Trusted Design

MarsJoke Ransomware Mimics CTB-Locker

概要

Ransomware in its various forms continues to make headlines as much for high-profile network disruptions as for the ubiquity of attacks among consumers. We recently noted the non-linear growth of ransomware variants and now a new type has emerged, dubbed MarsJoke. Proofpoint researchers originally spotted the MarsJoke ransomware in late August [1] by trawling through our repository of unknown malware. However, beginning on September 22, 2016, we detected the first large-scale email campaign distributing MarsJoke. This ongoing campaign appears to target primarily state and local government agencies and educational institutions in the United States. The targeting of state and local government agencies as well as the distribution methods are very similar to a CryptFile2 campaign we described in August [2]. Gary Warners’s blog also reported on this and similar campaigns, indicating that a well-known botnet, Kelihos, is responsible for distributing this spam [4][5][6].

Created: 2026-02-23

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Kimsuky

Score: 18.18
Matched TTPs:
  • T1036.007 - Double File Extension
  • T1608.001 - Upload Malware
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1566 - Phishing
  • T1218.010 - Regsvr32
  • T1078.003 - Local Accounts
MITREへのリンク →

Mustang Panda

Score: 12.58
Matched TTPs:
  • T1036.007 - Double File Extension
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

Mustard Tempest

Score: 11.05
Matched TTPs:
  • T1583.008 - Malvertising
  • T1608.001 - Upload Malware
  • T1608.006 - SEO Poisoning
MITREへのリンク →

HAFNIUM

Score: 10.13
Matched TTPs:
  • T1583.005 - Botnet
  • T1584.005 - Botnet
  • T1078.003 - Local Accounts
MITREへのリンク →

APT5

Score: 3.84
Matched TTPs:
  • T1583.005 - Botnet
MITREへのリンク →

Ke3chang

Score: 4.69
Matched TTPs:
  • T1583.005 - Botnet
  • T1588.002 - Tool
MITREへのリンク →

Sandworm Team

Score: 14.12
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1584.005 - Botnet
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

TA2541

Score: 11.18
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1573.002 - Asymmetric Cryptography
  • T1027.015 - Compression
MITREへのリンク →

Earth Lusca

Score: 5.28
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

LuminousMoth

Score: 5.28
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

OilRig

Score: 16.58
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1588.002 - Tool
  • T1027.005 - Indicator Removal from Tools
  • T1203 - Exploitation for Client Execution
  • T1573.002 - Asymmetric Cryptography
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

LazyScripter

Score: 4.43
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
MITREへのリンク →

Gamaredon Group

Score: 10.51
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1001 - Data Obfuscation
  • T1027.015 - Compression
MITREへのリンク →

Threat Group-3390

Score: 7.47
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1027.015 - Compression
MITREへのリンク →

TA505

Score: 7.62
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

BlackByte

Score: 4.31
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

BITTER

Score: 4.32
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT32

Score: 9.73
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
  • T1078.003 - Local Accounts
MITREへのリンク →

Saint Bear

Score: 3.47
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Moonstone Sleet

Score: 6.84
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1486 - Data Encrypted for Impact
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Contagious Interview

Score: 7.87
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

FIN7

Score: 7.83
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
  • T1078.003 - Local Accounts
MITREへのリンク →

EXOTIC LILY

Score: 5.99
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT42

Score: 5.57
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1573.002 - Asymmetric Cryptography
MITREへのリンク →

Ember Bear

Score: 7.80
Matched TTPs:
  • T1195 - Supply Chain Compromise
  • T1588.001 - Malware
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

LAPSUS$

Score: 3.31
Matched TTPs:
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

Metador

Score: 3.31
Matched TTPs:
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

APT1

Score: 3.31
Matched TTPs:
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

Aquatic Panda

Score: 3.31
Matched TTPs:
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

UNC3886

Score: 7.10
Matched TTPs:
  • T1588.001 - Malware
  • T1027.005 - Indicator Removal from Tools
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Andariel

Score: 3.95
Matched TTPs:
  • T1588.001 - Malware
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Turla

Score: 9.13
Matched TTPs:
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1027.005 - Indicator Removal from Tools
  • T1078.003 - Local Accounts
MITREへのリンク →

BackdoorDiplomacy

Score: 3.31
Matched TTPs:
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

Scattered Spider

Score: 8.17
Matched TTPs:
  • T1588.001 - Malware
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Axiom

Score: 8.40
Matched TTPs:
  • T1584.005 - Botnet
  • T1566 - Phishing
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Volt Typhoon

Score: 4.47
Matched TTPs:
  • T1584.005 - Botnet
  • T1588.002 - Tool
MITREへのリンク →

INC Ransom

Score: 9.00
Matched TTPs:
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1566 - Phishing
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Cinnamon Tempest

Score: 3.37
Matched TTPs:
  • T1657 - Financial Theft
  • T1588.002 - Tool
MITREへのリンク →

FIN13

Score: 3.37
Matched TTPs:
  • T1657 - Financial Theft
  • T1588.002 - Tool
MITREへのリンク →

Storm-0501

Score: 7.61
Matched TTPs:
  • T1657 - Financial Theft
  • T1486 - Data Encrypted for Impact
  • T1218.010 - Regsvr32
MITREへのリンク →

AppleJeus

Score: 5.81
Matched TTPs:
  • T1657 - Financial Theft
  • T1566 - Phishing
MITREへのリンク →

Akira

Score: 4.86
Matched TTPs:
  • T1657 - Financial Theft
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Medusa Group

Score: 13.00
Matched TTPs:
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
  • T1573.002 - Asymmetric Cryptography
  • T1650 - Acquire Access
MITREへのリンク →

Water Galura

Score: 4.86
Matched TTPs:
  • T1657 - Financial Theft
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Play

Score: 6.04
Matched TTPs:
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1078.003 - Local Accounts
MITREへのリンク →

Inception

Score: 5.09
Matched TTPs:
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Magic Hound

Score: 5.71
Matched TTPs:
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT29

Score: 7.53
Matched TTPs:
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
  • T1078.003 - Local Accounts
MITREへのリンク →

APT28

Score: 11.42
Matched TTPs:
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1498 - Network Denial of Service
  • T1669 - Wi-Fi Networks
MITREへのリンク →

Storm-1811

Score: 5.71
Matched TTPs:
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT41

Score: 4.68
Matched TTPs:
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

FIN8

Score: 5.94
Matched TTPs:
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
  • T1573.002 - Asymmetric Cryptography
MITREへのリンク →

GALLIUM

Score: 4.00
Matched TTPs:
  • T1588.002 - Tool
  • T1027.005 - Indicator Removal from Tools
MITREへのリンク →

FIN6

Score: 6.12
Matched TTPs:
  • T1588.002 - Tool
  • T1573.002 - Asymmetric Cryptography
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Patchwork

Score: 5.49
Matched TTPs:
  • T1588.002 - Tool
  • T1027.005 - Indicator Removal from Tools
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Sea Turtle

Score: 8.29
Matched TTPs:
  • T1588.002 - Tool
  • T1566 - Phishing
  • T1203 - Exploitation for Client Execution
  • T1078.003 - Local Accounts
MITREへのリンク →

WIRTE

Score: 3.60
Matched TTPs:
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
MITREへのリンク →

Cobalt Group

Score: 7.83
Matched TTPs:
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
  • T1573.002 - Asymmetric Cryptography
MITREへのリンク →

Lazarus Group

Score: 9.00
Matched TTPs:
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1027.007 - Dynamic API Resolution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

FIN10

Score: 3.52
Matched TTPs:
  • T1588.002 - Tool
  • T1078.003 - Local Accounts
MITREへのリンク →

APT38

Score: 3.19
Matched TTPs:
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

APT19

Score: 3.60
Matched TTPs:
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
MITREへのリンク →

Blue Mockingbird

Score: 3.60
Matched TTPs:
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
MITREへのリンク →

GOLD SOUTHFIELD

Score: 3.29
Matched TTPs:
  • T1566 - Phishing
MITREへのリンク →

Deep Panda

Score: 5.90
Matched TTPs:
  • T1027.005 - Indicator Removal from Tools
  • T1218.010 - Regsvr32
MITREへのリンク →

APT3

Score: 4.65
Matched TTPs:
  • T1027.005 - Indicator Removal from Tools
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Leviathan

Score: 7.39
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
  • T1027.015 - Compression
MITREへのリンク →

Higaisa

Score: 4.65
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1027.015 - Compression
MITREへのリンク →

Tropic Trooper

Score: 6.91
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1573.002 - Asymmetric Cryptography
  • T1078.003 - Local Accounts
MITREへのリンク →

Velvet Ant

Score: 5.41
Matched TTPs:
  • T1573.002 - Asymmetric Cryptography
  • T1078.003 - Local Accounts
MITREへのリンク →

Molerats

Score: 3.15
Matched TTPs:
  • T1027.015 - Compression
MITREへのリンク →

Mofang

Score: 3.15
Matched TTPs:
  • T1027.015 - Compression
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.82
Matched TTPs:
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1218.010 - Regsvr32
  • T1078.003 - Local Accounts
  • T1566 - Phishing
  • T1608.001 - Upload Malware
  • T1036.007 - Double File Extension
MITREへのリンク →

OilRig

Score: 0.74
Matched TTPs:
  • T1588.002 - Tool
  • T1027.005 - Indicator Removal from Tools
  • T1573.002 - Asymmetric Cryptography
  • T1566.003 - Spearphishing via Service
  • T1203 - Exploitation for Client Execution
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
MITREへのリンク →

Sandworm Team

Score: 0.67
Matched TTPs:
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
  • T1584.005 - Botnet
  • T1203 - Exploitation for Client Execution
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
MITREへのリンク →

Medusa Group

Score: 0.67
Matched TTPs:
  • T1657 - Financial Theft
  • T1573.002 - Asymmetric Cryptography
  • T1588.002 - Tool
  • T1486 - Data Encrypted for Impact
  • T1650 - Acquire Access
MITREへのリンク →

Mustang Panda

Score: 0.59
Matched TTPs:
  • T1588.002 - Tool
  • T1027.007 - Dynamic API Resolution
  • T1203 - Exploitation for Client Execution
  • T1608.001 - Upload Malware
  • T1036.007 - Double File Extension
MITREへのリンク →

Mustard Tempest

Score: 0.59
Matched TTPs:
  • T1608.006 - SEO Poisoning
  • T1583.008 - Malvertising
  • T1608.001 - Upload Malware
MITREへのリンク →

APT28

Score: 0.57
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1588.002 - Tool
  • T1669 - Wi-Fi Networks
  • T1498 - Network Denial of Service
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る