【ブログ】
◆New Variant of Paradise Ransomware Spreads Through IQY Files (Trendmicro, 2020/03/18)
https://www.trendmicro.com/vinfo/au/security/news/cybercrime-and-digital-threats/new-variant-of-paradise-ransomware-spreads-through-iqy-files
【IoC情報】
◆iqy マルウェア (IoC (TT Malware Log))
https://ioc.hatenablog.com/entry/2020/03/18/000000_1
◆TrickBot (IoC (TT Malware Log))
https://ioc.hatenablog.com/entry/2020/03/18/000000
◆Paradise (IoC (TT Malware Log))
https://ioc.hatenablog.com/entry/2020/03/18/000000_2
【関連まとめ記事】
◆全体まとめ
◆マルウェア / Malware (まとめ)
◆ランサムウェア (まとめ)
◆Paradise (まとめ)
https://malware-log.hatenablog.com/entry/Paradise
【インディケータ情報】
■ハッシュ情報(Sha256) - Trickbot -
8a358b38c45628209e6f12264ed646ab3075ecefd273090acdc8497360b5d3d1
(以上は Trendmicro の情報: 引用元は https://www.trendmicro.com/vinfo/au/security/news/cybercrime-and-digital-threats/new-variant-of-paradise-ransomware-spreads-through-iqy-files )
■ハッシュ情報(Sha256) - (Maliqy) -
8c985fd851f06d726709024eacd51b67ea268c5fee822cfa1460f581e7e38636
(以上は Trendmicro の情報: 引用元は https://www.trendmicro.com/vinfo/au/security/news/cybercrime-and-digital-threats/new-variant-of-paradise-ransomware-spreads-through-iqy-files )
■ハッシュ情報(Sha256) - Paradise -
c12b75f4b1bfcf41c45666f9a3801b735653c7ea61d14c3b700e60c035f55b32
(以上は Trendmicro の情報: 引用元は https://www.trendmicro.com/vinfo/au/security/news/cybercrime-and-digital-threats/new-variant-of-paradise-ransomware-spreads-through-iqy-files )
■URL
hxxp://ocean-v[.]com/wp-content/1.txt
hxxp://ocean-v[.]com/wp-content/1.exe
hxxps://ugajin[.]net/wp-content/upgrade/upd.txt
hxxps://ugajin[.]net/wp-content/upgrade/key.exe
hxxps://iplogger[.]org/1AsWy7
hxxp://prt-recovery[.]support/chat/25-decryptor
【検索】
google: 8a358b38c45628209e6f12264ed646ab3075ecefd273090acdc8497360b5d3d1
google: 8c985fd851f06d726709024eacd51b67ea268c5fee822cfa1460f581e7e38636
google: c12b75f4b1bfcf41c45666f9a3801b735653c7ea61d14c3b700e60c035f55b32
【VT検索】
https://www.virustotal.com/gui/file/8a358b38c45628209e6f12264ed646ab3075ecefd273090acdc8497360b5d3d1
https://www.virustotal.com/gui/file/8c985fd851f06d726709024eacd51b67ea268c5fee822cfa1460f581e7e38636
https://www.virustotal.com/gui/file/c12b75f4b1bfcf41c45666f9a3801b735653c7ea61d14c3b700e60c035f55b32
