TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究のログ

Korea In The Crosshairs

f:id:tanigawa:20180615201959j:plain
出典: https://blog.talosintelligence.com/2018/01/korea-in-crosshairs.html


【ブログ】

◆Korea In The Crosshairs (Talos, 2018/01/16)
http://blog.talosintelligence.com/2018/01/korea-in-crosshairs.html


【関連まとめ記事】

◆APT37 (まとめ)
http://malware-log.hatenablog.com/entry/APT37


【インディケータ情報】

■ ハッシュ情報(Sha256) - Golden Time

種別 Sha256
Maldoc 7d163e36f47ec56c9fe08d758a0770f1778fa30af68f39aac80441a3f037761e
Maldoc 5441f45df22af63498c63a49aae82065086964f9067cfa75987951831017bd4f
ROKRAT cd166565ce09ef410c5bba40bad0b49441af6cfb48772e7e4a9de3d646b4851c
ROKRAT 051463a14767c6477b6dacd639f30a8a5b9e126ff31532b58fc29c8364604d00


■ ハッシュ情報(Sha256) - Evil New Year

種別 Sha256
Maldoc 281828d6f5bd377f91c6283c34896d0483b08ac2167d34e981fbea871893c919
Dropped 95192de1f3239d5c0a7075627cf9845c91fd397796383185f61dde893989c08a
Dropped 7ebc9a1fd93525fc42277efbccecf5a0470a0affbc4cf6c3934933c4c1959eb1
Dropped 6c372f29615ce8ae2cdf257e9f2617870c74b321651e9219ea16847467f51c9f
Dropped 19e4c45c0cd992564532b89a4dc1f35c769133167dc20e40b2a41fccb881277b
Dropped 3a0fc4cc145eafe20129e9c53aac424e429597a58682605128b3656c3ab0a409
Dropped 7d8008028488edd26e665a3d4f70576cc02c237fffe5b8493842def528d6a1d8
Unpacked 7e810cb159fab5baccee7e72708d97433d92ef6d3ef7d8b6926c2df481ccac2f
Unpacked 21b098d721ea88bf237c08cdb5c619aa435046d9143bd4a2c4ec463dcf275cbe
Unpacked 761454dafba7e191587735c0dc5c6c8ab5b1fb87a0fa44bd046e8495a27850c7
Unpacked 3d442c4457cf921b7a335c0d7276bea9472976dc31af94ea0e604e466596b4e8
Unpacked 930fce7272ede29833abbfb5df4e32eee9f15443542434d7a8363f7a7b2d1f00
Unpacked 4b20883386665bd205ac50f34f7b6293747fd720d602e2bb3c270837a21291b4
Unpacked f080f019073654acbe6b7ab735d3fd21f8942352895890d7e8b27fa488887d08


■ ハッシュ情報(Sha256) - Are You Happy?

種別 Sha256
Wiper 6332c97c76d2da7101ad05f501dc1188ac22ce29e91dab6d0c034c4a90b615bd


■ ハッシュ情報(Sha256) - FreeMilk

種別 Sha256
Office f1419cde4dd4e1785d6ec6d33afb413e938f6aece2e8d55cf6328a9d2ac3c2d0
HTA a585849d02c94e93022c5257b162f74c0cdf6144ad82dd7cf7ac700cbfedd84f
JS 1893af524edea4541c317df288adbf17ae4fcc3a30d403331eae541281c71a3c
PoohMilk 35273d6c25665a19ac14d469e1436223202be655ee19b5b247cb1afef626c9f2
Freenki 7f35521cdbaa4e86143656ff9c52cef8d1e5e5f8245860c205364138f82c54df
Freenki 2016 99c1b4887d96cb94f32b280c1039b3a7e39ad996859ffa6dd011cf3cca4f1ba5


■ ハッシュ情報(Sha256) - North Korean Human Rights

種別 Sha256
Maldoc 71e26822421f7ed2e34cc092eaeba8a504b5d576c7fd54aa6975c2e2db0f824
Dropper a29b07a6fe5d7ce3147dd7ef1d7d18df16e347f37282c43139d53cce25ae7037
Dropper eb6d25e08b2b32a736b57f8df22db6d03dc82f16da554f4e8bb67120eacb1d14
Dropper 9b383ebc1c592d5556fec9d513223d4f99a5061591671db560faf742dd68493f
ROKRAT b3de3f9309b2f320738772353eb724a0782a1fc2c912483c036c303389307e2e


■ ハッシュ情報(Sha256) - Evil New Year 2018

種別 Sha256
Maldoc f068196d2c492b49e4aae4312c140e9a6c8c61a33f61ea35d74f4a26ef263ead
PNG bdd48dbed10f74f234ed38908756b5c3ae3c79d014ecf991e31b36d957d9c950
ROKRAT 3f7827bf26150ec26c61d8dbf43cdb8824e320298e7b362d79d7225ab3d655b1

Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2019