【インディケータ情報】
■ハッシュ情報(Sha256) - Emotet Document-
5d2c6110f2ea87a6b7fe9256affbac0eebdeee18081d59e05df4b4a17417492b
4fdff0ebd50d37a32eb5c3a1b2009cb9764e679d8ee95ca7551815b7e8406206
bb5602ea74258ccad36d28f6a5315d07fbeb442a02d0c91b39ca6ba0a0fe71a2
6d86e68c160b25d25765a4f1a2f8f1f032b2d5cb0d1f39d1d504eeaa69492de0
18fab1420a6a968e88909793b3d87af2e8e1e968bf7279d981276a2aa8aa678e
d5213404d4cc40494af138f8051b01ec3f1856b72de3e24f75aca8c024783e89
(以上は MalwareBytes の情報: 引用元は https://blog.malwarebytes.com/trojans/2020/07/long-dreaded-emotet-has-returned/ )
■ハッシュ情報(Sha256) - Emotet Binary -
454d3f0170a0aa750253d4bf697f9fa21b8d93c8ca6625c935b30e4b18835374
d51073eef56acf21e741c827b161c3925d9b45f701a9598ced41893c723ace23
1368a26328c15b6d204aef2b7d493738c83fced23f6b49fd8575944b94bcfbf4
7814f49b3d58b0633ea0a2cb44def98673aad07bd99744ec415534606a9ef314
f04388ca778ec86e83bf41aa6bfa1b163f42e916d0fbab7e50eaadc8b47caa50(以上は MalwareBytes の情報: 引用元は https://blog.malwarebytes.com/trojans/2020/07/long-dreaded-emotet-has-returned/ )
■FQDN - Emotet -
elseelektrikci.com
rviradeals.com
skenglish.com
packersmoversmohali.com
tri-comma.com
ramukakaonline.com
shubhinfoways.com
test2.cxyw.net
sustainableandorganicgarments.com
staging.icuskin.com
fivestarcleanerstx.com
bhandaraexpress.com
crm.shaayanpharma.com
zazabajouk.com
e2e-solution.com
topgameus.com
cpads.net
tyres2c.com
thesuperservice.com
ssuse.com(以上は MalwareBytes の情報: 引用元は https://blog.malwarebytes.com/trojans/2020/07/long-dreaded-emotet-has-returned/ )
■IPアドレス - Emotet(C2) -
178.210.171.15
109.117.53.230
212.51.142.238
190.160.53.126(以上は MalwareBytes の情報: 引用元は https://blog.malwarebytes.com/trojans/2020/07/long-dreaded-emotet-has-returned/ )
【検索】
google: 5d2c6110f2ea87a6b7fe9256affbac0eebdeee18081d59e05df4b4a17417492b
google: 4fdff0ebd50d37a32eb5c3a1b2009cb9764e679d8ee95ca7551815b7e8406206
google: bb5602ea74258ccad36d28f6a5315d07fbeb442a02d0c91b39ca6ba0a0fe71a2
google: 6d86e68c160b25d25765a4f1a2f8f1f032b2d5cb0d1f39d1d504eeaa69492de0
google: 18fab1420a6a968e88909793b3d87af2e8e1e968bf7279d981276a2aa8aa678e
google: d5213404d4cc40494af138f8051b01ec3f1856b72de3e24f75aca8c024783e89google: 454d3f0170a0aa750253d4bf697f9fa21b8d93c8ca6625c935b30e4b18835374
google: d51073eef56acf21e741c827b161c3925d9b45f701a9598ced41893c723ace23
google: 1368a26328c15b6d204aef2b7d493738c83fced23f6b49fd8575944b94bcfbf4
google: 7814f49b3d58b0633ea0a2cb44def98673aad07bd99744ec415534606a9ef314
google: f04388ca778ec86e83bf41aa6bfa1b163f42e916d0fbab7e50eaadc8b47caa50google: "elseelektrikci.com"
google: "rviradeals.com"
google: "skenglish.com"
google: "packersmoversmohali.com"
google: "tri-comma.com"
google: "ramukakaonline.com"
google: "shubhinfoways.com"
google: "test2.cxyw.net"
google: "sustainableandorganicgarments.com"
google: "staging.icuskin.com"
google: "fivestarcleanerstx.com"
google: "bhandaraexpress.com"
google: "crm.shaayanpharma.com"
google: "zazabajouk.com"
google: "e2e-solution.com"
google: "topgameus.com"
google: "cpads.net"
google: "tyres2c.com"
google: "thesuperservice.com"
google: "ssuse.com"google: "178.210.171.15"
google: "109.117.53.230"
google: "212.51.142.238"
google: "190.160.53.126"【VT検索】
https://www.virustotal.com/gui/file/5d2c6110f2ea87a6b7fe9256affbac0eebdeee18081d59e05df4b4a17417492b
https://www.virustotal.com/gui/file/4fdff0ebd50d37a32eb5c3a1b2009cb9764e679d8ee95ca7551815b7e8406206
https://www.virustotal.com/gui/file/bb5602ea74258ccad36d28f6a5315d07fbeb442a02d0c91b39ca6ba0a0fe71a2
https://www.virustotal.com/gui/file/6d86e68c160b25d25765a4f1a2f8f1f032b2d5cb0d1f39d1d504eeaa69492de0
https://www.virustotal.com/gui/file/18fab1420a6a968e88909793b3d87af2e8e1e968bf7279d981276a2aa8aa678e
https://www.virustotal.com/gui/file/d5213404d4cc40494af138f8051b01ec3f1856b72de3e24f75aca8c024783e89https://www.virustotal.com/gui/file/454d3f0170a0aa750253d4bf697f9fa21b8d93c8ca6625c935b30e4b18835374
https://www.virustotal.com/gui/file/d51073eef56acf21e741c827b161c3925d9b45f701a9598ced41893c723ace23
https://www.virustotal.com/gui/file/1368a26328c15b6d204aef2b7d493738c83fced23f6b49fd8575944b94bcfbf4
https://www.virustotal.com/gui/file/7814f49b3d58b0633ea0a2cb44def98673aad07bd99744ec415534606a9ef314
https://www.virustotal.com/gui/file/f04388ca778ec86e83bf41aa6bfa1b163f42e916d0fbab7e50eaadc8b47caa50https://www.virustotal.com/gui/domain/elseelektrikci.com
https://www.virustotal.com/gui/domain/rviradeals.com
https://www.virustotal.com/gui/domain/skenglish.com
https://www.virustotal.com/gui/domain/packersmoversmohali.com
https://www.virustotal.com/gui/domain/tri-comma.com
https://www.virustotal.com/gui/domain/ramukakaonline.com
https://www.virustotal.com/gui/domain/shubhinfoways.com
https://www.virustotal.com/gui/domain/test2.cxyw.net
https://www.virustotal.com/gui/domain/sustainableandorganicgarments.com
https://www.virustotal.com/gui/domain/staging.icuskin.com
https://www.virustotal.com/gui/domain/fivestarcleanerstx.com
https://www.virustotal.com/gui/domain/bhandaraexpress.com
https://www.virustotal.com/gui/domain/crm.shaayanpharma.com
https://www.virustotal.com/gui/domain/zazabajouk.com
https://www.virustotal.com/gui/domain/e2e-solution.com
https://www.virustotal.com/gui/domain/topgameus.com
https://www.virustotal.com/gui/domain/cpads.net
https://www.virustotal.com/gui/domain/tyres2c.com
https://www.virustotal.com/gui/domain/thesuperservice.com
https://www.virustotal.com/gui/domain/ssuse.comhttps://www.virustotal.com/gui/ip-address/178.210.171.15]
https://www.virustotal.com/gui/ip-address/109.117.53.230]
https://www.virustotal.com/gui/ip-address/212.51.142.238]
https://www.virustotal.com/gui/ip-address/190.160.53.126]
【ブログ】
◆It’s baaaack: Public cyber enemy Emotet has returned (MalwareBytes, 2020/07/17)
https://blog.malwarebytes.com/trojans/2020/07/long-dreaded-emotet-has-returned/
⇒ https://malware-log.hatenablog.com/entry/2020/07/17/000000_5
【関連まとめ記事】◆全体まとめ
◆マルウェア / Malware (まとめ)
◆バンキングマルウェア (まとめ)
◆Emotet (まとめ)
http://malware-log.hatenablog.com/entry/Emotet
