TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究ログ

The Blockbuster Saga Continues

f:id:tanigawa:20180305201022p:plain
f:id:tanigawa:20180305201122p:plain
recent decoy documents
出典: https://researchcenter.paloaltonetworks.com/2017/08/unit42-blockbuster-saga-continues/


【ブログ】

◆The Blockbuster Saga Continues (paloalto, 2017/08/14)
https://researchcenter.paloaltonetworks.com/2017/08/unit42-blockbuster-saga-continues/


【インディケータ情報】

■ハッシュ情報(Sha256)

  • 4d4465bd9a57c7a3c0b80fa3282697554a1419794afa36e544a4ae06d60c1615
  • f390ef86a4ad92dde125c983e6470f08344b9eaa14c17a1e6c4bb7ebfa7c4ec9
  • acfae7e2fdda02e81b3e03f8c30741744d629cd672db424027f7caa59c975897
  • 7429a6b6e8518a1ec1d1c37a8786359885f2fd4abde560adaef331ca9deaeefd
  • e09224a24a14a08c6fcb79b00b4a7b3097c84f805f5f2adefe2f7d04d7b4a8ee
  • 062aadf3eb69686f4881860d88ce472e6b1c07e1f586d840dd2ee1f7b76cabe7
  • c63a415d23fc4ab10ad3acfdd47d42b5c7444604485ab45147277cca82fffb34
  • 16c3a7f143e831dd0481d2d57aae885090e22ec55cc8282009f641755d423fcd
  • de2d458c8e4befcd478a0010789d80997793790b18a347d10a595d6e87d91f34
  • 2f133525f76ab0ebb0b370601673361253074c337f0b0895d0f0cb5bc261cfcb
  • e83a08bcb4353bfd6edcdedbc9ead9ab179a620e15155b60d18153bed9892f38
  • 6f673981892701d42159489c1b2614c098a04e4674b23e1cd0fd8911766e71a0
  • ad075279d2ee6958105889d852e0d7f4266f746cb0078ac1b362f05a45b5828d
  • 1288e105c83a6f4bbad8471a9b5bedafeea684a8d8b73a1a7518137d446c2e1e

■IPアドレス

  • 104.192.193.149
  • 176.35.250.93
  • 213.152.51.169
  • 108.222.149.173
  • 197.246.6.83
  • 118.140.97.6
  • 210.202.40.35
  • 59.90.93.97
  • 107.6.12.135


■URL

  • hxxp://210.202.40.35/CKRQST/event/careers/jobs/description/docs/NGC1398.doc
  • hxxp://210.202.40.35/CKRQST/Company/HR/Position/lm/L1915.doc
  • hxxp://104.192.193.149/Event/careers/jobs/description/docs/LJC077.doc
  • hxxp://lansingturbo.org/docs/WebDAV.exe

Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2019