【インディケータ情報】
■ハッシュ情報(Sha256) - : AZORult v3.2 -
494EDDDC91292A5B25681C985F52850518AC9F9F5634232866F8D821B1B645C0
E022B5AFC18C2E5E9E74307CD27B0ADD7A5A0CE7BE41678223CEEA76DBED6F26
(以上は Cylance の情報: 引用元は https://www.cylance.com/ja_jp/blog/jp-threat-spotlight-analyzing-azorult-infostealer-malware.html )
■ハッシュ情報(Sha256) - : AZORult v3.3 -
12B6A633B470216952DB405356C9B565EE58C6DCB27D57ED6492DFAF51D22E61
748C94BFDB94B322C876114FCF55A6043F1CD612766E8AF1635218A747F45FB9
(以上は Cylance の情報: 引用元は https://www.cylance.com/ja_jp/blog/jp-threat-spotlight-analyzing-azorult-infostealer-malware.html )
■URL - C2 サーバ -
hxxp://nagoyashi.chimkent.su/index.php
hxxp://ivanoffol3.temp.swtest.ru/index.php
hxxp://mockerton.top/index.php
hxxp://www.jma-go.jp/java/java9356/index.php
hxxp://cindysonam.org/putty.exe
(以上は Cylance の情報: 引用元は https://www.cylance.com/ja_jp/blog/jp-threat-spotlight-analyzing-azorult-infostealer-malware.html )
■Mutex - AZORult -
A{Generated ID by AZORult}
(以上は Cylance の情報: 引用元は https://www.cylance.com/ja_jp/blog/jp-threat-spotlight-analyzing-azorult-infostealer-malware.html )
【検索】
google: 494EDDDC91292A5B25681C985F52850518AC9F9F5634232866F8D821B1B645C0
google: E022B5AFC18C2E5E9E74307CD27B0ADD7A5A0CE7BE41678223CEEA76DBED6F26
google: 12B6A633B470216952DB405356C9B565EE58C6DCB27D57ED6492DFAF51D22E61
google: 748C94BFDB94B322C876114FCF55A6043F1CD612766E8AF1635218A747F45FB9
【VT検索】
https://www.virustotal.com/gui/file/494EDDDC91292A5B25681C985F52850518AC9F9F5634232866F8D821B1B645C0
https://www.virustotal.com/gui/file/E022B5AFC18C2E5E9E74307CD27B0ADD7A5A0CE7BE41678223CEEA76DBED6F26
https://www.virustotal.com/gui/file/12B6A633B470216952DB405356C9B565EE58C6DCB27D57ED6492DFAF51D22E61
https://www.virustotal.com/gui/file/748C94BFDB94B322C876114FCF55A6043F1CD612766E8AF1635218A747F45FB9