TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究・参照ログ

FBot aka Satori Is Back With New Peculiar Obfuscation, Brute-force Techniques

【図表】

f:id:tanigawa:20200309040709p:plain
出典: https://www.trendmicro.com/vinfo/us/security/news/internet-of-things/fbot-aka-satori-is-back-with-new-peculiar-obfuscation-brute-force-techniques


【概要】

Cipher Alphabet MLSDFQWYXNCZRPOKGIUTABVHEJtfqomaechlynudwvjrxigkzsbp7890254163=@^$
Plain Alphabet ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789./ -


【ブログ】

◆FBot aka Satori Is Back With New Peculiar Obfuscation, Brute-force Techniques (Trendmicro, 2019/12/18)
https://www.trendmicro.com/vinfo/us/security/news/internet-of-things/fbot-aka-satori-is-back-with-new-peculiar-obfuscation-brute-force-techniques


【インディケータ情報】

■ハッシュ情報(Sha256) - FBot -

51e208e0003ebcf2225f0482865dd03896f759c170f0be84649f666c13e1130c

(以上は Trendmicro の情報: 引用元は https://www.trendmicro.com/vinfo/us/security/news/internet-of-things/fbot-aka-satori-is-back-with-new-peculiar-obfuscation-brute-force-techniques )


■FQDN

Ohyaya.raiseyourdongers.pw

(以上は Trendmicro の情報: 引用元は https://www.trendmicro.com/vinfo/us/security/news/internet-of-things/fbot-aka-satori-is-back-with-new-peculiar-obfuscation-brute-force-techniques )


■IPアドレス/Port

5.206.227.65:7685

(以上は Trendmicro の情報: 引用元は https://www.trendmicro.com/vinfo/us/security/news/internet-of-things/fbot-aka-satori-is-back-with-new-peculiar-obfuscation-brute-force-techniques )


【検索】

google: 51e208e0003ebcf2225f0482865dd03896f759c170f0be84649f666c13e1130c


【VT検索】

https://www.virustotal.com/gui/file/51e208e0003ebcf2225f0482865dd03896f759c170f0be84649f666c13e1130c

https://www.virustotal.com/gui/ip-address/5.206.227.65


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2020