IoC (TT Malware Log)

Malware の IoC(Indicator)情報

◆注意◆ マルウェア解析専析家向けサイト

     FQDN, URL,IPアドレス等はそのまま掲載しています


** Caution ** Malware expert site

                    FQDN, URL, IP address etc. are posted as they are

トップ > Malware: WastedLocker (Ransomware) > WastedLocker (2020/06/23)

WastedLocker (2020/06/23)

Malware: WastedLocker (Ransomware) IoC: Sha256

【インディケータ情報】

■ハッシュ情報(Sha256) --

2f72550c99a297558235caa97d025054f70a276283998d9686c282612ebdbea0
389f2000a22e839ddafb28d9cf522b0b71e303e0ae89e5fc2cd5b53ae9256848
3dfb4e7ca12b7176a0cf12edce288b26a970339e6529a0b2dad7114bba0e16c3
714e0ed61b0ae779af573dce32cbc4d70d23ca6cfe117b63f53ed3627d121feb
810576224c148d673f47409a34bd8c7f743295d536f6d8e95f22ac278852a45f
83710bbb9d8d1cf68b425f52f2fb29d5ebbbd05952b60fb3f09e609dfcf1976c
91e18e5e048b39dfc8d250ae54471249d59c637e7a85981ab0c81cf5a4b8482d
adabf8c1798432b766260ac42ccdd78e0a4712384618a2fc2e3695ff975b0246
b0354649de6183d455a454956c008eb4dec093141af5866cc9ba7b314789844d
bc1c5fecadc752001826b736810713a86cfa64979b3420ab63fe97ba7407f068
c781c56d8c8daedbed9a15fb2ece165b96fdda1a85d3beeba6bb3bc23e917c90
c7cde31daa7f5d0923f9c7591378b4992765eac12efa75c1baaaefa5f6bdb2b6
f093b0006ef5ac52aa1d51fee705aa3b7b10a6af2acb4019b7bc16da4cabb5a1

(以上は NccGroup の情報: 引用元は https://research.nccgroup.com/2020/06/23/wastedlocker-a-new-ransomware-variant-developed-by-the-evil-corp-group/ )


【検索】

google: 2f72550c99a297558235caa97d025054f70a276283998d9686c282612ebdbea0
google: 389f2000a22e839ddafb28d9cf522b0b71e303e0ae89e5fc2cd5b53ae9256848
google: 3dfb4e7ca12b7176a0cf12edce288b26a970339e6529a0b2dad7114bba0e16c3
google: 714e0ed61b0ae779af573dce32cbc4d70d23ca6cfe117b63f53ed3627d121feb
google: 810576224c148d673f47409a34bd8c7f743295d536f6d8e95f22ac278852a45f
google: 83710bbb9d8d1cf68b425f52f2fb29d5ebbbd05952b60fb3f09e609dfcf1976c
google: 91e18e5e048b39dfc8d250ae54471249d59c637e7a85981ab0c81cf5a4b8482d
google: adabf8c1798432b766260ac42ccdd78e0a4712384618a2fc2e3695ff975b0246
google: b0354649de6183d455a454956c008eb4dec093141af5866cc9ba7b314789844d
google: bc1c5fecadc752001826b736810713a86cfa64979b3420ab63fe97ba7407f068
google: c781c56d8c8daedbed9a15fb2ece165b96fdda1a85d3beeba6bb3bc23e917c90
google: c7cde31daa7f5d0923f9c7591378b4992765eac12efa75c1baaaefa5f6bdb2b6
google: f093b0006ef5ac52aa1d51fee705aa3b7b10a6af2acb4019b7bc16da4cabb5a1


【VT検索】

https://www.virustotal.com/gui/file/2f72550c99a297558235caa97d025054f70a276283998d9686c282612ebdbea0
https://www.virustotal.com/gui/file/389f2000a22e839ddafb28d9cf522b0b71e303e0ae89e5fc2cd5b53ae9256848
https://www.virustotal.com/gui/file/3dfb4e7ca12b7176a0cf12edce288b26a970339e6529a0b2dad7114bba0e16c3
https://www.virustotal.com/gui/file/714e0ed61b0ae779af573dce32cbc4d70d23ca6cfe117b63f53ed3627d121feb
https://www.virustotal.com/gui/file/810576224c148d673f47409a34bd8c7f743295d536f6d8e95f22ac278852a45f
https://www.virustotal.com/gui/file/83710bbb9d8d1cf68b425f52f2fb29d5ebbbd05952b60fb3f09e609dfcf1976c
https://www.virustotal.com/gui/file/91e18e5e048b39dfc8d250ae54471249d59c637e7a85981ab0c81cf5a4b8482d
https://www.virustotal.com/gui/file/adabf8c1798432b766260ac42ccdd78e0a4712384618a2fc2e3695ff975b0246
https://www.virustotal.com/gui/file/b0354649de6183d455a454956c008eb4dec093141af5866cc9ba7b314789844d
https://www.virustotal.com/gui/file/bc1c5fecadc752001826b736810713a86cfa64979b3420ab63fe97ba7407f068
https://www.virustotal.com/gui/file/c781c56d8c8daedbed9a15fb2ece165b96fdda1a85d3beeba6bb3bc23e917c90
https://www.virustotal.com/gui/file/c7cde31daa7f5d0923f9c7591378b4992765eac12efa75c1baaaefa5f6bdb2b6
https://www.virustotal.com/gui/file/f093b0006ef5ac52aa1d51fee705aa3b7b10a6af2acb4019b7bc16da4cabb5a1


【ANY-RUN検索】

項目 内容
MD5 A445CDA34B21A4926A5ACE7ACC610DF2
SHA1 B59C4DDC4E2D9BC806AF0FB4FE4E80776382A4A9
SHA256 2F72550C99A297558235CAA97D025054F70A276283998D9686C282612EBDBEA0
SSDEEP 6144:2EGPBH8YGTIYB4RHRUZDYDWE3QF7PMKZS3WEC8IJSWWIR08JRGML2SLOA:2EQDWIYB4LEDKWQQF+KZT9BSWWITR9OA
ファイル名 chikenchuchu123.exe

◆2f72550c99a297558235caa97d025054f70a276283998d9686c282612ebdbea0
https://any.run/report/2f72550c99a297558235caa97d025054f70a276283998d9686c282612ebdbea0/f6d3d9a4-a645-467a-92b8-5d4dcd2075c7
https://app.any.run/tasks/f6d3d9a4-a645-467a-92b8-5d4dcd2075c7

【ブログ】

◆WastedLocker: A New Ransomware Variant Developed By The Evil Corp Group (NccGroup, 2020/06/23)
[WastedLocker:Evil Corp Groupが開発した新しいランサムウェア亜種]
https://research.nccgroup.com/2020/06/23/wastedlocker-a-new-ransomware-variant-developed-by-the-evil-corp-group/


【関連まとめ記事】

全体まとめ
 ◆マルウェア / Malware (まとめ)
  ◆ランサムウェア (まとめ)

◆WastedLocker (まとめ)
https://malware-log.hatenablog.com/entry/WastedLocker