Trusted Design

MarsJoke Ransomware Mimics CTB-Locker

概要

Ransomware in its various forms continues to make headlines as much for high-profile network disruptions as for the ubiquity of attacks among consumers. We recently noted the non-linear growth of ransomware variants and now a new type has emerged, dubbed MarsJoke. Proofpoint researchers originally spotted the MarsJoke ransomware in late August [1] by trawling through our repository of unknown malware. However, beginning on September 22, 2016, we detected the first large-scale email campaign distributing MarsJoke. This ongoing campaign appears to target primarily state and local government agencies and educational institutions in the United States. The targeting of state and local government agencies as well as the distribution methods are very similar to a CryptFile2 campaign we described in August [2]. Gary Warners’s blog also reported on this and similar campaigns, indicating that a well-known botnet, Kelihos, is responsible for distributing this spam [4][5][6].

Created: 2026-02-23

Indicators

類似Pulses

CryptFile2 Ransomware Returns in High Volume URL Campaigns (score: 0.79)
Ransomware - CryptFile2 (score: 0.77)
Cryptowall Spam: My Resume Protects All Your Files (score: 0.76)
FakeGlobe and Cerber Ransomware: Sneaking under the radar while WeCry (score: 0.74)
CryptoApp ransomware: changes & active campaign (score: 0.73)

このPulseに関連する脅威アクター (事実ベース)

Kimsuky

Score: 18.18

Matched TTPs:

T1053.007 - Container Orchestration Job
T1091 - Replication Through Removable Media
T1552.003 - Shell History
T1199 - Trusted Relationship
T1562.013 - Disable or Modify Network Device Firewall
T1027.014 - Polymorphic Code
T1490 - Inhibit System Recovery

MITREへのリンク →

Mustang Panda

Score: 12.58

Matched TTPs:

T1053.007 - Container Orchestration Job
T1091 - Replication Through Removable Media
T1199 - Trusted Relationship
T1218.010 - Regsvr32
T1055.005 - Thread Local Storage

MITREへのリンク →

Mustard Tempest

Score: 11.05

Matched TTPs:

T1682 - Query Public AI Services
T1091 - Replication Through Removable Media
T1543.002 - Systemd Service

MITREへのリンク →

HAFNIUM

Score: 10.13

Matched TTPs:

T1027.008 - Stripped Payloads
T1049 - System Network Connections Discovery
T1490 - Inhibit System Recovery

MITREへのリンク →

APT5

Score: 3.84

Matched TTPs:

T1027.008 - Stripped Payloads

MITREへのリンク →

Ke3chang

Score: 4.69

Matched TTPs:

T1027.008 - Stripped Payloads
T1199 - Trusted Relationship

MITREへのリンク →

Sandworm Team

Score: 14.12

Matched TTPs:

T1091 - Replication Through Removable Media
T1005 - Data from Local System
T1049 - System Network Connections Discovery
T1199 - Trusted Relationship
T1027 - Obfuscated Files or Information
T1218.010 - Regsvr32

MITREへのリンク →

TA2541

Score: 11.18

Matched TTPs:

T1091 - Replication Through Removable Media
T1136.002 - Domain Account
T1199 - Trusted Relationship
T1128 - Netsh Helper DLL
T1546.017 - Udev Rules

MITREへのリンク →

Earth Lusca

Score: 5.28

Matched TTPs:

T1091 - Replication Through Removable Media
T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

LuminousMoth

Score: 5.28

Matched TTPs:

T1091 - Replication Through Removable Media
T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

OilRig

Score: 16.58

Matched TTPs:

T1091 - Replication Through Removable Media
T1005 - Data from Local System
T1199 - Trusted Relationship
T1059.004 - Unix Shell
T1218.010 - Regsvr32
T1128 - Netsh Helper DLL
T1547.008 - LSASS Driver

MITREへのリンク →

LazyScripter

Score: 4.43

Matched TTPs:

T1091 - Replication Through Removable Media
T1136.002 - Domain Account

MITREへのリンク →

Gamaredon Group

Score: 10.51

Matched TTPs:

T1091 - Replication Through Removable Media
T1199 - Trusted Relationship
T1061 - Graphical User Interface
T1546.017 - Udev Rules

MITREへのリンク →

Threat Group-3390

Score: 7.47

Matched TTPs:

T1091 - Replication Through Removable Media
T1199 - Trusted Relationship
T1218.010 - Regsvr32
T1546.017 - Udev Rules

MITREへのリンク →

TA505

Score: 7.62

Matched TTPs:

T1091 - Replication Through Removable Media
T1136.002 - Domain Account
T1199 - Trusted Relationship
T1027 - Obfuscated Files or Information

MITREへのリンク →

BlackByte

Score: 4.31

Matched TTPs:

T1091 - Replication Through Removable Media
T1027 - Obfuscated Files or Information

MITREへのリンク →

BITTER

Score: 4.32

Matched TTPs:

T1091 - Replication Through Removable Media
T1199 - Trusted Relationship
T1218.010 - Regsvr32

MITREへのリンク →

APT32

Score: 9.73

Matched TTPs:

T1091 - Replication Through Removable Media
T1199 - Trusted Relationship
T1027.014 - Polymorphic Code
T1218.010 - Regsvr32
T1490 - Inhibit System Recovery

MITREへのリンク →

Saint Bear

Score: 3.47

Matched TTPs:

T1091 - Replication Through Removable Media
T1218.010 - Regsvr32

MITREへのリンク →

Moonstone Sleet

Score: 6.84

Matched TTPs:

T1091 - Replication Through Removable Media
T1027 - Obfuscated Files or Information
T1547.008 - LSASS Driver

MITREへのリンク →

Contagious Interview

Score: 7.87

Matched TTPs:

T1091 - Replication Through Removable Media
T1552.003 - Shell History
T1199 - Trusted Relationship
T1547.008 - LSASS Driver

MITREへのリンク →

FIN7

Score: 7.83

Matched TTPs:

T1091 - Replication Through Removable Media
T1199 - Trusted Relationship
T1027 - Obfuscated Files or Information
T1490 - Inhibit System Recovery

MITREへのリンク →

EXOTIC LILY

Score: 5.99

Matched TTPs:

T1091 - Replication Through Removable Media
T1218.010 - Regsvr32
T1547.008 - LSASS Driver

MITREへのリンク →

APT42

Score: 5.57

Matched TTPs:

T1091 - Replication Through Removable Media
T1199 - Trusted Relationship
T1128 - Netsh Helper DLL

MITREへのリンク →

Ember Bear

Score: 7.80

Matched TTPs:

T1005 - Data from Local System
T1136.002 - Domain Account
T1218.010 - Regsvr32

MITREへのリンク →

LAPSUS$

Score: 3.31

Matched TTPs:

T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

Metador

Score: 3.31

Matched TTPs:

T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

APT1

Score: 3.31

Matched TTPs:

T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

Aquatic Panda

Score: 3.31

Matched TTPs:

T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

UNC3886

Score: 7.10

Matched TTPs:

T1136.002 - Domain Account
T1059.004 - Unix Shell
T1218.010 - Regsvr32

MITREへのリンク →

Andariel

Score: 3.95

Matched TTPs:

T1136.002 - Domain Account
T1218.010 - Regsvr32

MITREへのリンク →

Turla

Score: 9.13

Matched TTPs:

T1136.002 - Domain Account
T1199 - Trusted Relationship
T1059.004 - Unix Shell
T1490 - Inhibit System Recovery

MITREへのリンク →

BackdoorDiplomacy

Score: 3.31

Matched TTPs:

T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

Scattered Spider

Score: 8.17

Matched TTPs:

T1136.002 - Domain Account
T1552.003 - Shell History
T1199 - Trusted Relationship
T1027 - Obfuscated Files or Information

MITREへのリンク →

Axiom

Score: 8.40

Matched TTPs:

T1049 - System Network Connections Discovery
T1562.013 - Disable or Modify Network Device Firewall
T1218.010 - Regsvr32

MITREへのリンク →

Volt Typhoon

Score: 4.47

Matched TTPs:

T1049 - System Network Connections Discovery
T1199 - Trusted Relationship

MITREへのリンク →

INC Ransom

Score: 9.00

Matched TTPs:

T1552.003 - Shell History
T1199 - Trusted Relationship
T1562.013 - Disable or Modify Network Device Firewall
T1027 - Obfuscated Files or Information

MITREへのリンク →

Cinnamon Tempest

Score: 3.37

Matched TTPs:

T1552.003 - Shell History
T1199 - Trusted Relationship

MITREへのリンク →

FIN13

Score: 3.37

Matched TTPs:

T1552.003 - Shell History
T1199 - Trusted Relationship

MITREへのリンク →

Storm-0501

Score: 7.61

Matched TTPs:

T1552.003 - Shell History
T1027 - Obfuscated Files or Information
T1027.014 - Polymorphic Code

MITREへのリンク →

AppleJeus

Score: 5.81

Matched TTPs:

T1552.003 - Shell History
T1562.013 - Disable or Modify Network Device Firewall

MITREへのリンク →

Akira

Score: 4.86

Matched TTPs:

T1552.003 - Shell History
T1027 - Obfuscated Files or Information

MITREへのリンク →

Medusa Group

Score: 13.00

Matched TTPs:

T1552.003 - Shell History
T1199 - Trusted Relationship
T1027 - Obfuscated Files or Information
T1128 - Netsh Helper DLL
T1598 - Phishing for Information

MITREへのリンク →

Water Galura

Score: 4.86

Matched TTPs:

T1552.003 - Shell History
T1027 - Obfuscated Files or Information

MITREへのリンク →

Play

Score: 6.04

Matched TTPs:

T1552.003 - Shell History
T1199 - Trusted Relationship
T1490 - Inhibit System Recovery

MITREへのリンク →

Inception

Score: 5.09

Matched TTPs:

T1199 - Trusted Relationship
T1027.014 - Polymorphic Code
T1218.010 - Regsvr32

MITREへのリンク →

Magic Hound

Score: 5.71

Matched TTPs:

T1199 - Trusted Relationship
T1027 - Obfuscated Files or Information
T1547.008 - LSASS Driver

MITREへのリンク →

APT29

Score: 7.53

Matched TTPs:

T1199 - Trusted Relationship
T1218.010 - Regsvr32
T1547.008 - LSASS Driver
T1490 - Inhibit System Recovery

MITREへのリンク →

APT28

Score: 11.42

Matched TTPs:

T1199 - Trusted Relationship
T1218.010 - Regsvr32
T1146 - Clear Command History
T1546.007 - Netsh Helper DLL

MITREへのリンク →

Storm-1811

Score: 5.71

Matched TTPs:

T1199 - Trusted Relationship
T1027 - Obfuscated Files or Information
T1547.008 - LSASS Driver

MITREへのリンク →

APT41

Score: 4.68

Matched TTPs:

T1199 - Trusted Relationship
T1027 - Obfuscated Files or Information
T1218.010 - Regsvr32

MITREへのリンク →

FIN8

Score: 5.94

Matched TTPs:

T1199 - Trusted Relationship
T1027 - Obfuscated Files or Information
T1128 - Netsh Helper DLL

MITREへのリンク →

GALLIUM

Score: 4.00

Matched TTPs:

T1199 - Trusted Relationship
T1059.004 - Unix Shell

MITREへのリンク →

FIN6

Score: 6.12

Matched TTPs:

T1199 - Trusted Relationship
T1128 - Netsh Helper DLL
T1547.008 - LSASS Driver

MITREへのリンク →

Patchwork

Score: 5.49

Matched TTPs:

T1199 - Trusted Relationship
T1059.004 - Unix Shell
T1218.010 - Regsvr32

MITREへのリンク →

Sea Turtle

Score: 8.29

Matched TTPs:

T1199 - Trusted Relationship
T1562.013 - Disable or Modify Network Device Firewall
T1218.010 - Regsvr32
T1490 - Inhibit System Recovery

MITREへのリンク →

WIRTE

Score: 3.60

Matched TTPs:

T1199 - Trusted Relationship
T1027.014 - Polymorphic Code

MITREへのリンク →

Cobalt Group

Score: 7.83

Matched TTPs:

T1199 - Trusted Relationship
T1027.014 - Polymorphic Code
T1218.010 - Regsvr32
T1128 - Netsh Helper DLL

MITREへのリンク →

Lazarus Group

Score: 9.00

Matched TTPs:

T1199 - Trusted Relationship
T1218.010 - Regsvr32
T1055.005 - Thread Local Storage
T1547.008 - LSASS Driver

MITREへのリンク →

FIN10

Score: 3.52

Matched TTPs:

T1199 - Trusted Relationship
T1490 - Inhibit System Recovery

MITREへのリンク →

APT38

Score: 3.19

Matched TTPs:

T1199 - Trusted Relationship
T1027 - Obfuscated Files or Information

MITREへのリンク →

APT19

Score: 3.60

Matched TTPs:

T1199 - Trusted Relationship
T1027.014 - Polymorphic Code

MITREへのリンク →

Blue Mockingbird

Score: 3.60

Matched TTPs:

T1199 - Trusted Relationship
T1027.014 - Polymorphic Code

MITREへのリンク →

GOLD SOUTHFIELD

Score: 3.29

Matched TTPs:

T1562.013 - Disable or Modify Network Device Firewall

MITREへのリンク →

Deep Panda

Score: 5.90

Matched TTPs:

T1059.004 - Unix Shell
T1027.014 - Polymorphic Code

MITREへのリンク →

APT3

Score: 4.65

Matched TTPs:

T1059.004 - Unix Shell
T1218.010 - Regsvr32

MITREへのリンク →

Leviathan

Score: 7.39

Matched TTPs:

T1027.014 - Polymorphic Code
T1218.010 - Regsvr32
T1546.017 - Udev Rules

MITREへのリンク →

Higaisa

Score: 4.65

Matched TTPs:

T1218.010 - Regsvr32
T1546.017 - Udev Rules

MITREへのリンク →

Tropic Trooper

Score: 6.91

Matched TTPs:

T1218.010 - Regsvr32
T1128 - Netsh Helper DLL
T1490 - Inhibit System Recovery

MITREへのリンク →

Velvet Ant

Score: 5.41

Matched TTPs:

T1128 - Netsh Helper DLL
T1490 - Inhibit System Recovery

MITREへのリンク →

Molerats

Score: 3.15

Matched TTPs:

T1546.017 - Udev Rules

MITREへのリンク →

Mofang

Score: 3.15

Matched TTPs:

T1546.017 - Udev Rules

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.82

Matched TTPs:

T1552.003 - Shell History
T1053.007 - Container Orchestration Job
T1490 - Inhibit System Recovery
T1199 - Trusted Relationship
T1091 - Replication Through Removable Media
T1562.013 - Disable or Modify Network Device Firewall
T1027.014 - Polymorphic Code

MITREへのリンク →

OilRig

Score: 0.74

Matched TTPs:

T1547.008 - LSASS Driver
T1059.004 - Unix Shell
T1005 - Data from Local System
T1218.010 - Regsvr32
T1128 - Netsh Helper DLL
T1199 - Trusted Relationship
T1091 - Replication Through Removable Media

MITREへのリンク →

Sandworm Team

Score: 0.67

Matched TTPs:

T1049 - System Network Connections Discovery
T1005 - Data from Local System
T1027 - Obfuscated Files or Information
T1218.010 - Regsvr32
T1199 - Trusted Relationship
T1091 - Replication Through Removable Media

MITREへのリンク →

Medusa Group

Score: 0.67

Matched TTPs:

T1598 - Phishing for Information
T1552.003 - Shell History
T1027 - Obfuscated Files or Information
T1128 - Netsh Helper DLL
T1199 - Trusted Relationship

MITREへのリンク →

Mustang Panda

Score: 0.59

Matched TTPs:

T1055.005 - Thread Local Storage
T1053.007 - Container Orchestration Job
T1218.010 - Regsvr32
T1199 - Trusted Relationship
T1091 - Replication Through Removable Media

MITREへのリンク →

Mustard Tempest

Score: 0.59

Matched TTPs:

T1091 - Replication Through Removable Media
T1543.002 - Systemd Service
T1682 - Query Public AI Services

MITREへのリンク →

APT28

Score: 0.57

Matched TTPs:

T1146 - Clear Command History
T1218.010 - Regsvr32
T1546.007 - Netsh Helper DLL
T1199 - Trusted Relationship

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る