TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究・参照ログ

ASUS Supply-Chain Attack: A Technical Look Inside

【ブログ】

◆ASUS Supply-Chain Attack: A Technical Look Inside (TeamT5, 2019/03/28)
https://teamt5.org/resource/newsroom/2019/03/28/another-supply-chain-attack-asus-software-updates-was-hacked.html


【インディケータ情報】

■ハッシュ情報(MD5)

5855362028a58d8760c9ea2dcdf37af5
0db57cc899ae7385c60b16a62b748a18
c0116d877d048b1ba87c0de6fd7c3fb2
7df9736f60a979eee5b90d6c53dc9374
56a046f11c84c691295267dcf1f00c4a
fa83ffde24f149f9f6d1d8bc05c0e023
17a36ac3e31f3a18936552aff2c80249
2a95475af7a07ee95ab11caad9e99b0c
0f49621b06f2cdaac8850c6e9581a594
f2f879989d967e03b9ea0938399464ab
06c19cd73471f0db027ab9eb85edc607
63f2fe96de336b6097806b22b5ab941a
9c74402572344aee9018587188fe441e
bd809a2abb1eda0e28becc1661b96581
8baa46d0e0faa2c6a3f20aeda2556b18
cdb0a09067877f30189811c7aea3f253
aa15eb28292321b586c27d8401703494
8756bafa7f0a9764311d52bc792009f9
2ec9d0df80df005becbd37142811e43b
55a7aa5f0e52ba4d78c145811c830107
915086d90596eb5903bcd5b02fd97e3e
5220c683de5b01a70487dac2440e0ecb
5855ce7c4a3167f0e006310eb1c76313

■URL(Download Link)

hxxp://liveupdate01.asus[.]com/pub/ASUS/nb/Apps_for_Win8/LiveUpdate/Liveupdate_Test_VER365.zip
hxxps://liveupdate01s.asus[.]com/pub/ASUS/nb/Apps_for_Win8/LiveUpdate/Liveupdate_Test_VER362.zip
hxxps://liveupdate01s.asus[.]com/pub/ASUS/nb/Apps_for_Win8/LiveUpdate/Liveupdate_Test_VER360.zip
hxxps://liveupdate01s.asus[.]com/pub/ASUS/nb/Apps_for_Win8/LiveUpdate/Liveupdate_Test_VER359.zip


■FQDN(C&C)

asushotfix[.]com
simplexoj[.]com
homeabcd[.]com


■IPアドレス(C&C)

35.154.92[.]115
141.105.71[.]116


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2020