IoC (TT Malware Log)

Malware の IoC(Indicator)情報

◆注意◆ マルウェア解析専析家向けサイト

     FQDN, URL,IPアドレス等はそのまま掲載しています


** Caution ** Malware expert site

                    FQDN, URL, IP address etc. are posted as they are

Cocktail (2022/01/08)

malware-log.hatenablog.com
security-tools.hatenablog.com


【インディケータ情報】

■ハッシュ情報(Sha256) - -

6112e0aa2a53b6091b3d7834b60da6cd2b3c7bf19904e05765518460ac513bfa
005526de4599f96a4a1eba9de9d6ad930de13d5ea1a23fada26e1575f4e3cf85
0ba1c44d0ee5b34b45b449074cda51624150dc16b3b3c38251df6c052adba205
cabc62b3077c2df3b69788e395627921c309e112b555136e99949c5a2bbab4f2
746a7a64ec824c63f980ed2194eb7d4e6feffc2dd6b0055ac403fac57c26f783
e998df840b687ec58165355c1d60938b367edc2967df2a9d44b74ad38f75f439
70ad9112a3f0af66db30ebc1ab3278296d7dc36e8f6070317765e54210d06074
8b7874d328da564aca73e16ae4fea2f2c0a811ec288bd0aba3b55241242be40d
6606d759667fbdfaa46241db7ffb4839d2c47b88a20120446f41e916cad77d0b

(以上は BleepingComputer の情報: 引用元は https://www.bleepingcomputer.com/news/security/trojanized-dnspy-app-drops-malware-cocktail-on-researchers-devs/ )

ハッシュ ファイル名
6112e0aa2a53b6091b3d7834b60da6cd2b3c7bf19904e05765518460ac513bfa
dnSpy-net-win32.zip
005526de4599f96a4a1eba9de9d6ad930de13d5ea1a23fada26e1575f4e3cf85 dnSpy-net-win64.zip
0ba1c44d0ee5b34b45b449074cda51624150dc16b3b3c38251df6c052adba205 curl.exe
cabc62b3077c2df3b69788e395627921c309e112b555136e99949c5a2bbab4f2 c.exe
746a7a64ec824c63f980ed2194eb7d4e6feffc2dd6b0055ac403fac57c26f783 cbot.exe
e998df840b687ec58165355c1d60938b367edc2967df2a9d44b74ad38f75f439 cbo.exe
70ad9112a3f0af66db30ebc1ab3278296d7dc36e8f6070317765e54210d06074 qs.exe
8b7874d328da564aca73e16ae4fea2f2c0a811ec288bd0aba3b55241242be40d m.exe
6606d759667fbdfaa46241db7ffb4839d2c47b88a20120446f41e916cad77d0b d.exe


【検索】

google: 6112e0aa2a53b6091b3d7834b60da6cd2b3c7bf19904e05765518460ac513bfa
google: 005526de4599f96a4a1eba9de9d6ad930de13d5ea1a23fada26e1575f4e3cf85
google: 0ba1c44d0ee5b34b45b449074cda51624150dc16b3b3c38251df6c052adba205
google: cabc62b3077c2df3b69788e395627921c309e112b555136e99949c5a2bbab4f2
google: 746a7a64ec824c63f980ed2194eb7d4e6feffc2dd6b0055ac403fac57c26f783
google: e998df840b687ec58165355c1d60938b367edc2967df2a9d44b74ad38f75f439
google: 70ad9112a3f0af66db30ebc1ab3278296d7dc36e8f6070317765e54210d06074
google: 8b7874d328da564aca73e16ae4fea2f2c0a811ec288bd0aba3b55241242be40d
google: 6606d759667fbdfaa46241db7ffb4839d2c47b88a20120446f41e916cad77d0b


【VT検索】

https://www.virustotal.com/gui/file/6112e0aa2a53b6091b3d7834b60da6cd2b3c7bf19904e05765518460ac513bfa
https://www.virustotal.com/gui/file/005526de4599f96a4a1eba9de9d6ad930de13d5ea1a23fada26e1575f4e3cf85
https://www.virustotal.com/gui/file/0ba1c44d0ee5b34b45b449074cda51624150dc16b3b3c38251df6c052adba205
https://www.virustotal.com/gui/file/cabc62b3077c2df3b69788e395627921c309e112b555136e99949c5a2bbab4f2
https://www.virustotal.com/gui/file/746a7a64ec824c63f980ed2194eb7d4e6feffc2dd6b0055ac403fac57c26f783
https://www.virustotal.com/gui/file/e998df840b687ec58165355c1d60938b367edc2967df2a9d44b74ad38f75f439
https://www.virustotal.com/gui/file/70ad9112a3f0af66db30ebc1ab3278296d7dc36e8f6070317765e54210d06074
https://www.virustotal.com/gui/file/8b7874d328da564aca73e16ae4fea2f2c0a811ec288bd0aba3b55241242be40d
https://www.virustotal.com/gui/file/6606d759667fbdfaa46241db7ffb4839d2c47b88a20120446f41e916cad77d0b




【ニュース】

◆Trojanized dnSpy app drops malware cocktail on researchers, devs (BleepingComputer, 2022/01/08 14:35)
[トロイの木馬化したdnSpyアプリが研究者や開発者にマルウェアのカクテルを落とす]
https://www.bleepingcomputer.com/news/security/trojanized-dnspy-app-drops-malware-cocktail-on-researchers-devs/