TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究ログ

CopyKittens Attack Group

【資料】

◆CopyKittens Attack Group (Minerva Labs, 2015/11/23)
https://s3-eu-west-1.amazonaws.com/minervaresearchpublic/CopyKittens/CopyKittens.pdf


【インディケータ情報】

■ハッシュ情報(MD5)

  • 0feb0b50b99f0b303a5081ffb3c4446d
  • cfb4be91d8546203ae602c0284126408
  • d2c117d18cb05140373713859803a0d6
  • 1cef128513c05837f24796042b8e1cd9
  • f10135e03df18462c2e35eac13d61435
  • 4765369d8ae52f2dd9b318e0c8b27054
  • 5e545dae692ecb4bddacdb9c526b1f16
  • 8734f46d932f179161042ef5b4a7b8a8
  • 9853fc1f4d7ba23d728f4ee80842faf9
  • 9db2719a3dde09ae260def9cd0d46dbe
  • 1f9910cafe0e5f39887b2d5ab4df0d10
  • 577577d6df1833629bfd0d612e3dbb05
  • da529e0b81625828d52cd70efba50794
  • 098e8dd0e874e59817f2e78cd48e58f3
  • 32261fe44c368724593fbf65d47fc826
  • 38cb64ba0aafb86585d9bcbd1c500416
  • 6d8d0f7d73a9afaee667d71273e6e5e2
  • bad36581f72aa2d8597dd2b1bc7b2a7f
  • bcf93595ba4586b6324963e989349319

IPアドレス

  • 209.190.20.147
  • 209.190.20.149
  • 209.190.20.148

ドメイン

  • img.gmailtagmanager.com
  • windowkernel.com
  • windowslayer.in
  • windowkernel.com
  • wheatherserviceapi.info
  • wethearservice.com
  • windowslayer.in
  • u.mywindows24.in
  • main.windowskernel14.com
  • walla.link
  • heartax.info
  • haaretz.link
  • Haaretz-News.com
  • gmailtagmanager.com
  • fbstatic-a.xyz
  • fbstatic-a.space
  • fbstatic-akamaihd.com
  • alhadath.mobi
  • big-windowss.com
  • kernel4windows.in
  • micro-windows.in
  • mywindows24.in
  • patch7-windows.com
  • patch8-windows.com
  • patchthiswindows.com
  • windows-10patch.in
  • windows-drive20.com
  • windows-india.in
  • windows-kernel.in
  • windows-my50.com
  • windows24-kernel.in
  • windowskernel.in
  • windowslayer.in
  • windowssup.in
  • windowsupup.com
  • mswordupdate15.com (currently sinkholed by Kaspersky)
  • mswordupdate16.com (currently sinkholed by Kaspersky)
  • mswordupdate17.com (currently sinkholed by Kaspersky)
  • cacheupdate14.com (currently sinkholed by Kaspersky)
  • windowskernel14.com (currently sinkholed by Kaspersky)

Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2019