IoC (TT Malware Log)

Malware の IoC(Indicator)情報

◆注意◆ マルウェア解析専析家向けサイト

     FQDN, URL,IPアドレス等はそのまま掲載しています


** Caution ** Malware expert site

                    FQDN, URL, IP address etc. are posted as they are

Locky & Fakeglobe

【インディケータ情報】

■ハッシュ情報(Sha256) - Fakeglobe -

39256f126bba17770310c2115586b9f22b858cf15c43ab36bd7cfb18ad63a0c2
a299f3de0c9277c0ce7dd3f7dc9aee57a7abe78b155919b1ecced1896c69653b
0f6ae637a9d15503a0af42be649388f01f8637ca16b15526e318a94b7f34bf6e
4d4a0e1d7218180452e22e6b52a7f9a0db1e0c0aa51a48f9a79c600b51030050
bb1df4a93fc27c54c78f84323e0ea7bb2b54469893150e3ea991826c81b56f47
e75e5d374f20c386b1114252647cca7bd407190cafb26c6cfbd42c5f9223fe6c
067eb2754a823953a6efa1dfe9353eeabf699f171d21ffbff8e2303f7f678139
6bdf46209fda582d7af5b74770b0eccf6abd3dbeabce3bdfb88db2f252ee778a
efb154bccff1e9a0f090a6afd7a08bf2c1fffea745b575a0bf31f22998688973
12e75bdbc3f0b489a89104c646aee10a71277c22b6abbc6e346d1ba6f17edf6d

(以上は Trendmicro の情報: 引用元は http://blog.trendmicro.co.jp/archives/16089 )


■ハッシュ情報(Sha256) - Locky -

3cb4484976676ac043fae870addaa57e858c1286cdb17d01ef8c973c5ec5b015

(以上は Trendmicro の情報: 引用元は http://blog.trendmicro.co.jp/archives/16089 )


【検索】

google:]39256f126bba17770310c2115586b9f22b858cf15c43ab36bd7cfb18ad63a0c2
google:]a299f3de0c9277c0ce7dd3f7dc9aee57a7abe78b155919b1ecced1896c69653b
google:]0f6ae637a9d15503a0af42be649388f01f8637ca16b15526e318a94b7f34bf6e
google:]4d4a0e1d7218180452e22e6b52a7f9a0db1e0c0aa51a48f9a79c600b51030050
google:]bb1df4a93fc27c54c78f84323e0ea7bb2b54469893150e3ea991826c81b56f47
google:]e75e5d374f20c386b1114252647cca7bd407190cafb26c6cfbd42c5f9223fe6c
google:]067eb2754a823953a6efa1dfe9353eeabf699f171d21ffbff8e2303f7f678139
google:]6bdf46209fda582d7af5b74770b0eccf6abd3dbeabce3bdfb88db2f252ee778a
google:]efb154bccff1e9a0f090a6afd7a08bf2c1fffea745b575a0bf31f22998688973
google:]3cb4484976676ac043fae870addaa57e858c1286cdb17d01ef8c973c5ec5b015
google:]12e75bdbc3f0b489a89104c646aee10a71277c22b6abbc6e346d1ba6f17edf6d


【VT検索】

https://www.virustotal.com/gui/file/39256f126bba17770310c2115586b9f22b858cf15c43ab36bd7cfb18ad63a0c2
https://www.virustotal.com/gui/file/a299f3de0c9277c0ce7dd3f7dc9aee57a7abe78b155919b1ecced1896c69653b
https://www.virustotal.com/gui/file/0f6ae637a9d15503a0af42be649388f01f8637ca16b15526e318a94b7f34bf6e
https://www.virustotal.com/gui/file/4d4a0e1d7218180452e22e6b52a7f9a0db1e0c0aa51a48f9a79c600b51030050
https://www.virustotal.com/gui/file/bb1df4a93fc27c54c78f84323e0ea7bb2b54469893150e3ea991826c81b56f47
https://www.virustotal.com/gui/file/e75e5d374f20c386b1114252647cca7bd407190cafb26c6cfbd42c5f9223fe6c
https://www.virustotal.com/gui/file/067eb2754a823953a6efa1dfe9353eeabf699f171d21ffbff8e2303f7f678139
https://www.virustotal.com/gui/file/6bdf46209fda582d7af5b74770b0eccf6abd3dbeabce3bdfb88db2f252ee778a
https://www.virustotal.com/gui/file/efb154bccff1e9a0f090a6afd7a08bf2c1fffea745b575a0bf31f22998688973
https://www.virustotal.com/gui/file/3cb4484976676ac043fae870addaa57e858c1286cdb17d01ef8c973c5ec5b015
https://www.virustotal.com/gui/file/12e75bdbc3f0b489a89104c646aee10a71277c22b6abbc6e346d1ba6f17edf6d



【ブログ】

◆「LOCKY」と「FAKEGLOBE」、2つのランサムウェアを交互に拡散するスパムメール送信活動を確認 (Trendmicro, 2017/10/10)
http://blog.trendmicro.co.jp/archives/16089