TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究ログ

KillDisk and BlackEnergy Are Not Just Energy Sector Threats

【資料】

◆KillDisk and BlackEnergy Are Not Just Energy Sector Threats (Trendmicro, 2016/02)
http://documents.trendmicro.com/assets/resources/IOC-KillDisk_and_BlackEnergy.pdf

【インディケータ情報】

■ハッシュ情報(MD5)

  • 3e49e0dd526eccfad15273acf50a8270

出典: http://documents.trendmicro.com/assets/resources/IOC-KillDisk_and_BlackEnergy.pdf


■ハッシュ情報(Sha1)

  • 01684e1ee4af38bb28ef6a4bea1da8d14f1c472d
  • 058257111cd1addf0481c23ae75861a0004e90ea
  • 069163e1fb606c6178e23066e0ac7b7f0e18506b
  • 0b4be96ada3b54453bd37130087618ea90168d72
  • 11c911c7e52c127de83bfa9e7f9c050951a7553c
  • 166d71c63d0eb609c4f77499112965db7d9a51bb
  • 16f44fac7e8bc94eccd7ad9692e6665ef540eec4
  • 16f44fac7e8bc94eccd7ad9692e6665ef540eec4
  • 1a716bf5532c13fa0dc407d00acdc4a457fa87cd
  • 1a86f7ef10849da7d36ca27d0c9b1d686768e177
  • 1cbe4e22b034ee8ea8567e3f8eb9426b30d4affe
  • 20901cc767055f29ca3b676550164a66f85e2a42
  • 2c1260fd5ceaef3b5cb11d702edc4cdd1610c2ed
  • 2d805bca41aa0eb1fc7ec3bd944efd7dba686ae1
  • 30abab134ffced96d9c1191da46dbc9ae4170022
  • 31591ef60155fff5164f9a6eaf442b998be6e577
  • 3298dcea06a4c7f745a932c72ffe0741e9a3a49e
  • 345881fc59b28b9ef74367811e151434be927a09
  • 3a1a932ea1a95b8bc33dacaf2b2aaa764c105881
  • 49af5fc6fb614131bd446f3ed9f33568ea04659f
  • 4bc2bbd1809c8b66eecd7c28ac319b948577de7b
  • 4c424d5c8cfedf8d2164b9f833f7c631f94c5a4c
  • 502bd7662a553397bbdcfa27b585d740a20c49fc
  • 53bb81ab4b3029a76a483d742749ef706a521167
  • 606573cd1dee5caf1e11d73a9d3f4068680aaf1a
  • 672f5f332a6303080d807200a7f258c8155c54af
  • 6d6ba221da5b1ae1e910bbeaa07bd44aff26a7c0
  • 6d6ba221da5b1ae1e910bbeaa07bd44aff26a7c0
  • 6e49bc82f8eb5ef5380aad1e7115c7e167c6b878
  • 72d0b326410e1d0705281fde83cb7c33c67bc8ca
  • 84248bc0ac1f2f42a41cfffa70b21b347ddc70e9
  • 896fcacff6310bbe5335677e99e4c3d370f73d96
  • 899baab61f32c68cde98db9d980cd4fe39edd572
  • 8ad6f88c5813c2b4cd7abab1d6c056d95d6ac569
  • 8ad6f88c5813c2b4cd7abab1d6c056d95d6ac569
  • 8c26c70fbffe7f250aaff234be9a014a996930bc
  • a427b264c1bd2712d1178912753bac051a7a2f6c
  • a6dcca175949ba91ea95ffa6148bdad41f60bf0e
  • a9aca6f541555619159640d3ebc570cdcdce0a0d
  • aa67ca4fb712374f5301d1d2bab0ac66107a4df1
  • b05e577e002c510e7ab11b996a1cd8fe8fdada0c
  • bd87cf5b66e36506f1d6774fd40c2c92a196e278
  • be319672a87d0dd1f055ad1221b6ffd8c226a6e2
  • c7081b80d0e165cb0a732851f4355f17bbd5e250
  • c7e919622d6d8ea2491ed392a0f8457e4483eae9
  • cd07036416b3a344a34f4571ce6a1df3cbb5783f
  • d91e6bb091551e773b3933be5985f91711d6ac3b
  • e1c2b28e6a35aeadb508c60a9d09ab7b1041afb8
  • e40f0d402fdcba6dd7467c1366d040b02a44628c
  • e5a2204f085c07250da07d71cb4e48769328d7dc
  • f3e41eb94c4d72a98cd743bbb02d248f510ad925
  • f3e41eb94c4d72a98cd743bbb02d248f510ad925
  • fe8197008ddb257f79609f29de8c7e4404dd5dd9

出典: http://documents.trendmicro.com/assets/resources/IOC-KillDisk_and_BlackEnergy.pdf


IPアドレス(C&Cサーバ)

  • 2.61.168.116
  • 5.149.254.114
  • 5.9.32.230
  • 31.210.111.154
  • 88.198.25.92
  • 94.158.214.45
  • 146.0.74.7
  • 188.40.8.72
  • 148.251.82.21

出典: http://documents.trendmicro.com/assets/resources/IOC-KillDisk_and_BlackEnergy.pdf


■URL(C&Cサーバ)

5.9.32.230/Microsoft/Update/KS1945777.php
5.149.254.114/Microsoft/Update/KC074913.php
31.210.111.154/Microsoft/Update/KS081274.php
88.198.25.92/fHKfvEhleQ/maincraft/derstatus.php
146.0.74.7/l7vogLG/BVZ99/rt170v/solocVI/eegL7p.php
148.251.82.21/Microsoft/Update/KS4567890.php
188.40.8.72/l7vogLG/BVZ99/rt170v/solocVI/eegL7p.php

出典: http://documents.trendmicro.com/assets/resources/IOC-KillDisk_and_BlackEnergy.pdf


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2019