【インディケータ情報】
■ハッシュ情報(Sha256) - Daserf(Delphiで記述) -
4e15392553ca8e7d06f9f592eb04cf6dbfed18c98c56afc0ccd132465b270e12
89a80ca92600af64eb9c32cab4e936c7d675cf815424d72438973e2d6788ef64
b1bd03cd12638f44d9ace271f65645e7f9b707f86e9bcf790e0e5a96b755556b
22e1965154bdb91dd281f0e86c8be96bf1f9a1e5fe93c60a1d30b79c0c0f0d43
b1fdc6dc330e78a66757b77cc67a0e9931b777cd7af9f839911eecb74c04420a
67e32df3a460f005e7aec83b903f6d47d5533ff3843a97d186ad02316dff9fa9
2c449b562dfce53cf98acaddf37286cfb2d1e9da1536511a08bbd24ed93624a6
236848e301d71cab6e17a0503fb268f25412838eccb5fb17e78580d2d0a3a31d
b0966e89eae36a309d89a0c15c8a07677f58130fdc76bc98c16968376ec80626
68e5013a8147e77e892dcd06687e5e815c3837fb83fbff16bac442c65b2f3e73
e2f174f8368b46054e6ec2feec00b878b63e331ba3628374d584b238a95fd770
7afb8082822bf3e55c6639ed2e272846c6be0e5c1fd40402b8b0f69e37402461
630aa710bb7080143498d7fafbb152bbfe581bf690d9bfad041e4e285f152de2
(以上は SecureWorks(Dell) の情報: 引用元は https://www.secureworks.com/research/bronze-butler-targets-japanese-businesses )
■IPアドレス - Daserf(Delphiで記述) C2 server -
115.144.166.240
203.111.252.40
27.255.69.209
27.255.91.238
106.184.5.30
(以上は SecureWorks(Dell) の情報: 引用元は https://www.secureworks.com/research/bronze-butler-targets-japanese-businesses )
【検索】
google: 4e15392553ca8e7d06f9f592eb04cf6dbfed18c98c56afc0ccd132465b270e12
google: 89a80ca92600af64eb9c32cab4e936c7d675cf815424d72438973e2d6788ef64
google: b1bd03cd12638f44d9ace271f65645e7f9b707f86e9bcf790e0e5a96b755556b
google: 22e1965154bdb91dd281f0e86c8be96bf1f9a1e5fe93c60a1d30b79c0c0f0d43
google: b1fdc6dc330e78a66757b77cc67a0e9931b777cd7af9f839911eecb74c04420a
google: 67e32df3a460f005e7aec83b903f6d47d5533ff3843a97d186ad02316dff9fa9
google: 2c449b562dfce53cf98acaddf37286cfb2d1e9da1536511a08bbd24ed93624a6
google: 236848e301d71cab6e17a0503fb268f25412838eccb5fb17e78580d2d0a3a31d
google: b0966e89eae36a309d89a0c15c8a07677f58130fdc76bc98c16968376ec80626
google: 68e5013a8147e77e892dcd06687e5e815c3837fb83fbff16bac442c65b2f3e73
google: e2f174f8368b46054e6ec2feec00b878b63e331ba3628374d584b238a95fd770
google: 7afb8082822bf3e55c6639ed2e272846c6be0e5c1fd40402b8b0f69e37402461
google: 630aa710bb7080143498d7fafbb152bbfe581bf690d9bfad041e4e285f152de2
【VT検索】
https://www.virustotal.com/gui/file/4e15392553ca8e7d06f9f592eb04cf6dbfed18c98c56afc0ccd132465b270e12
https://www.virustotal.com/gui/file/89a80ca92600af64eb9c32cab4e936c7d675cf815424d72438973e2d6788ef64
https://www.virustotal.com/gui/file/b1bd03cd12638f44d9ace271f65645e7f9b707f86e9bcf790e0e5a96b755556b
https://www.virustotal.com/gui/file/22e1965154bdb91dd281f0e86c8be96bf1f9a1e5fe93c60a1d30b79c0c0f0d43
https://www.virustotal.com/gui/file/b1fdc6dc330e78a66757b77cc67a0e9931b777cd7af9f839911eecb74c04420a
https://www.virustotal.com/gui/file/67e32df3a460f005e7aec83b903f6d47d5533ff3843a97d186ad02316dff9fa9
https://www.virustotal.com/gui/file/2c449b562dfce53cf98acaddf37286cfb2d1e9da1536511a08bbd24ed93624a6
https://www.virustotal.com/gui/file/236848e301d71cab6e17a0503fb268f25412838eccb5fb17e78580d2d0a3a31d
https://www.virustotal.com/gui/file/b0966e89eae36a309d89a0c15c8a07677f58130fdc76bc98c16968376ec80626
https://www.virustotal.com/gui/file/68e5013a8147e77e892dcd06687e5e815c3837fb83fbff16bac442c65b2f3e73
https://www.virustotal.com/gui/file/e2f174f8368b46054e6ec2feec00b878b63e331ba3628374d584b238a95fd770
https://www.virustotal.com/gui/file/7afb8082822bf3e55c6639ed2e272846c6be0e5c1fd40402b8b0f69e37402461
https://www.virustotal.com/gui/file/630aa710bb7080143498d7fafbb152bbfe581bf690d9bfad041e4e285f152de2
【ブログ】
◆BRONZE BUTLER Targets Japanese Enterprises (SecureWorks, 2017/10/12)
https://www.secureworks.com/research/bronze-butler-targets-japanese-businesses
⇒ http://malware-log.hatenablog.com/entry/2017/10/12/000000_6
