TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究・参照ログ

In Pursuit of Optical Fibers and Troop Intel: Targeted Attack Distributes PlugX in Russia

【ブログ】

◆In Pursuit of Optical Fibers and Troop Intel: Targeted Attack Distributes PlugX in Russia (Proofpoint, 2015/09/15)
https://www.proofpoint.com/us/threat-insight/post/PlugX-in-Russia

【インディケータ情報】

■ハッシュ情報 (Sha256: PlugX)

  • 1aa6c5d0c9ad914fb5ed24741ac947d31cac6921ece7b3b807736febda7e2c4b
  • 1b32825f178afe76e290c458ddbf8a3596002c6f9a7763687311f7d211a54aab
  • 3e824972397b322ea9f48fd1a9a02bd6c3eb68cc7de3a4f29e46a5c67b625ec1
  • 49e1f953dc17073bf919972868576b93cc9f3b5b9600f98a0bd9e39e5d229d9e
  • 4cadbdb5a09781555cc5d637d3fecf89b9a66fac245d6a3a14989f39a9a48c6e
  • 67cccfa23a7fd1d9ca8160cd977d536c4a40bf9525a93aa4122a89527a96fa8f
  • 6ea86b944c8b5a9b02adc7aac80e0f33217b28103b70153710c1f6da76e36081
  • 7efcf2211cd68ab459582594b5d75c64830acf25bcaab065bbd60377fb9eb22a
  • 8702506e8e75834a8f011cfc268d02043af5522aeda20a8458880c8fbed7ecac
  • 8a5df5f31a3b4f893a0565967d64e57f41d91e3592bbd8d52f98f81b3fb8452b

■ハッシュ情報 (Sha256: Saker)

  • 556e7e944939929ca4d9ca6c54d9059edf97642ece1d84363f2d46e2e8ca72ae
  • 0d2600d978f5c1042e93b701654db080aac144dfa2877844334b1d4cd78f4a1d
  • 2a6dee57cb302a1350ade4a33f40a77c1952cf2e6b29d1be8400c13927e34670
  • 383c5d22c1de3aae7684eb5a7d87d6b553f09f166ca402894c5deecabaa7d866
  • 53d29782b8c325c2ff62493cdb261a8e54e45ed04880527e75e8e211b4d8d861
  • 5d97ec30c481e00d4285246b528745f331be905f453e062bd9c2d506e9386f0e
  • 664f80b427bf0145e62f6f90cb4833c30cfb8dc4b2d68746aa01420da82bd8af
  • 6dc560a3b20a6e95552254bdb04fba03f74223a83a58436a3decfab74abc5fb5
  • a2f4aa2d25bff21e73b15065e2fc38d297ee14253044a66d00690b1bb23fc373
  • c7d7211d1fea69ea6a9697a8f8d21ac40f6d7dc6863708b9a98930271a156c86
  • d2a5cf434e8a0c63c23e6a3e5cf8a60f259099a706d2d243ffa5c7dbd46fd9d4
  • d6ff406da6e9a20074c3e1228ab04d35a3839b1719d3cafbb21ad3e3b6d03ef4
  • df4571b7d3be63de8338e6905b2689309ed5cce88d57a8db0c7b9aebf713d81c
  • ed7771339794c7908865f7816513b593369a93c98b39f58ebaaa98f3f0067e9d


■ハッシュ情報 (Sha256: NetBot)

  • 4524ede160d5476211e99329768b38abd88aacb6fa9334f2c2bbcaab9b0438f5
  • 317e9deef23ff0e919083ac6c94b5ccd3bb0227f674078d66cdd4a2e5d1ebba9
  • 68a98b8e174cb5af20e0ac97978bad6d245a1cb0970b82a4a269a92e7726d74b
  • 277fe4dab731149f3d40630f2f8b25092b007c701f04b5304d3ba9570280d015
  • f95c6749f4d4fae18f9d384f495dc1c79e7484b309d0d35ea68966763ed325bd


■ハッシュ情報 (Sha256: DarkStRat)

  • b38aa09a2334e11a73ef9a926694f2054789934daa38afeb8d00bce6949b6c4c
  • 0d219aa54b1d417da61bd4aed5eeb53d6cba91b3287d53186b21fed450248215


ドメイン情報 (C&Cサーバ)

  • pressmil.com
  • notebookhk.net
  • dicemention.com
  • leeghost.com

Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2023