【インディケータ情報】
■ハッシュ情報(Sha256) - APT15 -
bc937f6e958b339f6925023bc2af375d669084e9551fd3753e501ef26e36b39d
750d9eecd533f89b8aa13aeab173a1cf813b021b6824bc30e60f5db6fa7b950b
6ea9cc475d41ca07fa206eb84b10cf2bbd2392366890de5ae67241afa2f4269f
6df9b712ff56009810c4000a0ad47e41b7a6183b69416251e060b5c80cd05785
16b868d1bef6be39f69b4e976595e7bd46b6c0595cf6bc482229dbb9e64f1bce
(以上は nccgroup の情報: 引用元は https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/march/apt15-is-alive-and-strong-an-analysis-of-royalcli-and-royaldns/ )
【検索】
google: bc937f6e958b339f6925023bc2af375d669084e9551fd3753e501ef26e36b39d
google: 750d9eecd533f89b8aa13aeab173a1cf813b021b6824bc30e60f5db6fa7b950b
google: 6ea9cc475d41ca07fa206eb84b10cf2bbd2392366890de5ae67241afa2f4269f
google: 6df9b712ff56009810c4000a0ad47e41b7a6183b69416251e060b5c80cd05785
google: 16b868d1bef6be39f69b4e976595e7bd46b6c0595cf6bc482229dbb9e64f1bce
【VT検索】
https://www.virustotal.com/gui/file/bc937f6e958b339f6925023bc2af375d669084e9551fd3753e501ef26e36b39d
https://www.virustotal.com/gui/file/750d9eecd533f89b8aa13aeab173a1cf813b021b6824bc30e60f5db6fa7b950b
https://www.virustotal.com/gui/file/6ea9cc475d41ca07fa206eb84b10cf2bbd2392366890de5ae67241afa2f4269f
https://www.virustotal.com/gui/file/6df9b712ff56009810c4000a0ad47e41b7a6183b69416251e060b5c80cd05785
https://www.virustotal.com/gui/file/16b868d1bef6be39f69b4e976595e7bd46b6c0595cf6bc482229dbb9e64f1bce
【ニュース】
◆APT15 is alive and strong: An analysis of RoyalCli and RoyalDNS (nccgroup, 2018/03/10)
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/march/apt15-is-alive-and-strong-an-analysis-of-royalcli-and-royaldns/
⇒ https://malware-log.hatenablog.com/entry/2018/03/10/000000