【図表】
出典: https://blog.trendmicro.com/trendlabs-security-intelligence/tropic-trooper-new-strategy/
【ブログ】
◆Tropic Trooper’s New Strategy (Trendmicro, 2018/03/14 07:01)
https://blog.trendmicro.com/trendlabs-security-intelligence/tropic-trooper-new-strategy/
【関連まとめ記事】
◆全体まとめ
◆攻撃組織 / Actor (まとめ)
◆標的型攻撃組織 / APT (まとめ)
◆Tropic Trooper (まとめ)
https://malware-log.hatenablog.com/entry/Tropic_Trooper
【インディケータ情報】
■ハッシュ情報(Sha256)
1d128fd61c2c121d9f2e1628630833172427e5d486cdd4b6d567b7bdac13935e | CVE-2018-0802.ZTFC |
01087051f41df7bb030256c97497f69bc5b5551829da81b8db3f46ba622d8a69 | BKDR_TCLT.ZDFB |
6e900e5b6dc4f21a004c5b5908c81f055db0d7026b3c5e105708586f85d3e334 | BKDR64_TCLT.ZTFB |
49df4fec76a0ffaee5e4d933a734126c1a7b32d1c9cb5ab22a868e8bfc653245 | TROJ_SCLT.ZTFB |
b0f120b11f727f197353bc2c98d606ed08a06f14a1c012d3db6fe0a812df528a | TROJ_TCDROP.ZTFB |
d65f809f7684b28a6fa2d9397582f350318027999be3acf1241ff44d4df36a3a | TROJ_TCDROP.ZTFB |
85d32cb3ae046a38254b953a00b37bb87047ec435edb0ce359a867447ee30f8b | TROJ_TCDROP.ZTFB |
02281e26e89b61d84e2df66a0eeb729c5babd94607b1422505cd388843dd5456 | TROJ_TCLT.ZDFB |
fb9c9cbf6925de8c7b6ce8e7a8d5290e628be0b82a58f3e968426c0f734f38f6 | TROJ_TCLT.ZDFB |
■FQDN (C&Cサーバ)
qpoe[.]com
wikaba[.]com
tibetnews[.]today
dns-stuff[.]com
2waky[.]com