Qakbot (2020/05/15) - IoC (TT Malware Log)

【インディケータ情報】

■ハッシュ情報(Sha256) - Qakbot -

55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9
331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777
6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0
73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4
79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d
2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e
83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882
7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5
3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0
46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c
0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4
273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25
260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d
76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20
3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9
24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c
2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369
78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c
72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063
74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e
245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa
38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc
607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7
0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97
129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292
87c60075bf2b72651cfd4c93e510943fc12d3d0553d518ee48826697bbde8374
8b73c0a590ff6fb955b93c6d5ec29b02058081e784b9e6529a14295989ab5710
8e7e3c2c3ee9a4f4a012152af5a9f030efbf4e372ce08d90cdd85187a01bc469
b09d84c4ba9d6ff9748ef179b9d0c07df1e564fdb09208b3bffa8cbf4ea5012e
b19ff5bc5de2f07838874e5d967dd6f306ae7ac1c6cc7a81778232c992650956
c0791ffae3e34ef414306901a255092a89258aa3257bf7bda01b373eac23baeb
da0f1f404b1cc4036a790c96f93ab39844325bb57ec12bf58364700ec6025b97
ef36b7c3f633b24b3bc194c6885ab5fd9d8efd0625f46879d987aa410dd2a9ac
ef4554845b6f8ad4acf7e3af245a438418d509611bf58a37fa0c666b94365898

(以上は Talos(CISCO)の情報: 引用元は https://blog.talosintelligence.com/2020/05/threat-roundup-0508-0515.html )

【検索】

google: 55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9
google: 331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777
google: 6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0
google: 73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4
google: 79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d
google: 2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e
google: 83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882
google: 7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5
google: 3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0
google: 46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c
google: 0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4
google: 273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25
google: 260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d
google: 76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20
google: 3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9
google: 24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c
google: 2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369
google: 78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c
google: 72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063
google: 74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e
google: 245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa
google: 38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc
google: 607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7
google: 0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97
google: 129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292
google: 87c60075bf2b72651cfd4c93e510943fc12d3d0553d518ee48826697bbde8374
google: 8b73c0a590ff6fb955b93c6d5ec29b02058081e784b9e6529a14295989ab5710
google: 8e7e3c2c3ee9a4f4a012152af5a9f030efbf4e372ce08d90cdd85187a01bc469
google: b09d84c4ba9d6ff9748ef179b9d0c07df1e564fdb09208b3bffa8cbf4ea5012e
google: b19ff5bc5de2f07838874e5d967dd6f306ae7ac1c6cc7a81778232c992650956
google: c0791ffae3e34ef414306901a255092a89258aa3257bf7bda01b373eac23baeb
google: da0f1f404b1cc4036a790c96f93ab39844325bb57ec12bf58364700ec6025b97
google: ef36b7c3f633b24b3bc194c6885ab5fd9d8efd0625f46879d987aa410dd2a9ac
google: ef4554845b6f8ad4acf7e3af245a438418d509611bf58a37fa0c666b94365898

【VT検索】

【ブログ】

◆Threat Roundup for May 8 to May 15 (Talos(CISCO), 2020/05/15)
https://blog.talosintelligence.com/2020/05/threat-roundup-0508-0515.html
https://storage.googleapis.com/blogs-images/ciscoblogs/1/2020/05/20200515-tru.json_.txt
⇒ https://malware-log.hatenablog.com/entry/2020/05/15/000000_5

【関連まとめ記事】

◆全体まとめ
　◆脅威情報 (まとめ)

◆Talos の 1 週間における脅威のまとめ (まとめ)
https://malware-log.hatenablog.com/entry/Talos_Threat