Trusted Design

CRYPTOWALL 4 - THE EVOLUTION CONTINUES

概要

Over the past year, Talos has devoted a significant amount of time to better understanding how ransomware operates, its relation to other malware, and its economic impact. This research has proven valuable for Talos and led the development of better detection methods within the products we support along with the disruption of adversarial operations. CryptoWall is one ransomware variant that has shown gradual evolution over the past year with CryptoWall 2 and Cryptowall 3. Despite global efforts to detect and disrupt the distribution of CryptoWall, adversaries have continued to innovate and evolve their craft, leading to the release of CryptoWall 4. In order to ensure we have the most effective detection possible, Talos reverse engineered CryptoWall 4 to better understand its execution, behavior, deltas from previous versions and share our research and findings with the community.

Created: 2026-02-23

Indicators

• URL - http://theGinGod.com/HS0ILJ.php -
• FileHash-SHA256 - 299b298b433d1cc130f699e2b5c2d1cb3c7e5eb6dd8a5c494a8c5022eafa9223 -
• URL - http://frc-pr.com/dA91lI.php -
• URL - http://successafter60.com/iCqjno.php -
• URL - http://httthanglong.com/yzoLR7.php -
• URL - http://myshop.lk/6872VF.php -
• URL - http://localburialinsuranceinfo.com/zDJRc8.phpsmfinternational.com/AYNILr.php -
• URL - http://purposenowacademy.com/5_YQDI -
• URL - http://manisidhu.in/zJE0fD.php -
• URL - http://successafter60.com/r_kfhH -
• URL - http://mycampusjuice.com/z9r0qh.php -
• URL - http://alltimefacts.com/EiFSId.php -
• URL - http://lexscheep.com/OIsSCj.php -
• FileHash-SHA256 - bf352825a70685039401abde5daf1712fd968d6eee233ea72393cbc6faffe5a2 -
• URL - http://shrisaisales.in/ZUQce4.php -
• URL - http://posrednik-china.com/etdhIk.php -
• URL - http://mabawamathare.org/WEAbCT.php -
• URL - http://ks0407.com/VoZQ_j -
• URL - http://ainahanaudoula.com/GH09Dp.php -
• URL - http://yahoosupportaustralia.com/8gX7hN.php -
• URL - http://stwholesaleinc.com/yL54uH.php -
• URL - http://adcconsulting.net/XEGeuI.php -
• URL - http://smfinternational.com/eRs70a.php -
• URL - http://kingalter.com/uVRfPv.php -
• URL - http://cjforudesigns.com/E8B2gt.php -
• FileHash-SHA256 - 2d04d2a43e1d5a6920a806d8086da9c47f90e1cd25aa99b95af182ee9e1960b3 -
• FileHash-SHA256 - 3a73bb154506d8a9a3f4f658bac9a8b38d7590d296496e843503323d5f9b7801 -
• URL - http://abelindia.com/1LaXd8.php -
• URL - http://parsimaj.com/60wEBT.php -
• URL - http://csscott.com/YuF59b.php -

類似Pulses

• CryptoWall v4 Emerges Days After Cyber Threat Alliance Report (score: 0.81)
• Cryptowall Spam: My Resume Protects All Your Files (score: 0.79)
• CryptoDefense Ransomeware (score: 0.72)
• CryptXXX: New Ransomware From the Actors Behind Reveton (score: 0.72)
• Ransomware: CryptoWall (score: 0.71)

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

---

← Pulse一覧に戻る