TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究・参照ログ

Malware Analysis Report (AR20-045G) MAR-10135536-8.v4 – North Korean Trojan: HOPLIGHT

【公開情報】

◆Malware Analysis Report (AR20-045G) MAR-10135536-8.v4 – North Korean Trojan: HOPLIGHT (CISA, 2020/02/14)
https://www.us-cert.gov/ncas/analysis-reports/ar20-045g


【インディケータ情報】

■ハッシュ情報(Sha256) - Hoplight -

05feed9762bc46b47a7dc5c469add9f163c16df4ddaafe81983a628da5714461
0608e411348905145a267a9beaf5cd3527f11f95c4afde4c45998f066f418571
084b21bc32ee19af98f85aee8204a148032ce7eabef668481b919195dd62b319
12480585e08855109c5972e85d99cda7701fe992bc1754f1a0736f1eebcb004d
1a01b8a4c505db70f9e199337ce7f497b3dd42f25ad06487e29385580bca3676
2151c1977b4555a1761c12f151969f8e853e26c396fa1a7b74ccbaf3a48f4525
32ec329301aa4547b4ef4800159940feb950785f1ab68d85a14d363e0ff2bc11
4a74a9fd40b63218f7504f806fce71dffefc1b1d6ca4bbaadd720b6a89d47761
4c372df691fc699552f81c3d3937729f1dde2a2393f36c92ccc2bd2a033a0818
70034b33f59c6698403293cdc28676c7daa8c49031089efa6eefce41e22dccb3
73dcb7639c1f81d3f7c4931d32787bdf07bd98550888c4b29b1058b2d5a7ca33
83228075a604e955d59edc760e4c4ed16eedabfc8f6ac291cf21b4fcbcd1f70a
8a1d57ee05d29a730864299376b830a7e127f089e500e148d96d0868b7c5b520
b05aae59b3c1d024b19c88448811debef1eada2f51761a5c41e70da3db7615a9
b9a26a569257fbe02c10d3735587f10ee58e4281dba43474dbdef4ace8ea7101
c66ef8652e15b579b409170658c95d35cfd6231c7ce030b172692f911e7dcff8
d77fdabe17cdba62a8e728cbe6c740e2c2e541072501f77988674e07a05dfb39
ddea408e178f0412ae78ff5d5adf2439251f68cad4fd853ee466a3c74649642d
f8f7720785f7e75bd6407ac2acd63f90ab6c2907d3619162dc41a8ffa40a5d03
fe43bc385b30796f5e2d94dfa720903c70e66bc91dfdcfb2f3986a1fea3fe8c5

(以上は CISA の情報: 引用元は https://www.us-cert.gov/ncas/analysis-reports/ar20-045g )


■ハッシュ情報(MD5) - Hoplight -

23E27E5482E3F55BF828DAB8855690
34E56056E5741F33D823859E77235E
170A55F7C0448F1741E60B01DCEC9C
868036E102DF4CE414B0E6700825B3
07D2B057D2385A4CDF413E8D342305
5C3898AC7670DA30CF0B22075F3E8E
38FC56965DCCD18F39F8A945F6EBC4
42682D4A78FE5C2EDA988185A34463
C5DC53A540ABE95E02008A04A0D56D
61E3571B8D9B2E9CCFADC3DDE10FB6
3EDCE4D49A2F31B8BA9BAD0B8EF549
3021B9EF74c&BDDF59656A035F94FD
5C0C1B4C3B1CFD455AC05ACE994AED
2FF1688FE866EC2871169197F9D469
2A791769AA73AC757F210F8546125B
E4ED26D5E2A84CC5E48D285E4EA898
F8D26F2B8DD2AC4889597E1F2FD1F2
BE588CD29B9DC6F8CFC4D0AA5E5C79
D2DA675A8ADFEF9D0C146154084FFF.
F315BE41D9765D69AD60F0B4D29E43

(以上は CISA の情報: 引用元は https://www.us-cert.gov/ncas/analysis-reports/ar20-045g )


■IPアドレス - Hoplight -

112.175.92.57
113.114.117.122
117.239.241.2
119.18.230.253
128.200.115.228
137.139.135.151
14.140.116.172
181.39.135.126
186.169.2.237
195.158.234.60
197.211.212.59
21.252.107.198
210.137.6.37
217.117.4.110
218.255.24.226
221.138.17.152
26.165.218.44
47.206.4.145
70.224.36.194
81.94.192.10
81.94.192.147
84.49.242.125
97.90.44.200


【検索】

google: 05feed9762bc46b47a7dc5c469add9f163c16df4ddaafe81983a628da5714461
google: 0608e411348905145a267a9beaf5cd3527f11f95c4afde4c45998f066f418571
google: 084b21bc32ee19af98f85aee8204a148032ce7eabef668481b919195dd62b319
google: 12480585e08855109c5972e85d99cda7701fe992bc1754f1a0736f1eebcb004d
google: 1a01b8a4c505db70f9e199337ce7f497b3dd42f25ad06487e29385580bca3676
google: 2151c1977b4555a1761c12f151969f8e853e26c396fa1a7b74ccbaf3a48f4525
google: 32ec329301aa4547b4ef4800159940feb950785f1ab68d85a14d363e0ff2bc11
google: 4a74a9fd40b63218f7504f806fce71dffefc1b1d6ca4bbaadd720b6a89d47761
google: 4c372df691fc699552f81c3d3937729f1dde2a2393f36c92ccc2bd2a033a0818
google: 70034b33f59c6698403293cdc28676c7daa8c49031089efa6eefce41e22dccb3
google: 73dcb7639c1f81d3f7c4931d32787bdf07bd98550888c4b29b1058b2d5a7ca33
google: 83228075a604e955d59edc760e4c4ed16eedabfc8f6ac291cf21b4fcbcd1f70a
google: 8a1d57ee05d29a730864299376b830a7e127f089e500e148d96d0868b7c5b520
google: b05aae59b3c1d024b19c88448811debef1eada2f51761a5c41e70da3db7615a9
google: b9a26a569257fbe02c10d3735587f10ee58e4281dba43474dbdef4ace8ea7101
google: c66ef8652e15b579b409170658c95d35cfd6231c7ce030b172692f911e7dcff8
google: d77fdabe17cdba62a8e728cbe6c740e2c2e541072501f77988674e07a05dfb39
google: ddea408e178f0412ae78ff5d5adf2439251f68cad4fd853ee466a3c74649642d
google: f8f7720785f7e75bd6407ac2acd63f90ab6c2907d3619162dc41a8ffa40a5d03
google: fe43bc385b30796f5e2d94dfa720903c70e66bc91dfdcfb2f3986a1fea3fe8c5

google: 23E27E5482E3F55BF828DAB8855690
google: 34E56056E5741F33D823859E77235E
google: 170A55F7C0448F1741E60B01DCEC9C
google: 868036E102DF4CE414B0E6700825B3
google: 07D2B057D2385A4CDF413E8D342305
google: 5C3898AC7670DA30CF0B22075F3E8E
google: 38FC56965DCCD18F39F8A945F6EBC4
google: 42682D4A78FE5C2EDA988185A34463
google: C5DC53A540ABE95E02008A04A0D56D
google: 61E3571B8D9B2E9CCFADC3DDE10FB6
google: 3EDCE4D49A2F31B8BA9BAD0B8EF549
google: 3021B9EF74c&BDDF59656A035F94FD
google: 5C0C1B4C3B1CFD455AC05ACE994AED
google: 2FF1688FE866EC2871169197F9D469
google: 2A791769AA73AC757F210F8546125B
google: E4ED26D5E2A84CC5E48D285E4EA898
google: F8D26F2B8DD2AC4889597E1F2FD1F2
google: BE588CD29B9DC6F8CFC4D0AA5E5C79
google: D2DA675A8ADFEF9D0C146154084FFF
google: F315BE41D9765D69AD60F0B4D29E43

google: 112.175.92.57
google: 113.114.117.122
google: 117.239.241.2
google: 119.18.230.253
google: 128.200.115.228
google: 137.139.135.151
google: 14.140.116.172
google: 181.39.135.126
google: 186.169.2.237
google: 195.158.234.60
google: 197.211.212.59
google: 21.252.107.198
google: 210.137.6.37
google: 217.117.4.110
google: 218.255.24.226
google: 221.138.17.152
google: 26.165.218.44
google: 47.206.4.145
google: 70.224.36.194
google: 81.94.192.10
google: 81.94.192.147
google: 84.49.242.125
google: 97.90.44.200


【VT検索】

https://www.virustotal.com/gui/file/05feed9762bc46b47a7dc5c469add9f163c16df4ddaafe81983a628da5714461
https://www.virustotal.com/gui/file/0608e411348905145a267a9beaf5cd3527f11f95c4afde4c45998f066f418571
https://www.virustotal.com/gui/file/084b21bc32ee19af98f85aee8204a148032ce7eabef668481b919195dd62b319
https://www.virustotal.com/gui/file/12480585e08855109c5972e85d99cda7701fe992bc1754f1a0736f1eebcb004d
https://www.virustotal.com/gui/file/1a01b8a4c505db70f9e199337ce7f497b3dd42f25ad06487e29385580bca3676
https://www.virustotal.com/gui/file/2151c1977b4555a1761c12f151969f8e853e26c396fa1a7b74ccbaf3a48f4525
https://www.virustotal.com/gui/file/32ec329301aa4547b4ef4800159940feb950785f1ab68d85a14d363e0ff2bc11
https://www.virustotal.com/gui/file/4a74a9fd40b63218f7504f806fce71dffefc1b1d6ca4bbaadd720b6a89d47761
https://www.virustotal.com/gui/file/4c372df691fc699552f81c3d3937729f1dde2a2393f36c92ccc2bd2a033a0818
https://www.virustotal.com/gui/file/70034b33f59c6698403293cdc28676c7daa8c49031089efa6eefce41e22dccb3
https://www.virustotal.com/gui/file/73dcb7639c1f81d3f7c4931d32787bdf07bd98550888c4b29b1058b2d5a7ca33
https://www.virustotal.com/gui/file/83228075a604e955d59edc760e4c4ed16eedabfc8f6ac291cf21b4fcbcd1f70a
https://www.virustotal.com/gui/file/8a1d57ee05d29a730864299376b830a7e127f089e500e148d96d0868b7c5b520
https://www.virustotal.com/gui/file/b05aae59b3c1d024b19c88448811debef1eada2f51761a5c41e70da3db7615a9
https://www.virustotal.com/gui/file/b9a26a569257fbe02c10d3735587f10ee58e4281dba43474dbdef4ace8ea7101
https://www.virustotal.com/gui/file/c66ef8652e15b579b409170658c95d35cfd6231c7ce030b172692f911e7dcff8
https://www.virustotal.com/gui/file/d77fdabe17cdba62a8e728cbe6c740e2c2e541072501f77988674e07a05dfb39
https://www.virustotal.com/gui/file/ddea408e178f0412ae78ff5d5adf2439251f68cad4fd853ee466a3c74649642d
https://www.virustotal.com/gui/file/f8f7720785f7e75bd6407ac2acd63f90ab6c2907d3619162dc41a8ffa40a5d03
https://www.virustotal.com/gui/file/fe43bc385b30796f5e2d94dfa720903c70e66bc91dfdcfb2f3986a1fea3fe8c5

https://www.virustotal.com/gui/ip-address/112.175.92.57
https://www.virustotal.com/gui/ip-address/113.114.117.122
https://www.virustotal.com/gui/ip-address/117.239.241.2
https://www.virustotal.com/gui/ip-address/119.18.230.253
https://www.virustotal.com/gui/ip-address/128.200.115.228
https://www.virustotal.com/gui/ip-address/137.139.135.151
https://www.virustotal.com/gui/ip-address/14.140.116.172
https://www.virustotal.com/gui/ip-address/181.39.135.126
https://www.virustotal.com/gui/ip-address/186.169.2.237
https://www.virustotal.com/gui/ip-address/195.158.234.60
https://www.virustotal.com/gui/ip-address/197.211.212.59
https://www.virustotal.com/gui/ip-address/21.252.107.198
https://www.virustotal.com/gui/ip-address/210.137.6.37
https://www.virustotal.com/gui/ip-address/217.117.4.110
https://www.virustotal.com/gui/ip-address/218.255.24.226
https://www.virustotal.com/gui/ip-address/221.138.17.152
https://www.virustotal.com/gui/ip-address/26.165.218.44
https://www.virustotal.com/gui/ip-address/47.206.4.145
https://www.virustotal.com/gui/ip-address/70.224.36.194
https://www.virustotal.com/gui/ip-address/81.94.192.10
https://www.virustotal.com/gui/ip-address/81.94.192.147
https://www.virustotal.com/gui/ip-address/84.49.242.125
https://www.virustotal.com/gui/ip-address/97.90.44.200


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2020