【インディケータ情報】
■ハッシュ情報 (MD5)
031dd207c8276bcc5b41825f0a3e31b0
0f9931210bde86753d0f4a9abc5611fd
12597de0e709e44442418e89721b9140
32ea267296c8694c0b5f5baeacf34b0e
395d52f738eb75852fe501df13231c8d
39b7c130f1a02665fd72d65f4f9cb634
3c5575ce80e0847360cd2306c64b51a0
46d781620afc536afa25381504059612
4ec86a35f6982e6545b771376a6f65bb
73e7ddd6b49cdaa982ea8cb578f3af15
8452d52034d3b2cb612dbc59ed609163
8c099a15a19b6e5b29a3794abf8a5878
9d3fdb1e370c0ee6315b4625ecf2ac55
d2f9335a305440d91702c803b6d046b6
34187a34d0a3c5d63016c26346371b54
(以上は Fireeye の情報: 引用元は https://www.fireeye.com/blog/threat-research/2019/04/pick-six-intercepting-a-fin6-intrusion.html )
■IPアドレス
31.220.45[.]151
46.166.173[.]109
62.210.136[.]65
89.105.194[.]236
93.115.26[.]171
103.73.65[.]116
176.126.85[.]207
185.202.174[.]31
185.202.174[.]41
185.202.174[.]44
185.202.174[.]80
185.202.174[.]84
185.202.174[.]91
185.222.211[.]98
(以上は Fireeye の情報: 引用元は https://www.fireeye.com/blog/threat-research/2019/04/pick-six-intercepting-a-fin6-intrusion.html )
■URL
hxxps://176.126.85[.]207:443/7sJh
hxxps://176.126.85[.]207/ca
hxxps://176.126.85[.]207:443/ilX9zObq6LleAF8BBdsdHwRjapd8_1Tl4Y-9Rc6hMbPXHPgVTWTtb0xfb7BpIyC1Lia31F5gCN_btvkad7aR2JF5ySRLZmTtY
hxxps://pastebin[.]com/raw/0v6RiYEY
hxxps://pastebin[.]com/raw/YAm4QnE7
hxxps://pastebin[.]com/raw/p5U9siCD
hxxps://pastebin[.]com/raw/BKVLHWa0
hxxps://pastebin[.]com/raw/HPpvY00Q
hxxps://pastebin[.]com/raw/L4LQQfXE
hxxps://pastebin[.]com/raw/YAm4QnE7
hxxps://pastebin[.]com/raw/p5U9siCD
hxxps://pastebin[.]com/raw/tDAbbY52
hxxps://pastebin[.]com/raw/u9yYjTr7
hxxps://pastebin[.]com/raw/wrehJuGp
hxxps://pastebin[.]com/raw/tDAbbY52
hxxps://pastebin[.]com/raw/wrehJuGp
hxxps://pastebin[.]com/raw/Bber9jae
(以上は Fireeye の情報: 引用元は https://www.fireeye.com/blog/threat-research/2019/04/pick-six-intercepting-a-fin6-intrusion.html )
【検索】
google: 031dd207c8276bcc5b41825f0a3e31b0
google: 0f9931210bde86753d0f4a9abc5611fd
google: 12597de0e709e44442418e89721b9140
google: 32ea267296c8694c0b5f5baeacf34b0e
google: 395d52f738eb75852fe501df13231c8d
google: 39b7c130f1a02665fd72d65f4f9cb634
google: 3c5575ce80e0847360cd2306c64b51a0
google: 46d781620afc536afa25381504059612
google: 4ec86a35f6982e6545b771376a6f65bb
google: 73e7ddd6b49cdaa982ea8cb578f3af15
google: 8452d52034d3b2cb612dbc59ed609163
google: 8c099a15a19b6e5b29a3794abf8a5878
google: 9d3fdb1e370c0ee6315b4625ecf2ac55
google: d2f9335a305440d91702c803b6d046b6
google: 34187a34d0a3c5d63016c26346371b54
【VT検索】
google: site:virustotal.com 031dd207c8276bcc5b41825f0a3e31b0
google: site:virustotal.com 0f9931210bde86753d0f4a9abc5611fd
google: site:virustotal.com 12597de0e709e44442418e89721b9140
google: site:virustotal.com 32ea267296c8694c0b5f5baeacf34b0e
google: site:virustotal.com 395d52f738eb75852fe501df13231c8d
google: site:virustotal.com 39b7c130f1a02665fd72d65f4f9cb634
google: site:virustotal.com 3c5575ce80e0847360cd2306c64b51a0
google: site:virustotal.com 46d781620afc536afa25381504059612
google: site:virustotal.com 4ec86a35f6982e6545b771376a6f65bb
google: site:virustotal.com 73e7ddd6b49cdaa982ea8cb578f3af15
google: site:virustotal.com 8452d52034d3b2cb612dbc59ed609163
google: site:virustotal.com 8c099a15a19b6e5b29a3794abf8a5878
google: site:virustotal.com 9d3fdb1e370c0ee6315b4625ecf2ac55
google: site:virustotal.com d2f9335a305440d91702c803b6d046b6
google: site:virustotal.com 34187a34d0a3c5d63016c26346371b54
【ブログ】
◆Pick-Six: Intercepting a FIN6 Intrusion, an Actor Recently Tied to Ryuk and LockerGoga Ransomware (FireEye, 2019/04/05)
https://www.fireeye.com/blog/threat-research/2019/04/pick-six-intercepting-a-fin6-intrusion.html
⇒ https://malware-log.hatenablog.com/entry/2019/04/05/000000_8
【関連まとめ記事】
◆全体まとめ
◆攻撃組織 / Actor (まとめ)
◆サイバー犯罪組織 (まとめ)
◆Fin6 (まとめ)
https://malware-log.hatenablog.com/entry/Fin6
