IoC (TT Malware Log)

Malware の IoC(Indicator)情報

◆注意◆ マルウェア専門家向けサイト

     FQDN, URL,IPアドレス等はそのまま掲載しています


** Caution ** Malware expert site

                    FQDN, URL, IP address etc. are posted as they are

Voicemail

【インディケータ情報】

■添付ファイル名

10-August-2019.wav.html [Format: DD-Month-YYYY.wav.html]
14-August-2019.html [Format: DD-Month-YYYY.html]
Voice-17-July2019wav.htm [Format: Voice- DD-MonthYYYYwav.htm]
Audio_Telephone_Message15-August-2019.wav.html [Format: Audio_Telephone_MessageDD-Month-YY
YY.wav.html]


■定義ファイル(McAfee)

HTML/Phishing.g V2 DAT = 9349, V3 DAT = 3800
HTML/Phishing.av V2 DAT = 9371, V3 DAT = 3821
HTML/Phishing.aw V2 DAT = 9371, V3 DAT = 3821

The hashes of the attachments will not be provided as this will provide information on the potential targets


■ドメイン

hxxps://aws.oficce.cloudns.asia/live/?email=
hxxps://katiorpea.com/?email=
hxxps://soiuurea.com/?email=
hxxps://afaheab.com/?email=
hxxps://aheahpincpea.com/?email=


【ニュース】

◆Office 365 Users Targeted by Voicemail Scam Pages (McAfee, 2019/10/30)
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/office-365-users-targeted-by-voicemail-scam-pages/
https://malware-log.hatenablog.com/entry/2019/10/30/000000_14