An Empirical Study of Key Generation in Cryptographic Ransomware

Transcript

1. An Empirical Study of Key Generation in Cryptographic Ransomware Pranshu

   Bajpai and Richard Enbody Michigan State University IEEE Cyber Security 2020 June 17th, 2020

2. Introduction • Cryptographic ransomware require secure key generation • Variety

   of key generation routines have been observed in the wild • A systematic study of key generation procedures is necessary to identify critical characteristics of novel ransomware: • RNG used in key creation • API used for key generation • Key generation site: local versus remote • Key type: standard versus custom algorithms • Key recoverability: vulnerability of the generation procedure • Single key versus multi-key file encryption 2

3. Primary Key Generation Strategies 3 Static Key Dynamic Key Asymmetric

   Key Symmetric Key Dynamic Key Static Key Standard CryptoAPI Ephemeral Data Statically Bound Libraries Non-crypto RNGs Network-based Key Core Generation Logic

4. 4 Fig: Static asymmetric key Fig: Dynamically-generated symmetric key

5. 5 Func _crypt_encryptfile($ssourcefile, $sdestinationfile, $vcryptkey, $ialg_id) ... $vcryptkey = _crypt_derivekey($vcryptkey,

   $ialg_id) ... For $i = 1 To $y[0] Step +1 If NOT StringInStr($y[$i], "Lock.") Then $dd1 = StringReplace($y[$i], "Fixed.", "") _crypt_encryptfile(@DesktopDir & "/" & $y[$i], @DesktopDir & "/Lock." & $dd1, "888", $calg_des) FileDelete(@DesktopDir & "/" & $y[$i]) EndIf Next Fig: Static symmetric key in AutoIT ransomware Fig: Dynamically-generated symmetric key in NotPetya

6. 6 function GenerateKey() { $key[1] = $_SERVER["DOCUMENT_ROOT"]; $key[2] = $_SERVER['SERVER_NAME'];

   $key[3] = $key[1] . "Y" . $key[2] . "K" . date('Y/m/d') . "B" . date('d-/Y:m') . "H" . date('Y-Y-Y'); $key[4] = substr(md5(urlencode(md5( gzcompress(md5(base64_encode(md5 (sha1("wh0#$c@$%^&nd3$@#@!cr8//> yP^&*t1t5- $"%.$key[3])))))))),0,25); return $key[4]; } Fig: Key generation with ephemeral data in kimcilware Fig: Key derivation from a password string

7. Result 7 Ransomware Year Key Generation Wannacry 2017 D GPCode

   2006 A Paradise 2017 B JigSaw 2016 C NotPetya 2017 D Cerber 2016 D Kimcilware 2016 E CryptoWall 2014 H Key Generation CS? OV? Notation Static asymmetric key ✔  A Dynamic asymmetric key ✔  B Static symmetric key  ✔ C -Dynamic using CryptoAPI ✔ ✔ D -Dynamic using ephemeral data?  ✔ E -Dynamic using static libraries ✔ ✔ F -Dynamic using random generators  ✔ G Network key (attacker’s domain) ✔  H

8. Identifying Key Characteristics in Novel Ransomware • Encryption key: Network

   or host? • Encryption algorithms: Standard or custom? • Key generation: Static or dynamic? • Bulk encryption: Symmetric or asymmetric? • Key persistence: Secure or vulnerable? • Key material: Cryptographically-secure or vulnerable? • Cryptographic library: Static or dynamic? • Independence: Involvement of the C&C server? • Encryption key: Single or multiple (one-per-file)? 6/9/2020 8

9. Conclusion • Cryptographically weak key generation models continue to appear

   in recent variants • Complexity of key management (and associated implementation errors) allows us to provide decryptors for certain variants • Particularly ineffective variants will be gradually replaced with stronger models • High-level APIs will continue to be leveraged by the attackers

10. Thank You @amirootyet www.amirootyet.com