IoC (TT Malware Log)

Malware の IoC(Indicator)情報

◆注意◆ マルウェア解析専析家向けサイト

     FQDN, URL,IPアドレス等はそのまま掲載しています


** Caution ** Malware expert site

                    FQDN, URL, IP address etc. are posted as they are

トップ > Malware: Backoff (POS) > Backoff (2014/11/25)

Backoff (2014/11/25)

Malware: Backoff (POS)

【インディケータ情報】

■ハッシュ情報(Sha256) -Backoff -

7a5580ddf2eb2fc4f4a0ea28c40f0da9
0fb00a8ad217abe9d92a1faa397842dc
028c9a1619f96dbfd29ca64199f4acde
9223e3472e8ff9ddfa0d0dbad573d530
01d12f4f2f0d3019756d83e94e3b564b
5843ae35bdeb4ca577054936c5c3944e
8b5436ca6e520d6942087bb38e97da65
f9cbd1c3c48c873f3bff8c957ae280c7

(以上は Trendmicroの情報: http://blog.trendmicro.co.jp/archives/10409 )


■URL情報

hxxps://cyberwise.biz/register/register.php
hxxps://verified-deal.com/register/register.php
hxxps://kitchentools.ru/phpbb/showtopic.php
hxxps://cyclingtools.ru/phpbb/showtopic.php
hxxps://biketools.ru/phpbb/showtopic.php
hxxp://143biz.cc.md-14.webhostbox.net/something/login.php?p=Rome0
hxxps://blog.-wordpress-catalog.com/something/login.php?p=Rome0
hxxp://143biz.cc.md-14.webhostbox.net/accounts
hxxps://blog.wordpress-catalog.com/

(以上は Trendmicroの情報: http://blog.trendmicro.co.jp/archives/10409 )


【検索】

google: 7a5580ddf2eb2fc4f4a0ea28c40f0da9
google: 0fb00a8ad217abe9d92a1faa397842dc
google: 028c9a1619f96dbfd29ca64199f4acde
google: 9223e3472e8ff9ddfa0d0dbad573d530
google: 01d12f4f2f0d3019756d83e94e3b564b
google: 5843ae35bdeb4ca577054936c5c3944e
google: 8b5436ca6e520d6942087bb38e97da65
google: f9cbd1c3c48c873f3bff8c957ae280c7



【VT検索】

https://www.virustotal.com/gui/file/7a5580ddf2eb2fc4f4a0ea28c40f0da9
https://www.virustotal.com/gui/file/0fb00a8ad217abe9d92a1faa397842dc
https://www.virustotal.com/gui/file/028c9a1619f96dbfd29ca64199f4acde
https://www.virustotal.com/gui/file/9223e3472e8ff9ddfa0d0dbad573d530
https://www.virustotal.com/gui/file/01d12f4f2f0d3019756d83e94e3b564b
https://www.virustotal.com/gui/file/5843ae35bdeb4ca577054936c5c3944e
https://www.virustotal.com/gui/file/8b5436ca6e520d6942087bb38e97da65
https://www.virustotal.com/gui/file/f9cbd1c3c48c873f3bff8c957ae280c7

https://www.virustotal.com/gui/url/cdddba50c08b0bc2df54c0fe6b4049888177be707afa1e7d5589b9a9534b20cd
https://www.virustotal.com/gui/url/ebc9b583617c338c56a0e291b1f86821eb88f9a639209f3b53a80fca18278dd7
https://www.virustotal.com/gui/url/4606413b4d75f77b7298b2af505566df65654c9f3febd4836ecc15ba58d78d94
https://www.virustotal.com/gui/url/1599a35d70b3d01539bd945436d39721e3ab807f056a8a2c12aff4f2c5afc78f
https://www.virustotal.com/gui/url/f096df1f0134ee4101f997f001a8bea55ef990ccb9feabef1e7dc3a7ecfb5aee
https://www.virustotal.com/gui/url/1c10ee0cb4c5a781ebe43a9b8b3cf94430fed00fab8bf46620dd3c40de4ce7af
https://www.virustotal.com/gui/url/e7a7c1e71b778290264b70972e1ae7b88b6822cbce8eab8a740f2f4efae03424
https://www.virustotal.com/gui/url/6ff2af3aaaf6ba6ab65d9db33b443de1076f465a82ada73c1df5b8075ad7536d
https://www.virustotal.com/gui/url/92ac5329da8413dc1fba4e9109592ffbcbd2ee6eb84917f1ee52965c997c3f63


【ブログ】

◆POSシステムを狙う攻撃者が利用するツールの徹底解析 (Trendmicro, 2014/11/25)
http://blog.trendmicro.co.jp/archives/10409
https://malware-log.hatenablog.com/entry/2014/11/25/000000_2