TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究・参照ログ

Gustuff return, new features for victims

【図表】

f:id:tanigawa:20191022152921j:plain
f:id:tanigawa:20191022152928j:plain
出典: https://blog.talosintelligence.com/2019/10/gustuffv2.html#more


【ブログ】

◆Gustuff return, new features for victims (Talos(CISCO), 2019/10/21)
https://blog.talosintelligence.com/2019/10/gustuffv2.html#more


【インディケータ情報】

■ハッシュ情報(Sha256)

5981f8ec5b35f3891022f1f1cdbf092c56a9b0ac8acbcd20810cc22e7efb5e0b
03d1a55ce6879d79239db32c2c8e83c4a3e10cb9123d513ce7fd04defb971886
3027fbd59b8dd25dcabd21800d8e8ab3222a1ae3e2d268857def4311bb01ea2e
b13e6d70b07d6127d803d2374ebfb1e66a3b4cfd865cc2eb0e45455401be527e
65a7d4f9b3549198b008a089d0c8feb30c5409efc52e8a496f503fa262a6e922

(以上は Talos(CISCO)の情報: 引用元は https://blog.talosintelligence.com/2019/10/gustuffv2.html )



■IPアドレス

88.99.174 [。] 142
88.99.175 [。] 152
88.99.170 [。] 43
88.99.170 [。] 141
78.46.201 [。] 36
88.99.174 [。] 140

(以上は Talos(CISCO)の情報: 引用元は https://blog.talosintelligence.com/2019/10/gustuffv2.html )

■FQDN

instagram-shared [。] pw
instagram-shared [。] store
instagram-shared [。] info
instagram-share [。] com
intagram-share [。] com
instagram-shared [。] net
instagram-shared [。] com
ビデオ-hd33 [。] site
video-hd30 [。] site
video-hd29 [。] site
video-hd24 [。] site
video-hd20 [。] site
video-hd18 [。] site
video-hd17 [。] site
hd- video5 [。] site
hd-video4 [。] site
video-hosting [。] site
video-hd1 [。] site
video-hd [。] site
hd-
video1 [。] site homevideo641a [。] cf
homevideo651a [。] cf
homevideo5-23b [。] ml
homevideo631a [。] cf
homevideo611a [。] cf
homevideo4-23b [。] ml
homevideo641a [。] ga
homevideo3-23b [。] ml
homevideo54-1a [。] ml
videohosting32-e [。] cf
videohosting23c [。] cf
videohosting62-b [。] tk

(以上は Talos(CISCO)の情報: 引用元は https://blog.talosintelligence.com/2019/10/gustuffv2.html )


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2019