IoC (TT Malware Log)

Malware の IoC(Indicator)情報

◆注意◆ マルウェア解析専析家向けサイト

     FQDN, URL,IPアドレス等はそのまま掲載しています


** Caution ** Malware expert site

                    FQDN, URL, IP address etc. are posted as they are

Cuba (2021/06/03)

【インディケータ情報】

■ハッシュ情報(Sha256) - Cuba -

c4b1f4e1ac9a28cc9e50195b29dde8bd54527abc7f4d16899f9f8315c852afd4
944ee8789cc929d2efda5790669e5266fe80910cabf1050cbb3e57dc62de2040
78ce13d09d828fc8b06cf55f8247bac07379d0c8b8c8b1a6996c29163fa4b659
33352a38454cfc247bc7465bf177f5f97d7fd0bd220103d4422c8ec45b4d3d0e
672fb249e520f4496e72021f887f8bb86fec5604317d8af3f0800d49aa157be1
e942a8bcb3d4a6f6df6a6522e4d5c58d25cdbe369ecda1356a66dacbd3945d30
907f42a79192a016154f11927fbb1e6f661f679d68947bddc714f5acc4aa66eb
28140885cf794ffef27f5673ca64bd680fc0b8a469453d0310aea439f7e04e64
271ef3c1d022829f0b15f2471d05a28d4786abafd0a9e1e742bde3f6b36872ad
6396ea2ef48aa3d3a61fb2e1ca50ac3711c376ec2b67dbaf64eeba49f5dfa9df
bda4bddcbd140e4012bab453e28a4fba86f16ac8983d7db391043eab627e9fa1
7a17f344d916f7f0272b9480336fb05d33147b8be2e71c3261ea30a32d73fecb
c206593d626e1f8b9c5d15b9b5ec16a298890e8bae61a232c2104cbac8d51bdd
9882c2f5a95d7680626470f6c0d3609c7590eb552065f81ab41ffe074ea74e82
C385ef710cbdd8ba7759e084051f5742b6fa8a6b65340a9795f48d0a425fec61
54627975c0befee0075d6da1a53af9403f047d9e367389e48ae0d25c2a7154bc
1f825ef9ff3e0bb80b7076ef19b837e927efea9db123d3b2b8ec15c8510da647
40101fb3629cdb7d53c3af19dea2b6245a8d8aa9f28febd052bb9d792cfbefa6
00ddbe28a31cc91bd7b1989a9bebd43c4b5565aa0a9ed4e0ca2a5cfb290475ed
729950ce621a4bc6579957eabb3d1668498c805738ee5e83b74d5edaf2f4cb9e

(以上は McAfee の情報: 引用元は https://blogs.mcafee.jp/mcafee-defenders-blog-cuba-ransomware-campaign )


■ハッシュ情報(Sha256) - Cuba -

54627975c0befee0075d6da1a53af9403f047d9e367389e48ae0d25c2a7154bc
c385ef710cbdd8ba7759e084051f5742b6fa8a6b65340a9795f48d0a425fec61
40101fb3629cdb7d53c3af19dea2b6245a8d8aa9f28febd052bb9d792cfbefa6

(以上は McAfee の情報: 引用元は https://blogs.mcafee.jp/mcafee-defenders-blog-cuba-ransomware-campaign )


■FQDN情報

kurvalarva[.]com

(以上は McAfee の情報: 引用元は https://blogs.mcafee.jp/mcafee-defenders-blog-cuba-ransomware-campaign )


【検索】

google: Cuba
google:news: Cuba

google: c4b1f4e1ac9a28cc9e50195b29dde8bd54527abc7f4d16899f9f8315c852afd4
google: 944ee8789cc929d2efda5790669e5266fe80910cabf1050cbb3e57dc62de2040
google: 78ce13d09d828fc8b06cf55f8247bac07379d0c8b8c8b1a6996c29163fa4b659
google: 33352a38454cfc247bc7465bf177f5f97d7fd0bd220103d4422c8ec45b4d3d0e
google: 672fb249e520f4496e72021f887f8bb86fec5604317d8af3f0800d49aa157be1
google: e942a8bcb3d4a6f6df6a6522e4d5c58d25cdbe369ecda1356a66dacbd3945d30
google: 907f42a79192a016154f11927fbb1e6f661f679d68947bddc714f5acc4aa66eb
google: 28140885cf794ffef27f5673ca64bd680fc0b8a469453d0310aea439f7e04e64
google: 271ef3c1d022829f0b15f2471d05a28d4786abafd0a9e1e742bde3f6b36872ad
google: 6396ea2ef48aa3d3a61fb2e1ca50ac3711c376ec2b67dbaf64eeba49f5dfa9df
google: bda4bddcbd140e4012bab453e28a4fba86f16ac8983d7db391043eab627e9fa1
google: 7a17f344d916f7f0272b9480336fb05d33147b8be2e71c3261ea30a32d73fecb
google: c206593d626e1f8b9c5d15b9b5ec16a298890e8bae61a232c2104cbac8d51bdd
google: 9882c2f5a95d7680626470f6c0d3609c7590eb552065f81ab41ffe074ea74e82
google: C385ef710cbdd8ba7759e084051f5742b6fa8a6b65340a9795f48d0a425fec61
google: 54627975c0befee0075d6da1a53af9403f047d9e367389e48ae0d25c2a7154bc
google: 1f825ef9ff3e0bb80b7076ef19b837e927efea9db123d3b2b8ec15c8510da647
google: 40101fb3629cdb7d53c3af19dea2b6245a8d8aa9f28febd052bb9d792cfbefa6
google: 00ddbe28a31cc91bd7b1989a9bebd43c4b5565aa0a9ed4e0ca2a5cfb290475ed
google: 729950ce621a4bc6579957eabb3d1668498c805738ee5e83b74d5edaf2f4cb9e

google: 54627975c0befee0075d6da1a53af9403f047d9e367389e48ae0d25c2a7154bc
google: c385ef710cbdd8ba7759e084051f5742b6fa8a6b65340a9795f48d0a425fec61
google: 40101fb3629cdb7d53c3af19dea2b6245a8d8aa9f28febd052bb9d792cfbefa6


【VT検索】

https://www.virustotal.com/gui/file/c4b1f4e1ac9a28cc9e50195b29dde8bd54527abc7f4d16899f9f8315c852afd4]
https://www.virustotal.com/gui/file/944ee8789cc929d2efda5790669e5266fe80910cabf1050cbb3e57dc62de2040
https://www.virustotal.com/gui/file/78ce13d09d828fc8b06cf55f8247bac07379d0c8b8c8b1a6996c29163fa4b659
https://www.virustotal.com/gui/file/33352a38454cfc247bc7465bf177f5f97d7fd0bd220103d4422c8ec45b4d3d0e
https://www.virustotal.com/gui/file/672fb249e520f4496e72021f887f8bb86fec5604317d8af3f0800d49aa157be1
https://www.virustotal.com/gui/file/e942a8bcb3d4a6f6df6a6522e4d5c58d25cdbe369ecda1356a66dacbd3945d30
https://www.virustotal.com/gui/file/907f42a79192a016154f11927fbb1e6f661f679d68947bddc714f5acc4aa66eb
https://www.virustotal.com/gui/file/28140885cf794ffef27f5673ca64bd680fc0b8a469453d0310aea439f7e04e64
https://www.virustotal.com/gui/file/271ef3c1d022829f0b15f2471d05a28d4786abafd0a9e1e742bde3f6b36872ad
https://www.virustotal.com/gui/file/6396ea2ef48aa3d3a61fb2e1ca50ac3711c376ec2b67dbaf64eeba49f5dfa9df
https://www.virustotal.com/gui/file/bda4bddcbd140e4012bab453e28a4fba86f16ac8983d7db391043eab627e9fa1
https://www.virustotal.com/gui/file/7a17f344d916f7f0272b9480336fb05d33147b8be2e71c3261ea30a32d73fecb
https://www.virustotal.com/gui/file/c206593d626e1f8b9c5d15b9b5ec16a298890e8bae61a232c2104cbac8d51bdd
https://www.virustotal.com/gui/file/9882c2f5a95d7680626470f6c0d3609c7590eb552065f81ab41ffe074ea74e82
https://www.virustotal.com/gui/file/C385ef710cbdd8ba7759e084051f5742b6fa8a6b65340a9795f48d0a425fec61
https://www.virustotal.com/gui/file/54627975c0befee0075d6da1a53af9403f047d9e367389e48ae0d25c2a7154bc
https://www.virustotal.com/gui/file/1f825ef9ff3e0bb80b7076ef19b837e927efea9db123d3b2b8ec15c8510da647
https://www.virustotal.com/gui/file/40101fb3629cdb7d53c3af19dea2b6245a8d8aa9f28febd052bb9d792cfbefa6
https://www.virustotal.com/gui/file/00ddbe28a31cc91bd7b1989a9bebd43c4b5565aa0a9ed4e0ca2a5cfb290475ed
https://www.virustotal.com/gui/file/729950ce621a4bc6579957eabb3d1668498c805738ee5e83b74d5edaf2f4cb9e

https://www.virustotal.com/gui/file/54627975c0befee0075d6da1a53af9403f047d9e367389e48ae0d25c2a7154bc
https://www.virustotal.com/gui/file/c385ef710cbdd8ba7759e084051f5742b6fa8a6b65340a9795f48d0a425fec61
https://www.virustotal.com/gui/file/40101fb3629cdb7d53c3af19dea2b6245a8d8aa9f28febd052bb9d792cfbefa6

https://www.virustotal.com/gui/domain/kurvalarva.com




【ブログ】

◆Cubaランサムウェアの近況と対策 (McAfee, 2021/06/03)
https://blogs.mcafee.jp/mcafee-defenders-blog-cuba-ransomware-campaign
https://malware-log.hatenablog.com/entry/2021/06/03/000000_11


【図表】

f:id:tanigawa:20210616051305j:plain
出典: https://blogs.mcafee.jp/mcafee-defenders-blog-cuba-ransomware-campaign