TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究のログ

Korplug military targeted attacks: Afghanistan & Tajikistan

【ブログ】

◆Korplug military targeted attacks: Afghanistan & Tajikistan (Welivesecurity(ESET), 2014/11/12)

After taking a look at recent Korplug (PlugX) detections, we identified two larger scale campaigns employing this well-known Remote Access Trojan. This blog gives an overview of the first one

https://www.welivesecurity.com/2014/11/12/korplug-military-targeted-attacks-afghanistan-tajikistan/


【インディケータ情報】

■ハッシュ情報 (Sha1)

  • 1F726E94B90034E7ABD148FE31EBA08774D1506F
  • 36119221826D0290BC23371B55A8C0E6A84718DD
  • 51CDC273B5638E06906BCB700335E288807744B5
  • 8E5E19EBE719EBF7F8BE4290931FFA173E658CB8
  • A6642BC9F3425F0AB93D462002456BE231BB5646
  • A9C627AA09B8CC50A83FF2728A3978492AEB79D8
  • D297DC7D29E42E8D37C951B0B11629051EEBE9C0
  • E32081C56F39EA14DFD1E449C28219D264D80B2F
  • EA6EE9EAB546FB9F93B75DCB650AF22A95486391

(以上は Welivesecurity の情報。 引用元は https://www.welivesecurity.com/2014/11/12/korplug-military-targeted-attacks-afghanistan-tajikistan/)


■ハッシュ情報 (Sha1: Korplug(PlugX))

  • 05BFE122F207DF7806EB5E4CE69D3AEC26D74190
  • 095550E3F0E5D24A59ADD9390E6E17120039355E
  • 0B5A7E49987EF2C320864CF205B7048F7032300D
  • 17CA3BBDDEF164E6493F32C952002E34C55A74F2
  • 47D78FBFB2EFC3AB9DDC653A0F03D560D972BF67
  • 530D26A9BEEDCCED0C36C54C1BF3CDA28D2B6E62
  • 548577598A670FFD7770F01B8C8EEFF853C222C7
  • 5D760403108BDCDCE5C22403387E89EDC2694860
  • 5DFA79EB89B3A8DDBC55252BD330D04D285F9189
  • 973EA910EA3734E45FDE304F20AB6CF067456551
  • E81E0F416752B336396294D24E639AE86D9C6BAA
  • E930D3A2E6B2FFDC7052D7E18F51BD5A765BDB90
  • EF17B7EC3111949CBDBDEB5E0E15BD2C6E90358F
  • F6CB6DB20AA8F17769095042790AEB60EECD58B0

(以上は Welivesecurity の情報。 引用元は https://www.welivesecurity.com/2014/11/12/korplug-military-targeted-attacks-afghanistan-tajikistan/)

■ハッシュ情報 (Sha1)

  • 01B4B92D5839ECF3130F5C69652295FE4F2DA0C5
  • 02C38EC1C67098E1F6854D1125D3AED6268540DE
  • 17A2F18C9CCAAA714FD31BE2DE0BC62B2C310D8F
  • 1884A05409C7EF877E0E1AAAEC6BB9D59E065D7C
  • 1FC6FB0D35DCD0517C82ADAEF1A85FFE2AFAB4EE
  • 34754E8B410C9480E1ADFB31A4AA72419056B622
  • 3A7FB6E819EEC52111693219E604239BD25629E9
  • 457F4FFA2FE1CACFEA53F8F5FF72C3FA61939CCD
  • 55EF67AFA2EC2F260B046A901868C48A76BC7B72
  • 5860C99E5065A414C91F51B9E8B779D10F40ADC4
  • 5B6D654EB16FC84A212ACF7D5A05A8E8A642CE20
  • 6D99ACEA8323B8797560F7284607DB08ECA616D8
  • 7950D5B57FA651CA6FA9180E39B6E8CC1E65B746
  • 7D59B19BD56E1D2C742C39A2ABA9AC34F6BC58D4
  • A29F64CD7B78E51D0C9FDFBDCBC57CED43A157B2
  • BF77D0BA7F3E60B45BD0801979B12BEA703B227B
  • D7D130B8CC9BEA51143F28820F08068521763494
  • FDD41EB3CBB631F38AC415347E25926E3E3F09B6

(以上は Welivesecurity の情報。 引用元は https://www.welivesecurity.com/2014/11/12/korplug-military-targeted-attacks-afghanistan-tajikistan/)


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2019