Trusted Design

TeslaCrypt 2.0: Cyber Crime Malware Behavior

概要

TeslaCrypt/AlphaCrypt uses AES256 encryption. The AES key is generated using a SHA256 hash and due to the keys being stored on the infected machine, victims in many cases could likely decrypt files without paying the ransom. • The newest variant, TeslaCrypt 2.0, uses the same encryption algorithm; however, the keys and other configuration data are stored in the Windows Registry instead of a file on the local disk (as in previous versions). This version masquerades as CryptoWall. • The command and control (C&C) communications for new variants use the same AES256 encryption for any traffic to the attacker’s server; in previous variants, only Base64 encoding was used.

Created: 2026-02-23

Indicators

類似Pulses

NUCLEAR EK FROM 162.247.14.156 SENDS TESLACRYPT 2.0 (score: 0.92)
Threat Spotlight: TeslaCrypt (score: 0.73)
TeslaCrypt Ransomware (score: 0.72)
TeslaCrypt C2 Communication (score: 0.72)
New TeslaCrypt version (score: 0.67)

このPulseに関連する脅威アクター (事実ベース)

FIN6

Score: 8.30

Matched TTPs:

T1560.003 - Archive via Custom Method
T1569.002 - Service Execution
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

CopyKittens

Score: 3.15

Matched TTPs:

T1560.003 - Archive via Custom Method

MITREへのリンク →

Mustang Panda

Score: 16.18

Matched TTPs:

T1560.003 - Archive via Custom Method
T1573.001 - Symmetric Cryptography
T1070 - Indicator Removal
T1027.007 - Dynamic API Resolution
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Kimsuky

Score: 10.62

Matched TTPs:

T1560.003 - Archive via Custom Method
T1027.002 - Software Packing
T1550.002 - Pass the Hash
T1078.003 - Local Accounts

MITREへのリンク →

UNC3886

Score: 6.59

Matched TTPs:

T1560.003 - Archive via Custom Method
T1008 - Fallback Channels

MITREへのリンク →

Lotus Blossom

Score: 6.08

Matched TTPs:

T1560.003 - Archive via Custom Method
T1090.001 - Internal Proxy

MITREへのリンク →

Lazarus Group

Score: 26.68

Matched TTPs:

T1560.003 - Archive via Custom Method
T1573.001 - Symmetric Cryptography
T1070 - Indicator Removal
T1027.007 - Dynamic API Resolution
T1008 - Fallback Channels
T1090.001 - Internal Proxy
T1561.001 - Disk Content Wipe
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Mustard Tempest

Score: 4.54

Matched TTPs:

T1583.008 - Malvertising

MITREへのリンク →

ZIRCONIUM

Score: 4.58

Matched TTPs:

T1573.001 - Symmetric Cryptography
T1027.002 - Software Packing

MITREへのリンク →

Volt Typhoon

Score: 7.50

Matched TTPs:

T1573.001 - Symmetric Cryptography
T1027.002 - Software Packing
T1090.001 - Internal Proxy

MITREへのリンク →

Contagious Interview

Score: 9.11

Matched TTPs:

T1573.001 - Symmetric Cryptography
T1480 - Execution Guardrails
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Higaisa

Score: 8.60

Matched TTPs:

T1573.001 - Symmetric Cryptography
T1090.001 - Internal Proxy
T1027.015 - Compression

MITREへのリンク →

APT33

Score: 5.27

Matched TTPs:

T1573.001 - Symmetric Cryptography
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

APT28

Score: 13.65

Matched TTPs:

T1573.001 - Symmetric Cryptography
T1048.002 - Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
T1550.002 - Pass the Hash
T1137.002 - Office Test

MITREへのリンク →

BRONZE BUTLER

Score: 6.37

Matched TTPs:

T1573.001 - Symmetric Cryptography
T1550.003 - Pass the Ticket

MITREへのリンク →

APT42

Score: 3.62

Matched TTPs:

T1070 - Indicator Removal

MITREへのリンク →

APT5

Score: 3.62

Matched TTPs:

T1070 - Indicator Removal

MITREへのリンク →

APT29

Score: 12.19

Matched TTPs:

T1550.003 - Pass the Ticket
T1573 - Encrypted Channel
T1027.002 - Software Packing
T1078.003 - Local Accounts

MITREへのリンク →

APT32

Score: 14.40

Matched TTPs:

T1550.003 - Pass the Ticket
T1550.002 - Pass the Hash
T1569.002 - Service Execution
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
T1078.003 - Local Accounts

MITREへのリンク →

BlackByte

Score: 8.58

Matched TTPs:

T1480 - Execution Guardrails
T1486 - Data Encrypted for Impact
T1569.002 - Service Execution

MITREへのリンク →

Gamaredon Group

Score: 11.13

Matched TTPs:

T1480 - Execution Guardrails
T1561.001 - Disk Content Wipe
T1027.015 - Compression

MITREへのリンク →

CURIUM

Score: 3.84

Matched TTPs:

T1048.002 - Exfiltration Over Asymmetric Encrypted Non-C2 Protocol

MITREへのリンク →

Storm-1811

Score: 6.19

Matched TTPs:

T1048.002 - Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
T1486 - Data Encrypted for Impact

MITREへのリンク →

APT38

Score: 6.79

Matched TTPs:

T1486 - Data Encrypted for Impact
T1027.002 - Software Packing
T1569.002 - Service Execution

MITREへのリンク →

INC Ransom

Score: 4.74

Matched TTPs:

T1486 - Data Encrypted for Impact
T1569.002 - Service Execution

MITREへのリンク →

Magic Hound

Score: 5.96

Matched TTPs:

T1486 - Data Encrypted for Impact
T1573 - Encrypted Channel

MITREへのリンク →

FIN7

Score: 10.84

Matched TTPs:

T1486 - Data Encrypted for Impact
T1569.002 - Service Execution
T1008 - Fallback Channels
T1078.003 - Local Accounts

MITREへのリンク →

Storm-0501

Score: 4.39

Matched TTPs:

T1486 - Data Encrypted for Impact
T1027.002 - Software Packing

MITREへのリンク →

Medusa Group

Score: 11.33

Matched TTPs:

T1486 - Data Encrypted for Impact
T1027.002 - Software Packing
T1569.002 - Service Execution
T1218.014 - MMC

MITREへのリンク →

APT41

Score: 17.11

Matched TTPs:

T1486 - Data Encrypted for Impact
T1027.002 - Software Packing
T1550.002 - Pass the Hash
T1569.002 - Service Execution
T1480.001 - Environmental Keying
T1008 - Fallback Channels

MITREへのリンク →

TA505

Score: 4.39

Matched TTPs:

T1486 - Data Encrypted for Impact
T1027.002 - Software Packing

MITREへのリンク →

FIN8

Score: 5.09

Matched TTPs:

T1486 - Data Encrypted for Impact
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Moonstone Sleet

Score: 4.74

Matched TTPs:

T1486 - Data Encrypted for Impact
T1569.002 - Service Execution

MITREへのリンク →

Tropic Trooper

Score: 6.29

Matched TTPs:

T1573 - Encrypted Channel
T1078.003 - Local Accounts

MITREへのリンク →

BITTER

Score: 3.62

Matched TTPs:

T1573 - Encrypted Channel

MITREへのリンク →

TA2541

Score: 5.20

Matched TTPs:

T1027.002 - Software Packing
T1027.015 - Compression

MITREへのリンク →

APT39

Score: 7.38

Matched TTPs:

T1027.002 - Software Packing
T1569.002 - Service Execution
T1090.001 - Internal Proxy

MITREへのリンク →

GALLIUM

Score: 4.80

Matched TTPs:

T1027.002 - Software Packing
T1550.002 - Pass the Hash

MITREへのリンク →

Threat Group-3390

Score: 5.20

Matched TTPs:

T1027.002 - Software Packing
T1027.015 - Compression

MITREへのリンク →

Chimera

Score: 5.14

Matched TTPs:

T1550.002 - Pass the Hash
T1569.002 - Service Execution

MITREへのリンク →

Wizard Spider

Score: 7.89

Matched TTPs:

T1550.002 - Pass the Hash
T1569.002 - Service Execution
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

FIN13

Score: 5.67

Matched TTPs:

T1550.002 - Pass the Hash
T1090.001 - Internal Proxy

MITREへのリンク →

Axiom

Score: 4.54

Matched TTPs:

T1001.002 - Steganography

MITREへのリンク →

Velvet Ant

Score: 7.99

Matched TTPs:

T1569.002 - Service Execution
T1090.001 - Internal Proxy
T1078.003 - Local Accounts

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1480.001 - Environmental Keying

MITREへのリンク →

OilRig

Score: 6.19

Matched TTPs:

T1008 - Fallback Channels
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Turla

Score: 5.59

Matched TTPs:

T1090.001 - Internal Proxy
T1078.003 - Local Accounts

MITREへのリンク →

Molerats

Score: 3.15

Matched TTPs:

T1027.015 - Compression

MITREへのリンク →

Mofang

Score: 3.15

Matched TTPs:

T1027.015 - Compression

MITREへのリンク →

Leviathan

Score: 3.15

Matched TTPs:

T1027.015 - Compression

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Lazarus Group

Score: 0.77

Matched TTPs:

T1090.001 - Internal Proxy
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
T1573.001 - Symmetric Cryptography
T1027.007 - Dynamic API Resolution
T1008 - Fallback Channels
T1070 - Indicator Removal
T1561.001 - Disk Content Wipe
T1560.003 - Archive via Custom Method

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る