TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究・参照ログ

高度な標的型攻撃ツールが仮想通貨発掘ツールの拡散に利用されていることを確認

【概要】

■マルウェア

  • Vools


【ニュース】

◆高度な標的型攻撃ツールが仮想通貨発掘ツールの拡散に利用されていることを確認 (Trendmicro, 2019/07/11)
https://blog.trendmicro.co.jp/archives/21831


【インディケータ情報】

■ハッシュ情報(Sha256) - Vools -

dd21a9ce1d87e3a7f9f2a592ec9dd642ca19aee4a60502c8df21d9c25f9acf86
2af73c8603e1d51661b0fffc09be306797558204bcbd4f95dd2dfe8363901606
ed2febf310ae90739002b9ddb07a29d0b2c8e92462ae4a0a6dcc19cc537ddef3
007f81debf1c984c5b4d5b84d6a8c06bcdf84d1a4cccdd9633e45de35015faf3
125f93883ccccb3c33964c8bcdd17b409b53fbc44de1e3b4afd7dfe79aa358cd
1ac26e86540610d1293c421ed05c13cd6ed51759be153c45d194ff7552c88855
4c3575c7b6c530603e4cd76c7dcaed12fc5ebadbf4d4d6b46352eb08458683e8
4e46cec7f6e7fa13c10e808f0da104a8c810b7ef17c40d0e9a908453be87e7f4
5472f9ba3bc623450cc208669dacddb1b6a73ffe4dc705b85cf41637070fda28
572c3943f70a3e362d9bf195ce37cec68074235eb1abba9f0cdbb91f5231a572
5db45fa654910495592cf1ca00d7ef537708c38c4803d10d89eaa0ddba0e7d8c
6ee5c5724ecc70f77aadcf00c77829e5313f44c61b2720113ada0c8263ac662c
7ced0990ac94f36fab21821395f543f3a06be486c9f34cdc137874912573fb27
7f5bddeb0c9ecde4d64ddac8b046859fb1627811d96c29dfa2b88102740571ce
94af094fc02cfe85a80f2f90d408f9598f9d77def36155e16a90e2bd8f8fdcce
975dc8ecda9a9c15d19c4d9d67f961366d2f0ac1074b5eb5d3b36e653092a6a3
bafe63e8fd76f1c9010137e6cd5137655ea12ab5c25d0b86700627b2ebad2be0
ce5025a484b3e2481e248dee404e6d321b6d7f58bae77b284ec9e602672e6a10
ce8cb7c8dc29b9e4feab463fdf53b569b69e6a5c4ab0e50513b264563d74a6ac
9af55d177e7d7628dc63f7753de4780031073098e1c674e619826cb97c190744
f81dd3e5b0507d78815f5909ab442545cb3f5262397abd89b5947e1e7b3fef12
35d10df58e340b6a7d69e590852b84a6a02f774306c3eb29e60e6b24740456eb
13800d1075e56f9bd0d87b2e85555040233e8b2ec679770101d046ffa4e39582
199e0419622e108ffdd7c9de571931d9aedc4f980a602766c0fdcb17bdddfc2a
1bc9762470423393521d9aa64d505501d201d3cb50c8e6576d4381590b090d75
2d6a5eb8a78cddee8ce90321aab80f85784b11a87b00fde75c4c457998a5aebd
3638ee8c0153b2763eb36246d9ffe4f7ec6d1f7e76876fb6f579c45e6e55e260
469e7ac4b5bad89e305e1e7ec65773844f3d639e84476da4b1fdf442a7c28504
59e3cf8f342a2bb5ce22bb03f8671568f68751f807002f9b329ed58e12a8831c
5cd9ff29454e84923d4178484ecfb3bc48561d4401fa94b98f9d2693d47a740a
6173542183c304ac2efc0348df799c1e3dea508cceaaac461bd509dc436d4edf
82c0b0fbb0f44ad2bc46c8b105f167f0feadf936ff811f97aab3a9a6cccc2fb2
87488d9ad54b88e5488c18d8de6a338eaf4fe7bdeec2df7eeaf90380de1533b6
8d402a3871bada94d84dd8a7c29361f27b75ac37394f6de059b06afb340fe3d6
9853e7bd0906cf92d2767fa55ee0a645f23099b37d59654d3c388d897a19fb1e
af21fb86d48b60ee58084570fba12cf3dbc3992c713421a265cd451c169967d2
cf60518d2a22631d0539964ff97bc396b44ef5f6979f7a9e59e03c89598db0bf
ec85ec44771401d4a71cb7f8bc3597d55ec02b84178464ab33161c77c4f51f0b
ecfcd390712f6ac57b822ef519063f8e9151e90549e245e4e2a70d02ff584634

(以上は Trendmicro の情報: 引用元は https://blog.trendmicro.co.jp/wp-content/uploads/2019/07/IoC-targeted-attack-tool.pdf )


■URL - Vools -

miniast[.]com:443
tenchier[.]com:443
boreye[.]com:80
boreye[.]com:53
pilutce[.]com:443

(以上は Trendmicro の情報: 引用元は https://blog.trendmicro.co.jp/wp-content/uploads/2019/07/IoC-targeted-attack-tool.pdf )


【検索】

google: dd21a9ce1d87e3a7f9f2a592ec9dd642ca19aee4a60502c8df21d9c25f9acf86
google: 2af73c8603e1d51661b0fffc09be306797558204bcbd4f95dd2dfe8363901606
google: ed2febf310ae90739002b9ddb07a29d0b2c8e92462ae4a0a6dcc19cc537ddef3
google: 007f81debf1c984c5b4d5b84d6a8c06bcdf84d1a4cccdd9633e45de35015faf3
google: 125f93883ccccb3c33964c8bcdd17b409b53fbc44de1e3b4afd7dfe79aa358cd
google: 1ac26e86540610d1293c421ed05c13cd6ed51759be153c45d194ff7552c88855
google: 4c3575c7b6c530603e4cd76c7dcaed12fc5ebadbf4d4d6b46352eb08458683e8
google: 4e46cec7f6e7fa13c10e808f0da104a8c810b7ef17c40d0e9a908453be87e7f4
google: 5472f9ba3bc623450cc208669dacddb1b6a73ffe4dc705b85cf41637070fda28
google: 572c3943f70a3e362d9bf195ce37cec68074235eb1abba9f0cdbb91f5231a572
google: 5db45fa654910495592cf1ca00d7ef537708c38c4803d10d89eaa0ddba0e7d8c
google: 6ee5c5724ecc70f77aadcf00c77829e5313f44c61b2720113ada0c8263ac662c
google: 7ced0990ac94f36fab21821395f543f3a06be486c9f34cdc137874912573fb27
google: 7f5bddeb0c9ecde4d64ddac8b046859fb1627811d96c29dfa2b88102740571ce
google: 94af094fc02cfe85a80f2f90d408f9598f9d77def36155e16a90e2bd8f8fdcce
google: 975dc8ecda9a9c15d19c4d9d67f961366d2f0ac1074b5eb5d3b36e653092a6a3
google: bafe63e8fd76f1c9010137e6cd5137655ea12ab5c25d0b86700627b2ebad2be0
google: ce5025a484b3e2481e248dee404e6d321b6d7f58bae77b284ec9e602672e6a10
google: ce8cb7c8dc29b9e4feab463fdf53b569b69e6a5c4ab0e50513b264563d74a6ac
google: 9af55d177e7d7628dc63f7753de4780031073098e1c674e619826cb97c190744
google: f81dd3e5b0507d78815f5909ab442545cb3f5262397abd89b5947e1e7b3fef12
google: 35d10df58e340b6a7d69e590852b84a6a02f774306c3eb29e60e6b24740456eb
google: 13800d1075e56f9bd0d87b2e85555040233e8b2ec679770101d046ffa4e39582
google: 199e0419622e108ffdd7c9de571931d9aedc4f980a602766c0fdcb17bdddfc2a
google: 1bc9762470423393521d9aa64d505501d201d3cb50c8e6576d4381590b090d75
google: 2d6a5eb8a78cddee8ce90321aab80f85784b11a87b00fde75c4c457998a5aebd
google: 3638ee8c0153b2763eb36246d9ffe4f7ec6d1f7e76876fb6f579c45e6e55e260
google: 469e7ac4b5bad89e305e1e7ec65773844f3d639e84476da4b1fdf442a7c28504
google: 59e3cf8f342a2bb5ce22bb03f8671568f68751f807002f9b329ed58e12a8831c
google: 5cd9ff29454e84923d4178484ecfb3bc48561d4401fa94b98f9d2693d47a740a
google: 6173542183c304ac2efc0348df799c1e3dea508cceaaac461bd509dc436d4edf
google: 82c0b0fbb0f44ad2bc46c8b105f167f0feadf936ff811f97aab3a9a6cccc2fb2
google: 87488d9ad54b88e5488c18d8de6a338eaf4fe7bdeec2df7eeaf90380de1533b6
google: 8d402a3871bada94d84dd8a7c29361f27b75ac37394f6de059b06afb340fe3d6
google: 9853e7bd0906cf92d2767fa55ee0a645f23099b37d59654d3c388d897a19fb1e
google: af21fb86d48b60ee58084570fba12cf3dbc3992c713421a265cd451c169967d2
google: cf60518d2a22631d0539964ff97bc396b44ef5f6979f7a9e59e03c89598db0bf
google: ec85ec44771401d4a71cb7f8bc3597d55ec02b84178464ab33161c77c4f51f0b
google: ecfcd390712f6ac57b822ef519063f8e9151e90549e245e4e2a70d02ff584634


【VT検索】

https://www.virustotal.com/gui/file/dd21a9ce1d87e3a7f9f2a592ec9dd642ca19aee4a60502c8df21d9c25f9acf86
https://www.virustotal.com/gui/file/2af73c8603e1d51661b0fffc09be306797558204bcbd4f95dd2dfe8363901606
https://www.virustotal.com/gui/file/ed2febf310ae90739002b9ddb07a29d0b2c8e92462ae4a0a6dcc19cc537ddef3
https://www.virustotal.com/gui/file/007f81debf1c984c5b4d5b84d6a8c06bcdf84d1a4cccdd9633e45de35015faf3
https://www.virustotal.com/gui/file/125f93883ccccb3c33964c8bcdd17b409b53fbc44de1e3b4afd7dfe79aa358cd
https://www.virustotal.com/gui/file/1ac26e86540610d1293c421ed05c13cd6ed51759be153c45d194ff7552c88855
https://www.virustotal.com/gui/file/4c3575c7b6c530603e4cd76c7dcaed12fc5ebadbf4d4d6b46352eb08458683e8
https://www.virustotal.com/gui/file/4e46cec7f6e7fa13c10e808f0da104a8c810b7ef17c40d0e9a908453be87e7f4
https://www.virustotal.com/gui/file/5472f9ba3bc623450cc208669dacddb1b6a73ffe4dc705b85cf41637070fda28
https://www.virustotal.com/gui/file/572c3943f70a3e362d9bf195ce37cec68074235eb1abba9f0cdbb91f5231a572
https://www.virustotal.com/gui/file/5db45fa654910495592cf1ca00d7ef537708c38c4803d10d89eaa0ddba0e7d8c
https://www.virustotal.com/gui/file/6ee5c5724ecc70f77aadcf00c77829e5313f44c61b2720113ada0c8263ac662c
https://www.virustotal.com/gui/file/7ced0990ac94f36fab21821395f543f3a06be486c9f34cdc137874912573fb27
https://www.virustotal.com/gui/file/7f5bddeb0c9ecde4d64ddac8b046859fb1627811d96c29dfa2b88102740571ce
https://www.virustotal.com/gui/file/94af094fc02cfe85a80f2f90d408f9598f9d77def36155e16a90e2bd8f8fdcce
https://www.virustotal.com/gui/file/975dc8ecda9a9c15d19c4d9d67f961366d2f0ac1074b5eb5d3b36e653092a6a3
https://www.virustotal.com/gui/file/bafe63e8fd76f1c9010137e6cd5137655ea12ab5c25d0b86700627b2ebad2be0
https://www.virustotal.com/gui/file/ce5025a484b3e2481e248dee404e6d321b6d7f58bae77b284ec9e602672e6a10
https://www.virustotal.com/gui/file/ce8cb7c8dc29b9e4feab463fdf53b569b69e6a5c4ab0e50513b264563d74a6ac
https://www.virustotal.com/gui/file/9af55d177e7d7628dc63f7753de4780031073098e1c674e619826cb97c190744
https://www.virustotal.com/gui/file/f81dd3e5b0507d78815f5909ab442545cb3f5262397abd89b5947e1e7b3fef12
https://www.virustotal.com/gui/file/35d10df58e340b6a7d69e590852b84a6a02f774306c3eb29e60e6b24740456eb
https://www.virustotal.com/gui/file/13800d1075e56f9bd0d87b2e85555040233e8b2ec679770101d046ffa4e39582
https://www.virustotal.com/gui/file/199e0419622e108ffdd7c9de571931d9aedc4f980a602766c0fdcb17bdddfc2a
https://www.virustotal.com/gui/file/1bc9762470423393521d9aa64d505501d201d3cb50c8e6576d4381590b090d75
https://www.virustotal.com/gui/file/2d6a5eb8a78cddee8ce90321aab80f85784b11a87b00fde75c4c457998a5aebd
https://www.virustotal.com/gui/file/3638ee8c0153b2763eb36246d9ffe4f7ec6d1f7e76876fb6f579c45e6e55e260
https://www.virustotal.com/gui/file/469e7ac4b5bad89e305e1e7ec65773844f3d639e84476da4b1fdf442a7c28504
https://www.virustotal.com/gui/file/59e3cf8f342a2bb5ce22bb03f8671568f68751f807002f9b329ed58e12a8831c
https://www.virustotal.com/gui/file/5cd9ff29454e84923d4178484ecfb3bc48561d4401fa94b98f9d2693d47a740a
https://www.virustotal.com/gui/file/6173542183c304ac2efc0348df799c1e3dea508cceaaac461bd509dc436d4edf
https://www.virustotal.com/gui/file/82c0b0fbb0f44ad2bc46c8b105f167f0feadf936ff811f97aab3a9a6cccc2fb2
https://www.virustotal.com/gui/file/87488d9ad54b88e5488c18d8de6a338eaf4fe7bdeec2df7eeaf90380de1533b6
https://www.virustotal.com/gui/file/8d402a3871bada94d84dd8a7c29361f27b75ac37394f6de059b06afb340fe3d6
https://www.virustotal.com/gui/file/9853e7bd0906cf92d2767fa55ee0a645f23099b37d59654d3c388d897a19fb1e
https://www.virustotal.com/gui/file/af21fb86d48b60ee58084570fba12cf3dbc3992c713421a265cd451c169967d2
https://www.virustotal.com/gui/file/cf60518d2a22631d0539964ff97bc396b44ef5f6979f7a9e59e03c89598db0bf
https://www.virustotal.com/gui/file/ec85ec44771401d4a71cb7f8bc3597d55ec02b84178464ab33161c77c4f51f0b
https://www.virustotal.com/gui/file/ecfcd390712f6ac57b822ef519063f8e9151e90549e245e4e2a70d02ff584634


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2020