IoC (TT Malware Log)

Malware の IoC(Indicator)情報

◆注意◆ マルウェア解析専析家向けサイト

     FQDN, URL,IPアドレス等はそのまま掲載しています


** Caution ** Malware expert site

                    FQDN, URL, IP address etc. are posted as they are

Avaddon (2020/09/11)

【インディケータ情報】

■ハッシュ情報(Sha256) - Avaddon -

f3f4d4e4c6704788bc8954ca6f6ddc61b006aba89d5d384794f19424a3d24132
6616abb725c24307f4f062996edc5150079bc477acd4236a4f450e5835a20c62
4f198228806c897797647eecce0f92d4082476b82781183062a55c417c0bb197
05af0cf40590aef24b28fa04c6b4998b7ab3b7f26e60c507adb84f3d837778f2
b8d6fd333973adb640649cab8c9e7575a17b5a8bc382e3335400d43a606a6253
a481d2b64c546f68d55e1fd23e57ada80b6b4e2c3dd7b0466380dba465f3d318
5a47a89a870d7db244c76da43887e33c9ee4b26f9972878b1a6616be0302439f
12bc439445f10a04b574d49ed8ccc405e2dfaa493747585439643e8a2129e5e5
cc4d665c468bcb850baf9baab764bb58e8b0ddcb8a8274b6335db5af86af72f
ea93ce421be8a2eba34752b8e8da4d241d671ef808a0f8e55a04ceca8ad5113f

(以上は Trendmicro の情報: 引用元は https://blog.trendmicro.co.jp/archives/26021, https://blog.trendmicro.co.jp/wp-content/uploads/2020/09/%E4%BE%B5%E5%85%A5%E3%81%AE%E7%97%95%E8%B7%A1%EF%BC%88Indicators-of-Compromises%E3%80%81IoCs%EF%BC%89.pdf)


■URL - Avaddon -

hxxp://217.8.117.63/jpr.exe
hxxp://217.8.117.63/sava.exe
hxxp://myphotoload.com/photo.php


【検索】

google: Avaddon
google:news: Avaddon

google: f3f4d4e4c6704788bc8954ca6f6ddc61b006aba89d5d384794f19424a3d24132
google: 6616abb725c24307f4f062996edc5150079bc477acd4236a4f450e5835a20c62
google: 4f198228806c897797647eecce0f92d4082476b82781183062a55c417c0bb197
google: 05af0cf40590aef24b28fa04c6b4998b7ab3b7f26e60c507adb84f3d837778f2
google: b8d6fd333973adb640649cab8c9e7575a17b5a8bc382e3335400d43a606a6253
google: a481d2b64c546f68d55e1fd23e57ada80b6b4e2c3dd7b0466380dba465f3d318
google: 5a47a89a870d7db244c76da43887e33c9ee4b26f9972878b1a6616be0302439f
google: 12bc439445f10a04b574d49ed8ccc405e2dfaa493747585439643e8a2129e5e5
google: cc4d665c468bcb850baf9baab764bb58e8b0ddcb8a8274b6335db5af86af72f
google: ea93ce421be8a2eba34752b8e8da4d241d671ef808a0f8e55a04ceca8ad5113f


【VT検索】

https://www.virustotal.com/gui/file/f3f4d4e4c6704788bc8954ca6f6ddc61b006aba89d5d384794f19424a3d24132
https://www.virustotal.com/gui/file/6616abb725c24307f4f062996edc5150079bc477acd4236a4f450e5835a20c62
https://www.virustotal.com/gui/file/4f198228806c897797647eecce0f92d4082476b82781183062a55c417c0bb197
https://www.virustotal.com/gui/file/05af0cf40590aef24b28fa04c6b4998b7ab3b7f26e60c507adb84f3d837778f2
https://www.virustotal.com/gui/file/b8d6fd333973adb640649cab8c9e7575a17b5a8bc382e3335400d43a606a6253
https://www.virustotal.com/gui/file/a481d2b64c546f68d55e1fd23e57ada80b6b4e2c3dd7b0466380dba465f3d318
https://www.virustotal.com/gui/file/5a47a89a870d7db244c76da43887e33c9ee4b26f9972878b1a6616be0302439f
https://www.virustotal.com/gui/file/12bc439445f10a04b574d49ed8ccc405e2dfaa493747585439643e8a2129e5e5
https://www.virustotal.com/gui/file/cc4d665c468bcb850baf9baab764bb58e8b0ddcb8a8274b6335db5af86af72f
https://www.virustotal.com/gui/file/ea93ce421be8a2eba34752b8e8da4d241d671ef808a0f8e55a04ceca8ad5113f

https://www.virustotal.com/gui/url/414e4d5487027e8c70770580c921cadf7d074236aaba7893a2b0113fca76356f
https://www.virustotal.com/gui/url/da5419e4838675117ee428f735891fdb5b7f1c85ee8f04700993d771a836eff0
https://www.virustotal.com/gui/url/31c1948b9a29d6ac8da08f5a1e843cba7eb9584138d7a15a32e927733156975e




【ブログ】

◆2020年上半期ランサムウェア動向拾遺:「Avaddon」、新たな回避手法、業界別被害事例、など (Trendmicro, 2020/09/11)
https://blog.trendmicro.co.jp/archives/26021
https://malware-log.hatenablog.com/entry/2020/09/11/000000_12