TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究・参照ログ

Pick-Six: Intercepting a FIN6 Intrusion, an Actor Recently Tied to Ryuk and LockerGoga Ransomware

【ブログ】

◆Pick-Six: Intercepting a FIN6 Intrusion, an Actor Recently Tied to Ryuk and LockerGoga Ransomware (FireEye, 2019/04/05)
https://www.fireeye.com/blog/threat-research/2019/04/pick-six-intercepting-a-fin6-intrusion.html


【関連まとめ記事】

全体まとめ
 ◆攻撃組織 / Actor (まとめ)
  ◆サイバー犯罪組織 (まとめ)

◆Fin6 (まとめ)
https://malware-log.hatenablog.com/entry/Fin6


【インディケータ情報】

■ハッシュ情報 (MD5)

031dd207c8276bcc5b41825f0a3e31b0
0f9931210bde86753d0f4a9abc5611fd
12597de0e709e44442418e89721b9140
32ea267296c8694c0b5f5baeacf34b0e
395d52f738eb75852fe501df13231c8d
39b7c130f1a02665fd72d65f4f9cb634
3c5575ce80e0847360cd2306c64b51a0
46d781620afc536afa25381504059612
4ec86a35f6982e6545b771376a6f65bb
73e7ddd6b49cdaa982ea8cb578f3af15
8452d52034d3b2cb612dbc59ed609163
8c099a15a19b6e5b29a3794abf8a5878
9d3fdb1e370c0ee6315b4625ecf2ac55
d2f9335a305440d91702c803b6d046b6
34187a34d0a3c5d63016c26346371b54

(以上は Fireeye の情報: 引用元は https://www.fireeye.com/blog/threat-research/2019/04/pick-six-intercepting-a-fin6-intrusion.html )


■IPアドレス

31.220.45[.]151
46.166.173[.]109
62.210.136[.]65
89.105.194[.]236
93.115.26[.]171
103.73.65[.]116
176.126.85[.]207
185.202.174[.]31
185.202.174[.]41
185.202.174[.]44
185.202.174[.]80
185.202.174[.]84
185.202.174[.]91
185.222.211[.]98

(以上は Fireeye の情報: 引用元は https://www.fireeye.com/blog/threat-research/2019/04/pick-six-intercepting-a-fin6-intrusion.html )


■URL

hxxps://176.126.85[.]207:443/7sJh
hxxps://176.126.85[.]207/ca
hxxps://176.126.85[.]207:443/ilX9zObq6LleAF8BBdsdHwRjapd8_1Tl4Y-9Rc6hMbPXHPgVTWTtb0xfb7BpIyC1Lia31F5gCN_btvkad7aR2JF5ySRLZmTtY
hxxps://pastebin[.]com/raw/0v6RiYEY
hxxps://pastebin[.]com/raw/YAm4QnE7
hxxps://pastebin[.]com/raw/p5U9siCD
hxxps://pastebin[.]com/raw/BKVLHWa0
hxxps://pastebin[.]com/raw/HPpvY00Q
hxxps://pastebin[.]com/raw/L4LQQfXE
hxxps://pastebin[.]com/raw/YAm4QnE7
hxxps://pastebin[.]com/raw/p5U9siCD
hxxps://pastebin[.]com/raw/tDAbbY52
hxxps://pastebin[.]com/raw/u9yYjTr7
hxxps://pastebin[.]com/raw/wrehJuGp
hxxps://pastebin[.]com/raw/tDAbbY52
hxxps://pastebin[.]com/raw/wrehJuGp
hxxps://pastebin[.]com/raw/Bber9jae

(以上は Fireeye の情報: 引用元は https://www.fireeye.com/blog/threat-research/2019/04/pick-six-intercepting-a-fin6-intrusion.html )


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2020