【インディケータ情報】
■ハッシュ情報(Sha256) - APT10 -
8b6ad87e408e38fc1db868da6e643f616dac59fbae08382c4a7dd4ea119ea057
d5e38ac1187c607e701f506c4015bde94be6c485d566d004d810d7565c188743
26460aa2df29f766cb5712ebca44cb3365ebfdb5cae0b2ec36ef1e3568911d6a
cdec58a57381bb8c1e374efb0bf1897d89d1e096d2b704820893859d9f08d086
ea9d994de91389280b334f2af991baa49ca613a6bf898d7bb25f88cc66488f5c
3f5b623222c755d59052fab9e096c9d2b9a47d06b3a5de62fb9a66750af4efc4
27873e3d4ec3a0e7d66bee8bda4d65cc8fcefbdca2c8d5c049372a63ff0bc2ed
cf3ae16b01f7eb129e0e7387ac7feb61ecfce5db0d7494b3962c02c681f504d4
578ea26729b43fd976365a6700c80950e0b71a39e67bfff715423d60ae6bfab9
03ab1588acaabdb509e9db7cfe1e60522bc8baa13bbd35160b4bde7d1b6402ef
4a08eb0eb1f4ebb54bceabbebcb7da48238f0278ae5421326ee65ec7951e4239
(以上は Bloadcom の情報: 引用元は https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/cicada-apt10-japan-espionage )
■IPアドレス情報 - APT10 -
178.73.210.238
188.119.112.225
213.252.246.245
45.14.224.93
45.67.230.134
81.7.7.159
95.179.143.32
(以上は Bloadcom の情報: 引用元は https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/cicada-apt10-japan-espionage )
【検索】
google: 8b6ad87e408e38fc1db868da6e643f616dac59fbae08382c4a7dd4ea119ea057
google: d5e38ac1187c607e701f506c4015bde94be6c485d566d004d810d7565c188743
google: 26460aa2df29f766cb5712ebca44cb3365ebfdb5cae0b2ec36ef1e3568911d6a
google: cdec58a57381bb8c1e374efb0bf1897d89d1e096d2b704820893859d9f08d086
google: ea9d994de91389280b334f2af991baa49ca613a6bf898d7bb25f88cc66488f5c
google: 3f5b623222c755d59052fab9e096c9d2b9a47d06b3a5de62fb9a66750af4efc4
google: 27873e3d4ec3a0e7d66bee8bda4d65cc8fcefbdca2c8d5c049372a63ff0bc2ed
google: cf3ae16b01f7eb129e0e7387ac7feb61ecfce5db0d7494b3962c02c681f504d4
google: 578ea26729b43fd976365a6700c80950e0b71a39e67bfff715423d60ae6bfab9
google: 03ab1588acaabdb509e9db7cfe1e60522bc8baa13bbd35160b4bde7d1b6402ef
google: 4a08eb0eb1f4ebb54bceabbebcb7da48238f0278ae5421326ee65ec7951e4239
【VT検索】
https://www.virustotal.com/gui/file/8b6ad87e408e38fc1db868da6e643f616dac59fbae08382c4a7dd4ea119ea057
https://www.virustotal.com/gui/file/d5e38ac1187c607e701f506c4015bde94be6c485d566d004d810d7565c188743
https://www.virustotal.com/gui/file/26460aa2df29f766cb5712ebca44cb3365ebfdb5cae0b2ec36ef1e3568911d6a
https://www.virustotal.com/gui/file/cdec58a57381bb8c1e374efb0bf1897d89d1e096d2b704820893859d9f08d086
https://www.virustotal.com/gui/file/ea9d994de91389280b334f2af991baa49ca613a6bf898d7bb25f88cc66488f5c
https://www.virustotal.com/gui/file/3f5b623222c755d59052fab9e096c9d2b9a47d06b3a5de62fb9a66750af4efc4
https://www.virustotal.com/gui/file/27873e3d4ec3a0e7d66bee8bda4d65cc8fcefbdca2c8d5c049372a63ff0bc2ed
https://www.virustotal.com/gui/file/cf3ae16b01f7eb129e0e7387ac7feb61ecfce5db0d7494b3962c02c681f504d4
https://www.virustotal.com/gui/file/578ea26729b43fd976365a6700c80950e0b71a39e67bfff715423d60ae6bfab9
https://www.virustotal.com/gui/file/03ab1588acaabdb509e9db7cfe1e60522bc8baa13bbd35160b4bde7d1b6402ef
https://www.virustotal.com/gui/file/4a08eb0eb1f4ebb54bceabbebcb7da48238f0278ae5421326ee65ec7951e4239
https://www.virustotal.com/gui/ip-address/178.73.210.238
https://www.virustotal.com/gui/ip-address/188.119.112.225
https://www.virustotal.com/gui/ip-address/213.252.246.245
https://www.virustotal.com/gui/ip-address/45.14.224.93
https://www.virustotal.com/gui/ip-address/45.67.230.134
https://www.virustotal.com/gui/ip-address/81.7.7.159
https://www.virustotal.com/gui/ip-address/95.179.143.32
【ブログ】
◆Japan-Linked Organizations Targeted in Long-Running and Sophisticated Attack Campaign (Symantec, 2020/11/17)
[日系組織を標的とした長期にわたる巧妙な攻撃キャンペーン]Evidence that advanced persistent threat group Cicada is behind attack campaign targeting companies in 17 regions and multiple sectors.
[先進的な永続的脅威グループ「Cicada」が、17の地域と複数のセクターの企業を標的とした攻撃キャンペーンの背後にいることを示す証拠]
