IoC (TT Malware Log)

Malware の IoC(Indicator)情報

◆注意◆ マルウェア解析専析家向けサイト

     FQDN, URL,IPアドレス等はそのまま掲載しています


** Caution ** Malware expert site

                    FQDN, URL, IP address etc. are posted as they are

Gustuff

Malware: Gustuff

【インディケータ情報】

■ハッシュ情報(Sha256)

5981f8ec5b35f3891022f1f1cdbf092c56a9b0ac8acbcd20810cc22e7efb5e0b
03d1a55ce6879d79239db32c2c8e83c4a3e10cb9123d513ce7fd04defb971886
3027fbd59b8dd25dcabd21800d8e8ab3222a1ae3e2d268857def4311bb01ea2e
b13e6d70b07d6127d803d2374ebfb1e66a3b4cfd865cc2eb0e45455401be527e
65a7d4f9b3549198b008a089d0c8feb30c5409efc52e8a496f503fa262a6e922

(以上は Talos(CISCO)の情報: 引用元は https://blog.talosintelligence.com/2019/10/gustuffv2.html )



■IPアドレス

88.99.174 [。] 142
88.99.175 [。] 152
88.99.170 [。] 43
88.99.170 [。] 141
78.46.201 [。] 36
88.99.174 [。] 140

(以上は Talos(CISCO)の情報: 引用元は https://blog.talosintelligence.com/2019/10/gustuffv2.html )

■FQDN

instagram-shared [。] pw
instagram-shared [。] store
instagram-shared [。] info
instagram-share [。] com
intagram-share [。] com
instagram-shared [。] net
instagram-shared [。] com
ビデオ-hd33 [。] site
video-hd30 [。] site
video-hd29 [。] site
video-hd24 [。] site
video-hd20 [。] site
video-hd18 [。] site
video-hd17 [。] site
hd- video5 [。] site
hd-video4 [。] site
video-hosting [。] site
video-hd1 [。] site
video-hd [。] site
hd-
video1 [。] site homevideo641a [。] cf
homevideo651a [。] cf
homevideo5-23b [。] ml
homevideo631a [。] cf
homevideo611a [。] cf
homevideo4-23b [。] ml
homevideo641a [。] ga
homevideo3-23b [。] ml
homevideo54-1a [。] ml
videohosting32-e [。] cf
videohosting23c [。] cf
videohosting62-b [。] tk

(以上は Talos(CISCO)の情報: 引用元は https://blog.talosintelligence.com/2019/10/gustuffv2.html )


【検索】

google: 5981f8ec5b35f3891022f1f1cdbf092c56a9b0ac8acbcd20810cc22e7efb5e0b
google: 03d1a55ce6879d79239db32c2c8e83c4a3e10cb9123d513ce7fd04defb971886
google: 3027fbd59b8dd25dcabd21800d8e8ab3222a1ae3e2d268857def4311bb01ea2e
google: b13e6d70b07d6127d803d2374ebfb1e66a3b4cfd865cc2eb0e45455401be527e
google: 65a7d4f9b3549198b008a089d0c8feb30c5409efc52e8a496f503fa262a6e922


【VT検索】

https://www.virustotal.com/gui/file/5981f8ec5b35f3891022f1f1cdbf092c56a9b0ac8acbcd20810cc22e7efb5e0b
https://www.virustotal.com/gui/file/03d1a55ce6879d79239db32c2c8e83c4a3e10cb9123d513ce7fd04defb971886
https://www.virustotal.com/gui/file/3027fbd59b8dd25dcabd21800d8e8ab3222a1ae3e2d268857def4311bb01ea2e
https://www.virustotal.com/gui/file/b13e6d70b07d6127d803d2374ebfb1e66a3b4cfd865cc2eb0e45455401be527e
https://www.virustotal.com/gui/file/65a7d4f9b3549198b008a089d0c8feb30c5409efc52e8a496f503fa262a6e922


【ブログ】

◆Gustuff return, new features for victims (Talos(CISCO), 2019/10/21)
https://blog.talosintelligence.com/2019/10/gustuffv2.html#more