TT Malware Log

マルウェア / サイバー攻撃 / 解析技術に関する「個人」の調査・研究・参照ログ

KeyBoy and the targeting of the Tibetan Community

Malware: KeyBoy 国: チベット *インディケータ情報

【図表】

f:id:tanigawa:20200328224805p:plain
The timeline of KeyBoy’s evolution
出典: https://citizenlab.ca/2016/11/parliament-keyboy/

【ニュース】

◆KeyBoy and the targeting of the Tibetan Community (Citizenlab, 2016/11/17)
https://citizenlab.ca/2016/11/parliament-keyboy/

【IoC情報】

◆KeyBoy (IoC (TT Malware Log))
https://ioc.hatenablog.com/entry/2016/11/17/000000

◆malware-indicators/201611_KeyBoy (citizenlab, 2016/11/21)
https://github.com/citizenlab/malware-indicators/tree/master/201611_KeyBoy

【インディケータ情報】

■ハッシュ情報(Sha256) - KeyBoy -

087bffa8a570079948310dc9731c5709
495adb1b9777002ecfe22aaf52fcee93
0c7e55509e0b6d4277b3facf864af018
c5b5f01ba24d6c02636388809f44472e
371bc132499f455f06fa80696db0df27

(以上は Citizenlab の情報: 引用元は https://citizenlab.ca/2016/11/parliament-keyboy/ )

■ハッシュ情報(Sha256) - KeyBoy Droppers -

0b4d45db323f68b465ae052d3a872068
23d284245e53ae4fe05c517d807ffccf
98977426d544bd145979f65f0322ae30

(以上は Citizenlab の情報: 引用元は https://citizenlab.ca/2016/11/parliament-keyboy/ )

■ハッシュ情報(Sha256) - KeyBoy Exploit Documents -

8307e444cad98b1b59568ad2eba5f201
913b82ff8f090670fc6387e3a7bea12d
05b5cf94f07fee666eb086c91182ad25
8846d109b457a2ee44ddbf54d1cf7944
beadf21b923600554b0ce54df42e78f5

(以上は Citizenlab の情報: 引用元は https://citizenlab.ca/2016/11/parliament-keyboy/ )

■FQDN

www.about.jkub[.]com
www.eleven.mypop3[.]org
www.backus.myftp[.]name
tibetvoices[.]com

(以上は Citizenlab の情報: 引用元は https://citizenlab.ca/2016/11/parliament-keyboy/ )

■IPアドレス

103.242.134[.]243
116.193.154[.]69
103.40.102[.]233
45.125.12[.]147

(以上は Citizenlab の情報: 引用元は https://citizenlab.ca/2016/11/parliament-keyboy/ )

【検索】

google: 087bffa8a570079948310dc9731c5709
google: 495adb1b9777002ecfe22aaf52fcee93
google: 0c7e55509e0b6d4277b3facf864af018
google: c5b5f01ba24d6c02636388809f44472e
google: 371bc132499f455f06fa80696db0df27

google: 0b4d45db323f68b465ae052d3a872068
google: 23d284245e53ae4fe05c517d807ffccf
google: 98977426d544bd145979f65f0322ae30

google: 8307e444cad98b1b59568ad2eba5f201
google: 913b82ff8f090670fc6387e3a7bea12d
google: 05b5cf94f07fee666eb086c91182ad25
google: 8846d109b457a2ee44ddbf54d1cf7944
google: beadf21b923600554b0ce54df42e78f5

【VT検索】

https://www.virustotal.com/gui/file/087bffa8a570079948310dc9731c5709
https://www.virustotal.com/gui/file/495adb1b9777002ecfe22aaf52fcee93
https://www.virustotal.com/gui/file/0c7e55509e0b6d4277b3facf864af018
https://www.virustotal.com/gui/file/c5b5f01ba24d6c02636388809f44472e
https://www.virustotal.com/gui/file/371bc132499f455f06fa80696db0df27

https://www.virustotal.com/gui/file/0b4d45db323f68b465ae052d3a872068
https://www.virustotal.com/gui/file/23d284245e53ae4fe05c517d807ffccf
https://www.virustotal.com/gui/file/98977426d544bd145979f65f0322ae30

https://www.virustotal.com/gui/file/8307e444cad98b1b59568ad2eba5f201
https://www.virustotal.com/gui/file/913b82ff8f090670fc6387e3a7bea12d
https://www.virustotal.com/gui/file/05b5cf94f07fee666eb086c91182ad25
https://www.virustotal.com/gui/file/8846d109b457a2ee44ddbf54d1cf7944
https://www.virustotal.com/gui/file/beadf21b923600554b0ce54df42e78f5

Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2023