IoC (TT Malware Log)

Malware の IoC(Indicator)情報

◆注意◆　マルウェア解析専析家向けサイト

　　　　　FQDN, URL,IPアドレス等はそのまま掲載しています

** Caution ** Malware expert site

FQDN, URL, IP address etc. are posted as they are

2019-11-29

Lilith

malware: Lilith 攻撃組織: Tick / Bronze Butler / NCPH / RedBaldKnight / The Bald Knight Rises

【インディケータ情報】

■ハッシュ情報(Sha256) - Lilith -

20334c3c49d640943f2e56070b0ed36116959e5841cdd6db0d7a559723ef3292
5e4a190f8f4fc8800cf348cdc0e1ddc674215b02d1ef9b9a9e12605a3e0315cf
84fef099ce23dc8bff13baa279e3ecb66131f255f0e5590c8eee8afb86d51da5
7924cb540d8fd0bcad6207e9386f60b1b1091a2ced52c127cac1a0f5465b42df
f3ff180ec14ddcd38f438ea3a968c1558d5eabac596fb920d2eddd043c5a4122

【資料】

◆Operation ENDTRADE: TICK’s Multi-Stage Backdoors for Attacking Industries and Stealing Classified Data (Trendmicro, 2019/11/29)
https://documents.trendmicro.com/assets/pdf/Operation-ENDTRADE-Tick-Multi-Stage-Backdoors-for-Attacking-Industries-and-Stealing-Classified-Data.pdf
⇒ https://malware-log.hatenablog.com/entry/2019/11/29/000000_7