【資料】
◆CopyKittens Attack Group (Minerva Labs, 2015/11/23)
https://s3-eu-west-1.amazonaws.com/minervaresearchpublic/CopyKittens/CopyKittens.pdf
【インディケータ情報】
■ハッシュ情報(MD5)
- 0feb0b50b99f0b303a5081ffb3c4446d
- cfb4be91d8546203ae602c0284126408
- d2c117d18cb05140373713859803a0d6
- 1cef128513c05837f24796042b8e1cd9
- f10135e03df18462c2e35eac13d61435
- 4765369d8ae52f2dd9b318e0c8b27054
- 5e545dae692ecb4bddacdb9c526b1f16
- 8734f46d932f179161042ef5b4a7b8a8
- 9853fc1f4d7ba23d728f4ee80842faf9
- 9db2719a3dde09ae260def9cd0d46dbe
- 1f9910cafe0e5f39887b2d5ab4df0d10
- 577577d6df1833629bfd0d612e3dbb05
- da529e0b81625828d52cd70efba50794
- 098e8dd0e874e59817f2e78cd48e58f3
- 32261fe44c368724593fbf65d47fc826
- 38cb64ba0aafb86585d9bcbd1c500416
- 6d8d0f7d73a9afaee667d71273e6e5e2
- bad36581f72aa2d8597dd2b1bc7b2a7f
- bcf93595ba4586b6324963e989349319
- 209.190.20.147
- 209.190.20.149
- 209.190.20.148
■ドメイン
- img.gmailtagmanager.com
- windowkernel.com
- windowslayer.in
- windowkernel.com
- wheatherserviceapi.info
- wethearservice.com
- windowslayer.in
- u.mywindows24.in
- main.windowskernel14.com
- walla.link
- heartax.info
- haaretz.link
- Haaretz-News.com
- gmailtagmanager.com
- fbstatic-a.xyz
- fbstatic-a.space
- fbstatic-akamaihd.com
- alhadath.mobi
- big-windowss.com
- kernel4windows.in
- micro-windows.in
- mywindows24.in
- patch7-windows.com
- patch8-windows.com
- patchthiswindows.com
- windows-10patch.in
- windows-drive20.com
- windows-india.in
- windows-kernel.in
- windows-my50.com
- windows24-kernel.in
- windowskernel.in
- windowslayer.in
- windowssup.in
- windowsupup.com
- mswordupdate15.com (currently sinkholed by Kaspersky)
- mswordupdate16.com (currently sinkholed by Kaspersky)
- mswordupdate17.com (currently sinkholed by Kaspersky)
- cacheupdate14.com (currently sinkholed by Kaspersky)
- windowskernel14.com (currently sinkholed by Kaspersky)