TT Malware Log

マルウェア / サイバー攻撃 / 解析技術に関する「個人」の調査・研究・参照ログ

Taiwan targeted with new cyberespionage back door Trojan

Backdoor: Dripion Malware: Taidoor / Roudan (トロイの木馬) 攻撃組織: Budminer Downloader: Blugger

【公開情報】

◆Taiwan targeted with new cyberespionage back door Trojan (Symantec, 2016/03/29 08:57)
[台湾は、新しいサイバースパイのバックドアトロイの木馬で標的にされた ]
https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=b0649cc1-a60f-4cd7-ba3e-832e218de385&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments

【インディケータ情報】

■ハッシュ情報(MD5) - Dripion / Blugger / Taidoor-

2dd931cf0950817d1bb567e12cf80ae7
3652075425b367d101a7d6b6ef558c6c
59ff5624a02e98f60187add71bba3756
865d24324f1cac5aecc09bae6a9157f5
eca0ef705d148ff105dbaf40ce9d1d5e
f4260ecd0395076439d8c0725ee0125f
3652075425b367d101a7d6b6ef558c6c
285de6e5d3ed8ca966430846888a56ff
31f83a1e09062e8c4773a03d5993d870
4438921ea3d08d0c90f2f903556967e5
7ad3b2b6eee18af6816b6f4f7f7f71a6
b594d53a0d19eaac113988bf238654d3
c3e6ce287d12ac39ceb24e08dc63e3b5
e0c6b7d9bdae838139caa3acce5c890d
e7205c0b80035b629d80b5e7aeff7b0e
c182e33cf7e85316e9dc0e13999db45e
272ff690f6d27d2953fbadf75791274c
ae80f056b8c38873ab1251c454ed1fe9
260f19ef39d56373bb5590346d2c1811
FE8D19E3435879E56F5189B37263AB06
68BEBCD9D2AD418332980A7DAB71BF79
CBDE79B6BA782840DB4ACA46A5A63467

(以上は Symantec の情報: 引用元は https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=b0649cc1-a60f-4cd7-ba3e-832e218de385&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments )

■FQDN - Dripion / Blugger / Taidoor-

hyydn[.]nortonsoft.com
mhysix[.]mcfeesoft.com
gspt[.]dns1.us
unpt[.]defultname.com

(以上は Symantec の情報: 引用元は https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=b0649cc1-a60f-4cd7-ba3e-832e218de385&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments )

■FQDN - Dripion / Blugger / Taidoor-

198.144.100.73
208.61.229.10
200.215.222.105
61.222.137.66
103.240.182.99

(以上は Symantec の情報: 引用元は https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=b0649cc1-a60f-4cd7-ba3e-832e218de385&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments )

【検索】

google: 2dd931cf0950817d1bb567e12cf80ae7
google: 3652075425b367d101a7d6b6ef558c6c
google: 59ff5624a02e98f60187add71bba3756
google: 865d24324f1cac5aecc09bae6a9157f5
google: eca0ef705d148ff105dbaf40ce9d1d5e
google: f4260ecd0395076439d8c0725ee0125f
google: 3652075425b367d101a7d6b6ef558c6c
google: 285de6e5d3ed8ca966430846888a56ff
google: 31f83a1e09062e8c4773a03d5993d870
google: 4438921ea3d08d0c90f2f903556967e5
google: 7ad3b2b6eee18af6816b6f4f7f7f71a6
google: b594d53a0d19eaac113988bf238654d3
google: c3e6ce287d12ac39ceb24e08dc63e3b5
google: e0c6b7d9bdae838139caa3acce5c890d
google: e7205c0b80035b629d80b5e7aeff7b0e
google: c182e33cf7e85316e9dc0e13999db45e
google: 272ff690f6d27d2953fbadf75791274c
google: ae80f056b8c38873ab1251c454ed1fe9
google: 260f19ef39d56373bb5590346d2c1811
google: FE8D19E3435879E56F5189B37263AB06
google: 68BEBCD9D2AD418332980A7DAB71BF79
google: CBDE79B6BA782840DB4ACA46A5A63467

google: "hyydn.nortonsoft.com"
google: "mhysix[.]mcfeesoft.com"
google: "gspt[.]dns1.us"
google: "unpt[.]defultname.com"

google: "198.144.100.73"
google: "208.61.229.10"
google: "200.215.222.105"
google: "61.222.137.66"
google: "103.240.182.99"

【VT検索】

https://www.virustotal.com/gui/file/2dd931cf0950817d1bb567e12cf80ae7
https://www.virustotal.com/gui/file/3652075425b367d101a7d6b6ef558c6c
https://www.virustotal.com/gui/file/59ff5624a02e98f60187add71bba3756
https://www.virustotal.com/gui/file/865d24324f1cac5aecc09bae6a9157f5
https://www.virustotal.com/gui/file/eca0ef705d148ff105dbaf40ce9d1d5e
https://www.virustotal.com/gui/file/f4260ecd0395076439d8c0725ee0125f
https://www.virustotal.com/gui/file/3652075425b367d101a7d6b6ef558c6c
https://www.virustotal.com/gui/file/285de6e5d3ed8ca966430846888a56ff
https://www.virustotal.com/gui/file/31f83a1e09062e8c4773a03d5993d870
https://www.virustotal.com/gui/file/4438921ea3d08d0c90f2f903556967e5
https://www.virustotal.com/gui/file/7ad3b2b6eee18af6816b6f4f7f7f71a6
https://www.virustotal.com/gui/file/b594d53a0d19eaac113988bf238654d3
https://www.virustotal.com/gui/file/c3e6ce287d12ac39ceb24e08dc63e3b5
https://www.virustotal.com/gui/file/e0c6b7d9bdae838139caa3acce5c890d
https://www.virustotal.com/gui/file/e7205c0b80035b629d80b5e7aeff7b0e
https://www.virustotal.com/gui/file/c182e33cf7e85316e9dc0e13999db45e
https://www.virustotal.com/gui/file/272ff690f6d27d2953fbadf75791274c
https://www.virustotal.com/gui/file/ae80f056b8c38873ab1251c454ed1fe9
https://www.virustotal.com/gui/file/260f19ef39d56373bb5590346d2c1811
https://www.virustotal.com/gui/file/FE8D19E3435879E56F5189B37263AB06
https://www.virustotal.com/gui/file/68BEBCD9D2AD418332980A7DAB71BF79
https://www.virustotal.com/gui/file/CBDE79B6BA782840DB4ACA46A5A63467

https://www.virustotal.com/gui/domain/hyydn.nortonsoft.com
https://www.virustotal.com/gui/domain/mhysix.mcfeesoft.com
https://www.virustotal.com/gui/domain/gspt.dns1.us
https://www.virustotal.com/gui/domain/unpt.defultname.com

https://www.virustotal.com/gui/ip-address/198.144.100.73
https://www.virustotal.com/gui/ip-address/208.61.229.10
https://www.virustotal.com/gui/ip-address/200.215.222.105
https://www.virustotal.com/gui/ip-address/61.222.137.66
https://www.virustotal.com/gui/ip-address/103.240.182.99

Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2023