IoC (TT Malware Log)

Malware の IoC(Indicator)情報

◆注意◆ マルウェア解析専析家向けサイト

     FQDN, URL,IPアドレス等はそのまま掲載しています


** Caution ** Malware expert site

                    FQDN, URL, IP address etc. are posted as they are

PlugX

【インディケータ情報】

■ハッシュ情報(MD5) - PlugX -

c870ce1cbc120f74059e5f1bb1f76040
13cdd0d9f222a47589c5c71fa3ac2cbe
53c8096033db54e5ec3d5eb9ac080fc4
e85005524e8e6a8612c9d0899bb952d6
2bd698ae474b18cf4748edd99bd6c9e7
5b425dcf90df36706bcdd21438d6d32a
7af04a468de09c519681dcb0bd77030b
9ee006601c5ee9f6f1992ec38fed63f6
25a2bb2eda3c432a4c1ce481d9ceb2e6
94bdc9ded334eceedfa288ffdd03e30f
257b3ed1145c25e3e67f83f61a637034
583ab1678588b754899b9d2c58f20aa2
62898b77bd9e8e286d6bc760f3e28981
a32468828c12657497cddf57190f5700
b18a316b2ce6e099fe7fbf69283cbc5e
d69598758998cf5f677be9312b807938
ef9d8cd06de03bd5f07b01c1cce9761f
d4398f6f7ba070b6cdee7204f6862bd9
667989ffa5e77943f3384e78adf93510
f86c912661dbda535cbab464e79e26be
17b8e6ac3830ad58afe1a70df4319fae
ac725400d9a5fe832dd40a1afb2951f8
0921d7b4bf06276f4f59c85eb240da29
faacabea42afbc6cd5ce684e1bbfb073
19417f7551bc54db6783823325557773

(以上は Lac の情報。 引用元は https://www.lac.co.jp/lacwatch/people/20170223_001224.html )


【検索】

google: c870ce1cbc120f74059e5f1bb1f76040
google: 13cdd0d9f222a47589c5c71fa3ac2cbe
google: 53c8096033db54e5ec3d5eb9ac080fc4
google: e85005524e8e6a8612c9d0899bb952d6
google: 2bd698ae474b18cf4748edd99bd6c9e7
google: 5b425dcf90df36706bcdd21438d6d32a
google: 7af04a468de09c519681dcb0bd77030b
google: 9ee006601c5ee9f6f1992ec38fed63f6
google: 25a2bb2eda3c432a4c1ce481d9ceb2e6
google: 94bdc9ded334eceedfa288ffdd03e30f
google: 257b3ed1145c25e3e67f83f61a637034
google: 583ab1678588b754899b9d2c58f20aa2
google: 62898b77bd9e8e286d6bc760f3e28981
google: a32468828c12657497cddf57190f5700
google: b18a316b2ce6e099fe7fbf69283cbc5e
google: d69598758998cf5f677be9312b807938
google: ef9d8cd06de03bd5f07b01c1cce9761f
google: d4398f6f7ba070b6cdee7204f6862bd9
google: 667989ffa5e77943f3384e78adf93510
google: f86c912661dbda535cbab464e79e26be
google: 17b8e6ac3830ad58afe1a70df4319fae
google: ac725400d9a5fe832dd40a1afb2951f8
google: 0921d7b4bf06276f4f59c85eb240da29
google: faacabea42afbc6cd5ce684e1bbfb073
google: 19417f7551bc54db6783823325557773


【VT検索】

https://www.virustotal.com/gui/file/c870ce1cbc120f74059e5f1bb1f76040
https://www.virustotal.com/gui/file/13cdd0d9f222a47589c5c71fa3ac2cbe
https://www.virustotal.com/gui/file/53c8096033db54e5ec3d5eb9ac080fc4
https://www.virustotal.com/gui/file/e85005524e8e6a8612c9d0899bb952d6
https://www.virustotal.com/gui/file/2bd698ae474b18cf4748edd99bd6c9e7
https://www.virustotal.com/gui/file/5b425dcf90df36706bcdd21438d6d32a
https://www.virustotal.com/gui/file/7af04a468de09c519681dcb0bd77030b
https://www.virustotal.com/gui/file/9ee006601c5ee9f6f1992ec38fed63f6
https://www.virustotal.com/gui/file/25a2bb2eda3c432a4c1ce481d9ceb2e6
https://www.virustotal.com/gui/file/94bdc9ded334eceedfa288ffdd03e30f
https://www.virustotal.com/gui/file/257b3ed1145c25e3e67f83f61a637034
https://www.virustotal.com/gui/file/583ab1678588b754899b9d2c58f20aa2
https://www.virustotal.com/gui/file/62898b77bd9e8e286d6bc760f3e28981
https://www.virustotal.com/gui/file/a32468828c12657497cddf57190f5700
https://www.virustotal.com/gui/file/b18a316b2ce6e099fe7fbf69283cbc5e
https://www.virustotal.com/gui/file/d69598758998cf5f677be9312b807938
https://www.virustotal.com/gui/file/ef9d8cd06de03bd5f07b01c1cce9761f
https://www.virustotal.com/gui/file/d4398f6f7ba070b6cdee7204f6862bd9
https://www.virustotal.com/gui/file/667989ffa5e77943f3384e78adf93510
https://www.virustotal.com/gui/file/f86c912661dbda535cbab464e79e26be
https://www.virustotal.com/gui/file/17b8e6ac3830ad58afe1a70df4319fae
https://www.virustotal.com/gui/file/ac725400d9a5fe832dd40a1afb2951f8
https://www.virustotal.com/gui/file/0921d7b4bf06276f4f59c85eb240da29
https://www.virustotal.com/gui/file/faacabea42afbc6cd5ce684e1bbfb073
https://www.virustotal.com/gui/file/19417f7551bc54db6783823325557773



【公開情報】

◆攻撃者グループmenuPassとマルウェア「Poison Ivy、PlugX、ChChes」の関連性 (Lac, 2017/02/23)
https://www.lac.co.jp/lacwatch/people/20170223_001224.html