Trusted Design

NUCLEAR EK FROM 162.247.14.156 SENDS TESLACRYPT 2.0

概要

TeslaCrypt/AlphaCrypt uses AES256 encryption. The AES key is generated using a SHA256 hash and due to the keys being stored on the infected machine, victims in many cases could likely decrypt files without paying the ransom. The newest variant, TeslaCrypt 2.0, uses the same encryption algorithm; however, the keys and other configuration data are stored in the Windows Registry instead of a file on the local disk (as in previous versions). This version masquerades as CryptoWall. The command and control (C&C) communications for new variants use the same AES256 encryption for any traffic to the attacker’s server; in previous variants, only Base64 encoding was used.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

TeslaCrypt 2.0: Cyber Crime Malware Behavior (score: 0.92)
Threat Spotlight: TeslaCrypt (score: 0.73)
TeslaCrypt Ransomware (score: 0.70)
TeslaCrypt C2 Communication (score: 0.70)
New TeslaCrypt version (score: 0.65)

このPulseに関連する脅威アクター (事実ベース)

FIN6

Score: 10.82

Matched TTPs:

T1560.003 - Archive via Custom Method
T1569.002 - Service Execution
T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

CopyKittens

Score: 3.15

Matched TTPs:

T1560.003 - Archive via Custom Method

MITREへのリンク →

Mustang Panda

Score: 16.18

Matched TTPs:

T1560.003 - Archive via Custom Method
T1573.001 - Symmetric Cryptography
T1070 - Indicator Removal
T1027.007 - Dynamic API Resolution
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Kimsuky

Score: 10.62

Matched TTPs:

T1560.003 - Archive via Custom Method
T1027.002 - Software Packing
T1550.002 - Pass the Hash
T1078.003 - Local Accounts

MITREへのリンク →

UNC3886

Score: 6.59

Matched TTPs:

T1560.003 - Archive via Custom Method
T1008 - Fallback Channels

MITREへのリンク →

Lotus Blossom

Score: 6.08

Matched TTPs:

T1560.003 - Archive via Custom Method
T1090.001 - Internal Proxy

MITREへのリンク →

Lazarus Group

Score: 29.20

Matched TTPs:

T1560.003 - Archive via Custom Method
T1573.001 - Symmetric Cryptography
T1070 - Indicator Removal
T1027.007 - Dynamic API Resolution
T1008 - Fallback Channels
T1566.003 - Spearphishing via Service
T1090.001 - Internal Proxy
T1561.001 - Disk Content Wipe
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Mustard Tempest

Score: 4.54

Matched TTPs:

T1583.008 - Malvertising

MITREへのリンク →

ZIRCONIUM

Score: 4.58

Matched TTPs:

T1573.001 - Symmetric Cryptography
T1027.002 - Software Packing

MITREへのリンク →

Volt Typhoon

Score: 7.50

Matched TTPs:

T1573.001 - Symmetric Cryptography
T1027.002 - Software Packing
T1090.001 - Internal Proxy

MITREへのリンク →

Contagious Interview

Score: 11.64

Matched TTPs:

T1573.001 - Symmetric Cryptography
T1480 - Execution Guardrails
T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Higaisa

Score: 8.60

Matched TTPs:

T1573.001 - Symmetric Cryptography
T1090.001 - Internal Proxy
T1027.015 - Compression

MITREへのリンク →

APT33

Score: 5.27

Matched TTPs:

T1573.001 - Symmetric Cryptography
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

APT28

Score: 13.65

Matched TTPs:

T1573.001 - Symmetric Cryptography
T1048.002 - Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
T1550.002 - Pass the Hash
T1137.002 - Office Test

MITREへのリンク →

BRONZE BUTLER

Score: 6.37

Matched TTPs:

T1573.001 - Symmetric Cryptography
T1550.003 - Pass the Ticket

MITREへのリンク →

APT42

Score: 3.62

Matched TTPs:

T1070 - Indicator Removal

MITREへのリンク →

APT5

Score: 3.62

Matched TTPs:

T1070 - Indicator Removal

MITREへのリンク →

APT29

Score: 14.71

Matched TTPs:

T1550.003 - Pass the Ticket
T1573 - Encrypted Channel
T1027.002 - Software Packing
T1566.003 - Spearphishing via Service
T1078.003 - Local Accounts

MITREへのリンク →

APT32

Score: 14.40

Matched TTPs:

T1550.003 - Pass the Ticket
T1550.002 - Pass the Hash
T1569.002 - Service Execution
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
T1078.003 - Local Accounts

MITREへのリンク →

BlackByte

Score: 8.58

Matched TTPs:

T1480 - Execution Guardrails
T1486 - Data Encrypted for Impact
T1569.002 - Service Execution

MITREへのリンク →

Gamaredon Group

Score: 11.13

Matched TTPs:

T1480 - Execution Guardrails
T1561.001 - Disk Content Wipe
T1027.015 - Compression

MITREへのリンク →

CURIUM

Score: 6.37

Matched TTPs:

T1048.002 - Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
T1566.003 - Spearphishing via Service

MITREへのリンク →

Storm-1811

Score: 8.71

Matched TTPs:

T1048.002 - Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
T1486 - Data Encrypted for Impact
T1566.003 - Spearphishing via Service

MITREへのリンク →

APT38

Score: 6.79

Matched TTPs:

T1486 - Data Encrypted for Impact
T1027.002 - Software Packing
T1569.002 - Service Execution

MITREへのリンク →

INC Ransom

Score: 4.74

Matched TTPs:

T1486 - Data Encrypted for Impact
T1569.002 - Service Execution

MITREへのリンク →

Magic Hound

Score: 8.49

Matched TTPs:

T1486 - Data Encrypted for Impact
T1573 - Encrypted Channel
T1566.003 - Spearphishing via Service

MITREへのリンク →

FIN7

Score: 10.84

Matched TTPs:

T1486 - Data Encrypted for Impact
T1569.002 - Service Execution
T1008 - Fallback Channels
T1078.003 - Local Accounts

MITREへのリンク →

Storm-0501

Score: 4.39

Matched TTPs:

T1486 - Data Encrypted for Impact
T1027.002 - Software Packing

MITREへのリンク →

Medusa Group

Score: 11.33

Matched TTPs:

T1486 - Data Encrypted for Impact
T1027.002 - Software Packing
T1569.002 - Service Execution
T1218.014 - MMC

MITREへのリンク →

APT41

Score: 12.98

Matched TTPs:

T1486 - Data Encrypted for Impact
T1027.002 - Software Packing
T1550.002 - Pass the Hash
T1569.002 - Service Execution
T1008 - Fallback Channels

MITREへのリンク →

TA505

Score: 4.39

Matched TTPs:

T1486 - Data Encrypted for Impact
T1027.002 - Software Packing

MITREへのリンク →

FIN8

Score: 5.09

Matched TTPs:

T1486 - Data Encrypted for Impact
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Moonstone Sleet

Score: 7.26

Matched TTPs:

T1486 - Data Encrypted for Impact
T1569.002 - Service Execution
T1566.003 - Spearphishing via Service

MITREへのリンク →

Tropic Trooper

Score: 6.29

Matched TTPs:

T1573 - Encrypted Channel
T1078.003 - Local Accounts

MITREへのリンク →

BITTER

Score: 3.62

Matched TTPs:

T1573 - Encrypted Channel

MITREへのリンク →

TA2541

Score: 5.20

Matched TTPs:

T1027.002 - Software Packing
T1027.015 - Compression

MITREへのリンク →

Dark Caracal

Score: 4.58

Matched TTPs:

T1027.002 - Software Packing
T1566.003 - Spearphishing via Service

MITREへのリンク →

APT39

Score: 7.38

Matched TTPs:

T1027.002 - Software Packing
T1569.002 - Service Execution
T1090.001 - Internal Proxy

MITREへのリンク →

GALLIUM

Score: 4.80

Matched TTPs:

T1027.002 - Software Packing
T1550.002 - Pass the Hash

MITREへのリンク →

Threat Group-3390

Score: 5.20

Matched TTPs:

T1027.002 - Software Packing
T1027.015 - Compression

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Strider

Score: 7.06

Matched TTPs:

T1564.005 - Hidden File System
T1090.001 - Internal Proxy

MITREへのリンク →

Chimera

Score: 5.14

Matched TTPs:

T1550.002 - Pass the Hash
T1569.002 - Service Execution

MITREへのリンク →

Wizard Spider

Score: 7.89

Matched TTPs:

T1550.002 - Pass the Hash
T1569.002 - Service Execution
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

FIN13

Score: 5.67

Matched TTPs:

T1550.002 - Pass the Hash
T1090.001 - Internal Proxy

MITREへのリンク →

Axiom

Score: 4.54

Matched TTPs:

T1001.002 - Steganography

MITREへのリンク →

Velvet Ant

Score: 7.99

Matched TTPs:

T1569.002 - Service Execution
T1090.001 - Internal Proxy
T1078.003 - Local Accounts

MITREへのリンク →

OilRig

Score: 8.71

Matched TTPs:

T1008 - Fallback Channels
T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Turla

Score: 5.59

Matched TTPs:

T1090.001 - Internal Proxy
T1078.003 - Local Accounts

MITREへのリンク →

Molerats

Score: 3.15

Matched TTPs:

T1027.015 - Compression

MITREへのリンク →

Mofang

Score: 3.15

Matched TTPs:

T1027.015 - Compression

MITREへのリンク →

Leviathan

Score: 3.15

Matched TTPs:

T1027.015 - Compression

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Lazarus Group

Score: 0.75

Matched TTPs:

T1573.001 - Symmetric Cryptography
T1008 - Fallback Channels
T1070 - Indicator Removal
T1560.003 - Archive via Custom Method
T1566.003 - Spearphishing via Service
T1561.001 - Disk Content Wipe
T1027.007 - Dynamic API Resolution
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
T1090.001 - Internal Proxy

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る