Trusted Design

CryptoWall v4 Emerges Days After Cyber Threat Alliance Report

概要

Beginning on October 30, 2015, Palo Alto Networks began seeing instances of this new version of CryptoWall, which some researchers have begun calling version 4. This new version CryptoWall includes multiple updates, such as a more streamlined network communication channel, modified ransom message, and the encryption of filenames. These changes not only make it more difficult for the victim to identify what files have been encrypted, but also may thwart security protections currently in place for the CryptoWall threat. CryptoWall is a type of malware known as ransomware, which encrypts a victim’s files and subsequently demands payment in exchange for the decryption key. The ransom payment is typically collected using a form of crypto-currency, such as Bitcoin. Ransomware has been responsible for many millions of dollars in damages, and CryptoWall is one of the most lucrative ransomware families in use today.

Created: 2026-02-23

Indicators

類似Pulses

Ransomware: CryptoWall (score: 0.83)
CRYPTOWALL 4 - THE EVOLUTION CONTINUES (score: 0.81)
CryptoDefense Ransomeware (score: 0.75)
CryptXXX Ransomware Learns the Samba, Other New Tricks (score: 0.72)
Cryptowall Spam: My Resume Protects All Your Files (score: 0.72)

このPulseに関連する脅威アクター (事実ベース)

Kimsuky

Score: 21.26

Matched TTPs:

T1036.007 - Double File Extension
T1560.003 - Archive via Custom Method
T1608.001 - Upload Malware
T1036.004 - Masquerade Task or Service
T1657 - Financial Theft
T1041 - Exfiltration Over C2 Channel
T1114.002 - Remote Email Collection
T1218.010 - Regsvr32

MITREへのリンク →

Mustang Panda

Score: 15.36

Matched TTPs:

T1036.007 - Double File Extension
T1560.003 - Archive via Custom Method
T1608.001 - Upload Malware
T1041 - Exfiltration Over C2 Channel
T1027.007 - Dynamic API Resolution

MITREへのリンク →

FIN6

Score: 10.59

Matched TTPs:

T1560.003 - Archive via Custom Method
T1560 - Archive Collected Data
T1036.004 - Masquerade Task or Service
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

CopyKittens

Score: 3.15

Matched TTPs:

T1560.003 - Archive via Custom Method

MITREへのリンク →

UNC3886

Score: 11.28

Matched TTPs:

T1560.003 - Archive via Custom Method
T1036.004 - Masquerade Task or Service
T1008 - Fallback Channels
T1124 - System Time Discovery

MITREへのリンク →

Lotus Blossom

Score: 3.15

Matched TTPs:

T1560.003 - Archive via Custom Method

MITREへのリンク →

Lazarus Group

Score: 19.98

Matched TTPs:

T1560.003 - Archive via Custom Method
T1560 - Archive Collected Data
T1036.004 - Masquerade Task or Service
T1041 - Exfiltration Over C2 Channel
T1027.007 - Dynamic API Resolution
T1008 - Fallback Channels
T1124 - System Time Discovery

MITREへのリンク →

Sandworm Team

Score: 6.29

Matched TTPs:

T1608.001 - Upload Malware
T1041 - Exfiltration Over C2 Channel
T1486 - Data Encrypted for Impact

MITREへのリンク →

TA2541

Score: 7.87

Matched TTPs:

T1608.001 - Upload Malware
T1573.002 - Asymmetric Cryptography
T1027.015 - Compression

MITREへのリンク →

LuminousMoth

Score: 6.54

Matched TTPs:

T1608.001 - Upload Malware
T1560 - Archive Collected Data
T1041 - Exfiltration Over C2 Channel

MITREへのリンク →

Mustard Tempest

Score: 6.51

Matched TTPs:

T1608.001 - Upload Malware
T1608.006 - SEO Poisoning

MITREへのリンク →

OilRig

Score: 8.16

Matched TTPs:

T1608.001 - Upload Malware
T1573.002 - Asymmetric Cryptography
T1008 - Fallback Channels

MITREへのリンク →

Gamaredon Group

Score: 15.48

Matched TTPs:

T1608.001 - Upload Malware
T1480 - Execution Guardrails
T1041 - Exfiltration Over C2 Channel
T1001 - Data Obfuscation
T1027.015 - Compression

MITREへのリンク →

Star Blizzard

Score: 4.64

Matched TTPs:

T1608.001 - Upload Malware
T1114.002 - Remote Email Collection

MITREへのリンク →

Threat Group-3390

Score: 5.12

Matched TTPs:

T1608.001 - Upload Malware
T1027.015 - Compression

MITREへのリンク →

TA505

Score: 4.31

Matched TTPs:

T1608.001 - Upload Malware
T1486 - Data Encrypted for Impact

MITREへのリンク →

BlackByte

Score: 12.72

Matched TTPs:

T1608.001 - Upload Malware
T1560 - Archive Collected Data
T1480 - Execution Guardrails
T1041 - Exfiltration Over C2 Channel
T1486 - Data Encrypted for Impact

MITREへのリンク →

BITTER

Score: 7.69

Matched TTPs:

T1608.001 - Upload Malware
T1036.004 - Masquerade Task or Service
T1573 - Encrypted Channel

MITREへのリンク →

APT32

Score: 15.22

Matched TTPs:

T1608.001 - Upload Malware
T1560 - Archive Collected Data
T1550.003 - Pass the Ticket
T1036.004 - Masquerade Task or Service
T1041 - Exfiltration Over C2 Channel
T1218.010 - Regsvr32

MITREへのリンク →

Moonstone Sleet

Score: 4.31

Matched TTPs:

T1608.001 - Upload Malware
T1486 - Data Encrypted for Impact

MITREへのリンク →

Contagious Interview

Score: 10.31

Matched TTPs:

T1608.001 - Upload Malware
T1657 - Financial Theft
T1480 - Execution Guardrails
T1041 - Exfiltration Over C2 Channel

MITREへのリンク →

FIN7

Score: 12.44

Matched TTPs:

T1608.001 - Upload Malware
T1036.004 - Masquerade Task or Service
T1486 - Data Encrypted for Impact
T1008 - Fallback Channels
T1124 - System Time Discovery

MITREへのリンク →

APT42

Score: 4.72

Matched TTPs:

T1608.001 - Upload Malware
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

Dragonfly

Score: 8.88

Matched TTPs:

T1560 - Archive Collected Data
T1114.002 - Remote Email Collection
T1036.010 - Masquerade Account Name

MITREへのリンク →

APT28

Score: 17.77

Matched TTPs:

T1560 - Archive Collected Data
T1048.002 - Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
T1114.002 - Remote Email Collection
T1669 - Wi-Fi Networks
T1211 - Exploitation for Defense Evasion

MITREへのリンク →

Ke3chang

Score: 7.23

Matched TTPs:

T1560 - Archive Collected Data
T1041 - Exfiltration Over C2 Channel
T1114.002 - Remote Email Collection

MITREへのリンク →

Leviathan

Score: 10.46

Matched TTPs:

T1560 - Archive Collected Data
T1041 - Exfiltration Over C2 Channel
T1218.010 - Regsvr32
T1027.015 - Compression

MITREへのリンク →

Scattered Spider

Score: 10.97

Matched TTPs:

T1580 - Cloud Infrastructure Discovery
T1657 - Financial Theft
T1041 - Exfiltration Over C2 Channel
T1486 - Data Encrypted for Impact

MITREへのリンク →

Storm-0501

Score: 13.84

Matched TTPs:

T1580 - Cloud Infrastructure Discovery
T1036.004 - Masquerade Task or Service
T1657 - Financial Theft
T1486 - Data Encrypted for Impact
T1218.010 - Regsvr32

MITREへのリンク →

APT29

Score: 10.13

Matched TTPs:

T1550.003 - Pass the Ticket
T1114.002 - Remote Email Collection
T1573 - Encrypted Channel

MITREへのリンク →

BRONZE BUTLER

Score: 6.44

Matched TTPs:

T1550.003 - Pass the Ticket
T1124 - System Time Discovery

MITREへのリンク →

FIN13

Score: 4.62

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1657 - Financial Theft

MITREへのリンク →

Winter Vivern

Score: 4.07

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1041 - Exfiltration Over C2 Channel

MITREへのリンク →

Wizard Spider

Score: 4.07

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1041 - Exfiltration Over C2 Channel

MITREへのリンク →

ZIRCONIUM

Score: 6.66

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1041 - Exfiltration Over C2 Channel
T1124 - System Time Discovery

MITREへのリンク →

Magic Hound

Score: 14.35

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1114.002 - Remote Email Collection
T1486 - Data Encrypted for Impact
T1573 - Encrypted Channel
T1036.010 - Masquerade Account Name

MITREへのリンク →

Higaisa

Score: 9.81

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1041 - Exfiltration Over C2 Channel
T1124 - System Time Discovery
T1027.015 - Compression

MITREへのリンク →

APT41

Score: 7.88

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1486 - Data Encrypted for Impact
T1008 - Fallback Channels

MITREへのリンク →

INC Ransom

Score: 4.86

Matched TTPs:

T1657 - Financial Theft
T1486 - Data Encrypted for Impact

MITREへのリンク →

Akira

Score: 4.86

Matched TTPs:

T1657 - Financial Theft
T1486 - Data Encrypted for Impact

MITREへのリンク →

Medusa Group

Score: 16.69

Matched TTPs:

T1657 - Financial Theft
T1486 - Data Encrypted for Impact
T1573.002 - Asymmetric Cryptography
T1650 - Acquire Access
T1218.014 - MMC

MITREへのリンク →

Water Galura

Score: 4.86

Matched TTPs:

T1657 - Financial Theft
T1486 - Data Encrypted for Impact

MITREへのリンク →

CURIUM

Score: 8.41

Matched TTPs:

T1048.002 - Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
T1041 - Exfiltration Over C2 Channel
T1124 - System Time Discovery

MITREへのリンク →

Storm-1811

Score: 9.81

Matched TTPs:

T1048.002 - Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
T1486 - Data Encrypted for Impact
T1036.010 - Masquerade Account Name

MITREへのリンク →

Chimera

Score: 7.23

Matched TTPs:

T1041 - Exfiltration Over C2 Channel
T1114.002 - Remote Email Collection
T1124 - System Time Discovery

MITREへのリンク →

APT3

Score: 5.59

Matched TTPs:

T1041 - Exfiltration Over C2 Channel
T1036.010 - Masquerade Account Name

MITREへのリンク →

FIN8

Score: 5.09

Matched TTPs:

T1486 - Data Encrypted for Impact
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

Tropic Trooper

Score: 6.37

Matched TTPs:

T1573 - Encrypted Channel
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

Cobalt Group

Score: 5.49

Matched TTPs:

T1218.010 - Regsvr32
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

Velvet Ant

Score: 6.88

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1211 - Exploitation for Defense Evasion

MITREへのリンク →

Molerats

Score: 3.15

Matched TTPs:

T1027.015 - Compression

MITREへのリンク →

Mofang

Score: 3.15

Matched TTPs:

T1027.015 - Compression

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.78

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1657 - Financial Theft
T1560.003 - Archive via Custom Method
T1608.001 - Upload Malware
T1114.002 - Remote Email Collection
T1218.010 - Regsvr32
T1036.007 - Double File Extension
T1041 - Exfiltration Over C2 Channel

MITREへのリンク →

Lazarus Group

Score: 0.75

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1008 - Fallback Channels
T1560.003 - Archive via Custom Method
T1027.007 - Dynamic API Resolution
T1560 - Archive Collected Data
T1124 - System Time Discovery
T1041 - Exfiltration Over C2 Channel

MITREへのリンク →

Medusa Group

Score: 0.70

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1218.014 - MMC
T1657 - Financial Theft
T1650 - Acquire Access
T1486 - Data Encrypted for Impact

MITREへのリンク →

APT28

Score: 0.66

Matched TTPs:

T1048.002 - Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
T1211 - Exploitation for Defense Evasion
T1114.002 - Remote Email Collection
T1560 - Archive Collected Data
T1669 - Wi-Fi Networks

MITREへのリンク →

Storm-0501

Score: 0.64

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1657 - Financial Theft
T1218.010 - Regsvr32
T1486 - Data Encrypted for Impact
T1580 - Cloud Infrastructure Discovery

MITREへのリンク →

Gamaredon Group

Score: 0.61

Matched TTPs:

T1480 - Execution Guardrails
T1001 - Data Obfuscation
T1027.015 - Compression
T1608.001 - Upload Malware
T1041 - Exfiltration Over C2 Channel

MITREへのリンク →

Mustang Panda

Score: 0.59

Matched TTPs:

T1560.003 - Archive via Custom Method
T1608.001 - Upload Malware
T1027.007 - Dynamic API Resolution
T1036.007 - Double File Extension
T1041 - Exfiltration Over C2 Channel

MITREへのリンク →

BlackByte

Score: 0.59

Matched TTPs:

T1480 - Execution Guardrails
T1608.001 - Upload Malware
T1560 - Archive Collected Data
T1486 - Data Encrypted for Impact
T1041 - Exfiltration Over C2 Channel

MITREへのリンク →

APT32

Score: 0.59

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1550.003 - Pass the Ticket
T1608.001 - Upload Malware
T1218.010 - Regsvr32
T1560 - Archive Collected Data
T1041 - Exfiltration Over C2 Channel

MITREへのリンク →

Magic Hound

Score: 0.57

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1573 - Encrypted Channel
T1114.002 - Remote Email Collection
T1486 - Data Encrypted for Impact
T1036.010 - Masquerade Account Name

MITREへのリンク →

FIN7

Score: 0.57

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1008 - Fallback Channels
T1608.001 - Upload Malware
T1486 - Data Encrypted for Impact
T1124 - System Time Discovery

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る