Turtle

Score: 3.29

Matched TTPs:

T1566 - Phishing

MITREへのリンク →

GOLD SOUTHFIELD

Score: 5.15

Matched TTPs:

T1566 - Phishing
T1027.010 - Command Obfuscation

MITREへのリンク →

Silence

Score: 4.26

Matched TTPs:

T1571 - Non-Standard Port
T1027.010 - Command Obfuscation

MITREへのリンク →

Magic Hound

Score: 6.60

Matched TTPs:

T1571 - Non-Standard Port
T1486 - Data Encrypted for Impact
T1027.010 - Command Obfuscation

MITREへのリンク →

APT38

Score: 5.96

Matched TTPs:

T1486 - Data Encrypted for Impact
T1529 - System Shutdown/Reboot

MITREへのリンク →

FIN8

Score: 4.20

Matched TTPs:

T1486 - Data Encrypted for Impact
T1027.010 - Command Obfuscation

MITREへのリンク →

ZIRCONIUM

Score: 3.44

Matched TTPs:

T1598 - Phishing for Information

MITREへのリンク →

APT28

Score: 10.24

Matched TTPs:

T1598 - Phishing for Information
T1564.001 - Hidden Files and Directories
T1550.001 - Application Access Token

MITREへのリンク →

Molerats

Score: 3.15

Matched TTPs:

T1027.015 - Compression

MITREへのリンク →

Higaisa

Score: 3.15

Matched TTPs:

T1027.015 - Compression

MITREへのリンク →

Mofang

Score: 3.15

Matched TTPs:

T1027.015 - Compression

MITREへのリンク →

Leviathan

Score: 3.15

Matched TTPs:

T1027.015 - Compression

MITREへのリンク →

APT37

Score: 3.62

Matched TTPs:

T1529 - System Shutdown/Reboot

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Medusa Group

Score: 0.83

Matched TTPs:

T1650 - Acquire Access
T1486 - Data Encrypted for Impact
T1529 - System Shutdown/Reboot
T1657 - Financial Theft
T1027.010 - Command Obfuscation
T1218.014 - MMC

MITREへのリンク →

Lazarus Group

Score: 0.80

Matched TTPs:

T1027.007 - Dynamic API Resolution
T1070 - Indicator Removal
T1529 - System Shutdown/Reboot
T1571 - Non-Standard Port
T1564.001 - Hidden Files and Directories
T1027.009 - Embedded Payloads

MITREへのリンク →

Kimsuky

Score: 0.69

Matched TTPs:

T1588.005 - Exploits
T1598 - Phishing for Information
T1608.001 - Upload Malware
T1657 - Financial Theft
T1566 - Phishing
T1027.010 - Command Obfuscation

MITREへのリンク →

Scattered Spider

Score: 0.64

Matched TTPs:

T1598 - Phishing for Information
T1486 - Data Encrypted for Impact
T1657 - Financial Theft
T1621 - Multi-Factor Authentication Request Generation
T1588.001 - Malware

MITREへのリンク →

FIN7

Score: 0.55

Matched TTPs:

T1486 - Data Encrypted for Impact
T1608.001 - Upload Malware
T1571 - Non-Standard Port
T1027.010 - Command Obfuscation
T1564.001 - Hidden Files and Directories

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る