【ブログ】
◆In Pursuit of Optical Fibers and Troop Intel: Targeted Attack Distributes PlugX in Russia (Proofpoint, 2015/09/15)
https://www.proofpoint.com/us/threat-insight/post/PlugX-in-Russia
【インディケータ情報】
■ハッシュ情報 (Sha256: PlugX)
- 1aa6c5d0c9ad914fb5ed24741ac947d31cac6921ece7b3b807736febda7e2c4b
- 1b32825f178afe76e290c458ddbf8a3596002c6f9a7763687311f7d211a54aab
- 3e824972397b322ea9f48fd1a9a02bd6c3eb68cc7de3a4f29e46a5c67b625ec1
- 49e1f953dc17073bf919972868576b93cc9f3b5b9600f98a0bd9e39e5d229d9e
- 4cadbdb5a09781555cc5d637d3fecf89b9a66fac245d6a3a14989f39a9a48c6e
- 67cccfa23a7fd1d9ca8160cd977d536c4a40bf9525a93aa4122a89527a96fa8f
- 6ea86b944c8b5a9b02adc7aac80e0f33217b28103b70153710c1f6da76e36081
- 7efcf2211cd68ab459582594b5d75c64830acf25bcaab065bbd60377fb9eb22a
- 8702506e8e75834a8f011cfc268d02043af5522aeda20a8458880c8fbed7ecac
- 8a5df5f31a3b4f893a0565967d64e57f41d91e3592bbd8d52f98f81b3fb8452b
■ハッシュ情報 (Sha256: Saker)
- 556e7e944939929ca4d9ca6c54d9059edf97642ece1d84363f2d46e2e8ca72ae
- 0d2600d978f5c1042e93b701654db080aac144dfa2877844334b1d4cd78f4a1d
- 2a6dee57cb302a1350ade4a33f40a77c1952cf2e6b29d1be8400c13927e34670
- 383c5d22c1de3aae7684eb5a7d87d6b553f09f166ca402894c5deecabaa7d866
- 53d29782b8c325c2ff62493cdb261a8e54e45ed04880527e75e8e211b4d8d861
- 5d97ec30c481e00d4285246b528745f331be905f453e062bd9c2d506e9386f0e
- 664f80b427bf0145e62f6f90cb4833c30cfb8dc4b2d68746aa01420da82bd8af
- 6dc560a3b20a6e95552254bdb04fba03f74223a83a58436a3decfab74abc5fb5
- a2f4aa2d25bff21e73b15065e2fc38d297ee14253044a66d00690b1bb23fc373
- c7d7211d1fea69ea6a9697a8f8d21ac40f6d7dc6863708b9a98930271a156c86
- d2a5cf434e8a0c63c23e6a3e5cf8a60f259099a706d2d243ffa5c7dbd46fd9d4
- d6ff406da6e9a20074c3e1228ab04d35a3839b1719d3cafbb21ad3e3b6d03ef4
- df4571b7d3be63de8338e6905b2689309ed5cce88d57a8db0c7b9aebf713d81c
- ed7771339794c7908865f7816513b593369a93c98b39f58ebaaa98f3f0067e9d
■ハッシュ情報 (Sha256: NetBot)
- 4524ede160d5476211e99329768b38abd88aacb6fa9334f2c2bbcaab9b0438f5
- 317e9deef23ff0e919083ac6c94b5ccd3bb0227f674078d66cdd4a2e5d1ebba9
- 68a98b8e174cb5af20e0ac97978bad6d245a1cb0970b82a4a269a92e7726d74b
- 277fe4dab731149f3d40630f2f8b25092b007c701f04b5304d3ba9570280d015
- f95c6749f4d4fae18f9d384f495dc1c79e7484b309d0d35ea68966763ed325bd
■ハッシュ情報 (Sha256: DarkStRat)
- b38aa09a2334e11a73ef9a926694f2054789934daa38afeb8d00bce6949b6c4c
- 0d219aa54b1d417da61bd4aed5eeb53d6cba91b3287d53186b21fed450248215
■ドメイン情報 (C&Cサーバ)
- pressmil.com
- notebookhk.net
- dicemention.com
- leeghost.com