Gamaredon - IoC (TT Malware Log)

【インディケータ情報】

■ハッシュ情報(Sha256) - Gamaredon(Docx) -

0D90FE36866EE30EB5E4FD98583BC2FDB5B7DA37E42692F390AC5F807A13F057
62CF22F840FFFD8D8781E52B492B03B4EFC835571B48823B07535D52B182E861
84E0B1D94A43C87DE55C000E3ACAE17F4493A57BADDA3B27146AD8ED0F90C93E
B6A94F565D482906BE7DA4D801153EB4DAB46D92F43BE3E1D59DDD2C7F328109
8310D39AA1CDD13CA82C769D61049310F8DDAEA7CD2C3B940A8A3C248E5E7B06
85267E52016B6124E4E42F8B52E68475174C8A2BDF0BC0B501E058E2D388A819
036C2088CB48215F21D4F7D751D750B859D57018C04F6CADD45C0C4FEE23A9F8
19D03A25AF5B71E859561FF8CCC0A073ACB9C61B987BDB28395339F72BAF46B4
CC775E3CF1A64EFFA55570715B73413C3EA3A6B47764A998B1272B5BE059C25B

(以上は Trendmicro の情報: 引用元は https://blog.trendmicro.co.jp/wp-content/uploads/2020/03/IoC-1.pdf )

■ハッシュ情報(Sha256) - Gamaredon(Dot) -

00B761BCE25594DA4C760574D224589DAF01086C5637042982767A13A2F61BEA
4B3AE36B04D6ABA70089CB2099E6BC1BA16D16EA24BBF09992F23260151B9FAF
F577D2B97963B717981C01B535F257E03688FF4A918AA66352AA9CD31845B67D
E888B5E657B41D45EF0B2ED939E27FF9EA3A11C46946E31372CF26D92361C012
C089CCD376C9A4D5E5BDD553181AB4821D2C26FEFC299CCE7A4F023A660484D5
946405E2F26E1CC0BD22BC7E12D403DA939F02E9C4D8DDD012F049CF4BF1FDA9
9CD5FA89D579A664C28DA16064057096A5703773CEF0A079F228F21A4B7FD5D2
250B09F87FE506FBC6CEDF9DBFCB594F7795ED0E02F982B5837334F09E8A184B

(以上は Trendmicro の情報: 引用元は https://blog.trendmicro.co.jp/wp-content/uploads/2020/03/IoC-1.pdf )

【検索】

google: 0D90FE36866EE30EB5E4FD98583BC2FDB5B7DA37E42692F390AC5F807A13F057
google: 62CF22F840FFFD8D8781E52B492B03B4EFC835571B48823B07535D52B182E861
google: 84E0B1D94A43C87DE55C000E3ACAE17F4493A57BADDA3B27146AD8ED0F90C93E
google: B6A94F565D482906BE7DA4D801153EB4DAB46D92F43BE3E1D59DDD2C7F328109
google: 8310D39AA1CDD13CA82C769D61049310F8DDAEA7CD2C3B940A8A3C248E5E7B06
google: 85267E52016B6124E4E42F8B52E68475174C8A2BDF0BC0B501E058E2D388A819
google: 036C2088CB48215F21D4F7D751D750B859D57018C04F6CADD45C0C4FEE23A9F8
google: 19D03A25AF5B71E859561FF8CCC0A073ACB9C61B987BDB28395339F72BAF46B4
google: CC775E3CF1A64EFFA55570715B73413C3EA3A6B47764A998B1272B5BE059C25B

google: 00B761BCE25594DA4C760574D224589DAF01086C5637042982767A13A2F61BEA
google: 4B3AE36B04D6ABA70089CB2099E6BC1BA16D16EA24BBF09992F23260151B9FAF
google: F577D2B97963B717981C01B535F257E03688FF4A918AA66352AA9CD31845B67D
google: E888B5E657B41D45EF0B2ED939E27FF9EA3A11C46946E31372CF26D92361C012
google: C089CCD376C9A4D5E5BDD553181AB4821D2C26FEFC299CCE7A4F023A660484D5
google: 946405E2F26E1CC0BD22BC7E12D403DA939F02E9C4D8DDD012F049CF4BF1FDA9
google: 9CD5FA89D579A664C28DA16064057096A5703773CEF0A079F228F21A4B7FD5D2
google: 250B09F87FE506FBC6CEDF9DBFCB594F7795ED0E02F982B5837334F09E8A184B

【VT検索】

https://www.virustotal.com/gui/file/00B761BCE25594DA4C760574D224589DAF01086C5637042982767A13A2F61BEA
https://www.virustotal.com/gui/file/4B3AE36B04D6ABA70089CB2099E6BC1BA16D16EA24BBF09992F23260151B9FAF
https://www.virustotal.com/gui/file/F577D2B97963B717981C01B535F257E03688FF4A918AA66352AA9CD31845B67D
https://www.virustotal.com/gui/file/E888B5E657B41D45EF0B2ED939E27FF9EA3A11C46946E31372CF26D92361C012
https://www.virustotal.com/gui/file/C089CCD376C9A4D5E5BDD553181AB4821D2C26FEFC299CCE7A4F023A660484D5
https://www.virustotal.com/gui/file/946405E2F26E1CC0BD22BC7E12D403DA939F02E9C4D8DDD012F049CF4BF1FDA9
https://www.virustotal.com/gui/file/9CD5FA89D579A664C28DA16064057096A5703773CEF0A079F228F21A4B7FD5D2
https://www.virustotal.com/gui/file/250B09F87FE506FBC6CEDF9DBFCB594F7795ED0E02F982B5837334F09E8A184B

【ブログ】

◆標的型攻撃グループ「Gamaredon」による日本への攻撃を初観測 (Trendmicro, 2020/03/30)
https://blog.trendmicro.co.jp/archives/24285
⇒ https://malware-log.hatenablog.com/entry/2020/03/30/000000_6