Trusted Design

NUCLEAR EK FROM 162.247.14.156 SENDS TESLACRYPT 2.0

概要

TeslaCrypt/AlphaCrypt uses AES256 encryption. The AES key is generated using a SHA256 hash and due to the keys being stored on the infected machine, victims in many cases could likely decrypt files without paying the ransom. The newest variant, TeslaCrypt 2.0, uses the same encryption algorithm; however, the keys and other configuration data are stored in the Windows Registry instead of a file on the local disk (as in previous versions). This version masquerades as CryptoWall. The command and control (C&C) communications for new variants use the same AES256 encryption for any traffic to the attacker’s server; in previous variants, only Base64 encoding was used.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

TeslaCrypt 2.0: Cyber Crime Malware Behavior (score: 0.92)
Threat Spotlight: TeslaCrypt (score: 0.73)
TeslaCrypt Ransomware (score: 0.70)
TeslaCrypt C2 Communication (score: 0.70)
New TeslaCrypt version (score: 0.65)

このPulseに関連する脅威アクター (事実ベース)

FIN6

Score: 10.82

Matched TTPs:

T1016.001 - Internet Connection Discovery
T1027.007 - Dynamic API Resolution
T1547.008 - LSASS Driver
T1556 - Modify Authentication Process

MITREへのリンク →

CopyKittens

Score: 3.15

Matched TTPs:

T1016.001 - Internet Connection Discovery

MITREへのリンク →

Mustang Panda

Score: 16.18

Matched TTPs:

T1016.001 - Internet Connection Discovery
T1071.005 - Publish/Subscribe Protocols
T1677 - Poisoned Pipeline Execution
T1055.005 - Thread Local Storage
T1556 - Modify Authentication Process

MITREへのリンク →

Kimsuky

Score: 10.62

Matched TTPs:

T1016.001 - Internet Connection Discovery
T1537 - Transfer Data to Cloud Account
T1668 - Exclusive Control
T1490 - Inhibit System Recovery

MITREへのリンク →

UNC3886

Score: 6.59

Matched TTPs:

T1016.001 - Internet Connection Discovery
T1055.015 - ListPlanting

MITREへのリンク →

Lotus Blossom

Score: 6.08

Matched TTPs:

T1016.001 - Internet Connection Discovery
T1569.002 - Service Execution

MITREへのリンク →

Lazarus Group

Score: 29.20

Matched TTPs:

T1016.001 - Internet Connection Discovery
T1071.005 - Publish/Subscribe Protocols
T1677 - Poisoned Pipeline Execution
T1055.005 - Thread Local Storage
T1055.015 - ListPlanting
T1547.008 - LSASS Driver
T1569.002 - Service Execution
T1086 - PowerShell
T1556 - Modify Authentication Process

MITREへのリンク →

Mustard Tempest

Score: 4.54

Matched TTPs:

T1682 - Query Public AI Services

MITREへのリンク →

ZIRCONIUM

Score: 4.58

Matched TTPs:

T1071.005 - Publish/Subscribe Protocols
T1537 - Transfer Data to Cloud Account

MITREへのリンク →

Volt Typhoon

Score: 7.50

Matched TTPs:

T1071.005 - Publish/Subscribe Protocols
T1537 - Transfer Data to Cloud Account
T1569.002 - Service Execution

MITREへのリンク →

Contagious Interview

Score: 11.64

Matched TTPs:

T1071.005 - Publish/Subscribe Protocols
T1562.010 - Downgrade Attack
T1547.008 - LSASS Driver
T1556 - Modify Authentication Process

MITREへのリンク →

Higaisa

Score: 8.60

Matched TTPs:

T1071.005 - Publish/Subscribe Protocols
T1569.002 - Service Execution
T1546.017 - Udev Rules

MITREへのリンク →

APT33

Score: 5.27

Matched TTPs:

T1071.005 - Publish/Subscribe Protocols
T1556 - Modify Authentication Process

MITREへのリンク →

APT28

Score: 13.65

Matched TTPs:

T1071.005 - Publish/Subscribe Protocols
T1205.001 - Port Knocking
T1668 - Exclusive Control
T1588.003 - Code Signing Certificates

MITREへのリンク →

BRONZE BUTLER

Score: 6.37

Matched TTPs:

T1071.005 - Publish/Subscribe Protocols
T1592.004 - Client Configurations

MITREへのリンク →

APT42

Score: 3.62

Matched TTPs:

T1677 - Poisoned Pipeline Execution

MITREへのリンク →

APT5

Score: 3.62

Matched TTPs:

T1677 - Poisoned Pipeline Execution

MITREへのリンク →

APT29

Score: 14.71

Matched TTPs:

T1592.004 - Client Configurations
T1683 - Generate Content
T1537 - Transfer Data to Cloud Account
T1547.008 - LSASS Driver
T1490 - Inhibit System Recovery

MITREへのリンク →

APT32

Score: 14.40

Matched TTPs:

T1592.004 - Client Configurations
T1668 - Exclusive Control
T1027.007 - Dynamic API Resolution
T1556 - Modify Authentication Process
T1490 - Inhibit System Recovery

MITREへのリンク →

BlackByte

Score: 8.58

Matched TTPs:

T1562.010 - Downgrade Attack
T1027 - Obfuscated Files or Information
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Gamaredon Group

Score: 11.13

Matched TTPs:

T1562.010 - Downgrade Attack
T1086 - PowerShell
T1546.017 - Udev Rules

MITREへのリンク →

CURIUM

Score: 6.37

Matched TTPs:

T1205.001 - Port Knocking
T1547.008 - LSASS Driver

MITREへのリンク →

Storm-1811

Score: 8.71

Matched TTPs:

T1205.001 - Port Knocking
T1027 - Obfuscated Files or Information
T1547.008 - LSASS Driver

MITREへのリンク →

APT38

Score: 6.79

Matched TTPs:

T1027 - Obfuscated Files or Information
T1537 - Transfer Data to Cloud Account
T1027.007 - Dynamic API Resolution

MITREへのリンク →

INC Ransom

Score: 4.74

Matched TTPs:

T1027 - Obfuscated Files or Information
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Magic Hound

Score: 8.49

Matched TTPs:

T1027 - Obfuscated Files or Information
T1683 - Generate Content
T1547.008 - LSASS Driver

MITREへのリンク →

FIN7

Score: 10.84

Matched TTPs:

T1027 - Obfuscated Files or Information
T1027.007 - Dynamic API Resolution
T1055.015 - ListPlanting
T1490 - Inhibit System Recovery

MITREへのリンク →

Storm-0501

Score: 4.39

Matched TTPs:

T1027 - Obfuscated Files or Information
T1537 - Transfer Data to Cloud Account

MITREへのリンク →

Medusa Group

Score: 11.33

Matched TTPs:

T1027 - Obfuscated Files or Information
T1537 - Transfer Data to Cloud Account
T1027.007 - Dynamic API Resolution
T1094 - Custom Command and Control Protocol

MITREへのリンク →

APT41

Score: 12.98

Matched TTPs:

T1027 - Obfuscated Files or Information
T1537 - Transfer Data to Cloud Account
T1668 - Exclusive Control
T1027.007 - Dynamic API Resolution
T1055.015 - ListPlanting

MITREへのリンク →

TA505

Score: 4.39

Matched TTPs:

T1027 - Obfuscated Files or Information
T1537 - Transfer Data to Cloud Account

MITREへのリンク →

FIN8

Score: 5.09

Matched TTPs:

T1027 - Obfuscated Files or Information
T1556 - Modify Authentication Process

MITREへのリンク →

Moonstone Sleet

Score: 7.26

Matched TTPs:

T1027 - Obfuscated Files or Information
T1027.007 - Dynamic API Resolution
T1547.008 - LSASS Driver

MITREへのリンク →

Tropic Trooper

Score: 6.29

Matched TTPs:

T1683 - Generate Content
T1490 - Inhibit System Recovery

MITREへのリンク →

BITTER

Score: 3.62

Matched TTPs:

T1683 - Generate Content

MITREへのリンク →

TA2541

Score: 5.20

Matched TTPs:

T1537 - Transfer Data to Cloud Account
T1546.017 - Udev Rules

MITREへのリンク →

Dark Caracal

Score: 4.58

Matched TTPs:

T1537 - Transfer Data to Cloud Account
T1547.008 - LSASS Driver

MITREへのリンク →

APT39

Score: 7.38

Matched TTPs:

T1537 - Transfer Data to Cloud Account
T1027.007 - Dynamic API Resolution
T1569.002 - Service Execution

MITREへのリンク →

GALLIUM

Score: 4.80

Matched TTPs:

T1537 - Transfer Data to Cloud Account
T1668 - Exclusive Control

MITREへのリンク →

Threat Group-3390

Score: 5.20

Matched TTPs:

T1537 - Transfer Data to Cloud Account
T1546.017 - Udev Rules

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1130 - Install Root Certificate

MITREへのリンク →

Strider

Score: 7.06

Matched TTPs:

T1130 - Install Root Certificate
T1569.002 - Service Execution

MITREへのリンク →

Chimera

Score: 5.14

Matched TTPs:

T1668 - Exclusive Control
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Wizard Spider

Score: 7.89

Matched TTPs:

T1668 - Exclusive Control
T1027.007 - Dynamic API Resolution
T1556 - Modify Authentication Process

MITREへのリンク →

FIN13

Score: 5.67

Matched TTPs:

T1668 - Exclusive Control
T1569.002 - Service Execution

MITREへのリンク →

Axiom

Score: 4.54

Matched TTPs:

T1160 - Launch Daemon

MITREへのリンク →

Velvet Ant

Score: 7.99

Matched TTPs:

T1027.007 - Dynamic API Resolution
T1569.002 - Service Execution
T1490 - Inhibit System Recovery

MITREへのリンク →

OilRig

Score: 8.71

Matched TTPs:

T1055.015 - ListPlanting
T1547.008 - LSASS Driver
T1556 - Modify Authentication Process

MITREへのリンク →

Turla

Score: 5.59

Matched TTPs:

T1569.002 - Service Execution
T1490 - Inhibit System Recovery

MITREへのリンク →

Molerats

Score: 3.15

Matched TTPs:

T1546.017 - Udev Rules

MITREへのリンク →

Mofang

Score: 3.15

Matched TTPs:

T1546.017 - Udev Rules

MITREへのリンク →

Leviathan

Score: 3.15

Matched TTPs:

T1546.017 - Udev Rules

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Lazarus Group

Score: 0.75

Matched TTPs:

T1547.008 - LSASS Driver
T1055.005 - Thread Local Storage
T1086 - PowerShell
T1055.015 - ListPlanting
T1071.005 - Publish/Subscribe Protocols
T1016.001 - Internet Connection Discovery
T1677 - Poisoned Pipeline Execution
T1569.002 - Service Execution
T1556 - Modify Authentication Process

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る