TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究・参照ログ

Burning Umbrella: An Intelligence Report on the Winnti Umbrella and Associated State-Sponsored Attackers

【公開情報】

◆Burning Umbrella: An Intelligence Report on the Winnti Umbrella and Associated State-Sponsored Attackers (401 TRG, 2018/05/03)
https://401trg.com/burning-umbrella/


【インディケータ情報】

◆Winnti [攻撃組織]
https://ioc.hatenablog.com/entry/2018/05/03/000000


【関連まとめ記事】

全体まとめ
 ◆攻撃組織 / Actor (まとめ)
  ◆標的型攻撃組織 / APT (まとめ)

◆Winnti Umbrella (まとめ)
https://malware-log.hatenablog.com/entry/Winnti_Umbrella

【インディケータ情報】

■ハッシュ情報(Sha1)

512509787e4da7aaf71b89d25698a9e9d43501fd
bd3abf19f065d102503e9186c152e529d3e33143
df7826303b98004afd1102f597f6c7b067086a00
1217cbb57fb26bd52d976f34571bd6c6514265e9
e6a3b45b062d509b3382282d196efe97d5956ccb
8e400380e376b9fb03612967940bb8e07175ab6a
263babc25c177e0e6bd87c687bad8316240f971e
58e1a9c1dae311fabdfa065955216a46eecb5816
bae30b15dbb1544cf194d076b75b7bb9e3d6b760
0e34141846e7423d37f20dc0ab06c9bbd843dc24
23d57a493a5bfe1801b9d6e0894555242661a27b
8e11362a487a744fd21682cd86ad053e8bd5b9ce

(以上は 401 TRG の情報: 引用元は https://github.com/401trg/detections/blob/master/ioc/20180503_Burning_Umbrella_Area_1_indicators.csv )


■ハッシュ情報(Sha1)

12eb8a9f1a7cd1cc10e57847dd5476c6062b9e58
8df0b63fbdd9616d581bdb101929eb17f80f9e99
92a1c7e1fd5afccd957e7fcbcdd2431eb9bf3d50
a22d97e4ede82ae8375522aca59db575d08c5c35
ddf115821717dabb5e69c753d27460242204031e
5e0fa58bf1c4c1b63144052063dc2bb9129aa1f3
c3e55bd6fe0205fe7dc1ad53ed03db269ba5da71
1cc87c7c900d584400c5c82073672888fefb145e
ca2854658dff72da77bf82c1fe5899d09f9f559d
93caf237baa37cd42dfc4653ffc1792fcbad4642
aff17a2e1969e4bf81dbaa3591778887546570cb
3f3da327ca330396f1ab0a543be284f85d9d414a

(以上は 401 TRG の情報: 引用元は https://github.com/401trg/detections/blob/master/ioc/20180503_Burning_Umbrella_Area_2_indicators.csv )


■ハッシュ情報(MD5)

011858556ad3a5ef1a6bbc6ad9eaae09
027eb2cda9f1c8df00e26641ce4ef12d
045fd6e98a51a3c4e55a99bb6696f4de
04dc04a1a61769f33b234ad0f19fdc53
11898306703dcbeb1ca2cd7746384829
15ce067a4d370afae742db91646d26ee
175c7694d32191091334e20509a7b2c0
1826efb7b1a4f135785ccfc8b0e79094
19e137dc5974cfad5db62f96e3ba9fd1
1fee79f50848493f08c5e5736594dab2
218b1cd127a95a107dbaf4abe001d364
22de97c025f3cc9ad3f835d97b0a7fab
231257eb290ad0335ebf4556f156fc68
254d87bdd1f358de19ec50a3203d771a
276aaea14d125f69fe7e80e5a30180d7
285a2e9216dbf83edf5ef12ba063a511
28af0e2520713b81659c95430220d2b9
2ea30517938dda8a084aa00e5ee921f6
30498006ce28019ec4a879484d67a6b4
37bb8eacc454aa619ef35e8d82ae85bd
37c37e327a766a1b2db2fb9c934ff16e
3a9503ce79a0ac3b6f2f38163d55554d
47a69704566f37e8626bb8bb5fa784c8
485ca8d140169ebbc8e5b3d7eaed544f
48c21badebacdc9239416a9848b4855c
494bedc21836a3323f88717066150abf
50f7c822562c1213d244e1389d3895c8
527bfd801206c4b382487320ce2a245e
5919b59b61b3807b18be08a35d7c4633
5a69a3d1520260bea2c34adf3cb92c03
6103f34ec409f99762e9c3714dfa1262
6255f40b4000abad8b9e795280fddfd1
66f915ebdde2f98e2f802a52f1a4e85e
6e4846b1029fed9118bbfaa0bd66f0a9
70e41bc5daa6ff811317afef75498062
71f8fb73be84e3d5045d4cfbf7ed4f53
727dfef3918db48b9922ac75796aed55
72b1bfaf65ad9ec596860c1ea3bfb4cc
75b713b8d54403c51317679b4038a6ff
76c9bce4beb37cc8c00a05f3efafe89a
773afaa800f539ce195540e2f1882270
7c086172be6d1eed7fd65a1a4a8df59f
7d673e07393b45960e99b14bd2ebce77
8349691b6c37d9e5fa75ee6365b40bf5
840b05e6fefc3ce01bb181e0454c6bf5
88d2b57c8bf755c886b1bf30a4be87eb
8a8ee6f199438776f6842aab67fb953d
8a8f14c3513b3e14bc57a7ac111341e3
8cb10b202c47c41e1a2c11a721851654
8d20017f576fbd58cce25637d29826ca
8eabdff3d7d6bd826c109a37b10b218b
905fd186adf773404041648fec09f13e
9b06c85682f8486d665f481e56ad65c7
a445d0bfafe5947492e4044cb49eda13
a4c07dbaa8ce969fd0f347d01776d03b
a765a20055059148af311023c95b9239
a7b7b485c266605e219ea185292443c8
a9f392eee93215109b2afc0c887128dc
aaee989b391dea8163ce5a0d6f55b317
ace2ace58cc68db21c38b43a0182fc8b
b15f9a6a0d6a5e52abc7a8134f856949
b5e7832464bff54896b1d42a76760dbc
c176286e35c0629ea526e299c369dc6e
c1d4b96374cfe485179b547ebacc1ee1
c214dc7763e98f2744dd5e7a44e80bba
c3869609968c97fd27e3dc71f26d98d3
c4db0ac33c0676bd3633ac030111192c
c91efaa99a5d9c51dfe86ea286fab519
cbcff0eb404183902457332e72915d07
cd82d1dc730eb9e7e19802500417e58a
cf1d926f21bf93b958b55a43ee5317dc
d1eac0815f7244e799cf0883aab8ec3d
d3bf38bcf3a88e22eb6f5aad42f52846
d4bc7b620ab9ee2ded2ac783ad77dd6d
d73d232a9ae0e948c589148b061ccf03
db60f645e5efcb872ff843a696c6fe04
dc0fccad4972db4cf6cb85a4eabe8087
de7d2d4a6b093365013e6acf3e1d5a41
dee54d45b64fc48e35c80962fb44f73f
dfee3a4e1a137eda06e90540f3604ecb
e32dc66f1337cb8b1ed4f87a441e9457
e4192340a54d73dca73685ce999dc561
e61a40e9ddccc2412435d2f22b4227c2
e72a55235a65811e4afe31b857c5294d
eaaa0408c3cd686a30871fedf31ce241
f1059405feaaae373c59860fdec66fd0
f2449ecf637a370b6a0632a4b45cd554
f2a0df6b2a8de26d2f6e86ec46683808
f3917d618a37342eadfee90f8539b3b9
fc650a1292ade32e41d3fdc2fb7dd3f3
fcec72d588c1cdd03361a334f29c125b
fe9971fe78f3bc22c8df0553dced52ed
ff7611be7e3137708a68ea8523093419

(以上は 401 TRG の情報: 引用元は https://github.com/401trg/detections/blob/master/ioc/20180503_Burning_Umbrella_Area_6_indicators.csv )


■ハッシュ情報(MD5)

3b58e122d9e17121416b146daab4db9d
b6be3f0864354a2e68144d17c3884d3b
d848d4ec24e678727b63251e54a0a5de

(以上は 401 TRG の情報: 引用元は https://github.com/401trg/detections/blob/master/ioc/20180503_Burning_Umbrella_Area_6_indicators.csv )


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2019