【ブログ】

◆It’s baaaack: Public cyber enemy Emotet has returned (MalwareBytes, 2020/07/17)
https://blog.malwarebytes.com/trojans/2020/07/long-dreaded-emotet-has-returned/

【関連まとめ記事】

◆全体まとめ
　◆マルウェア / Malware (まとめ)
　　◆バンキングマルウェア (まとめ)

◆Emotet (まとめ)
http://malware-log.hatenablog.com/entry/Emotet

【インディケータ情報】

■ハッシュ情報(Sha256) - Emotet Document-

5d2c6110f2ea87a6b7fe9256affbac0eebdeee18081d59e05df4b4a17417492b
4fdff0ebd50d37a32eb5c3a1b2009cb9764e679d8ee95ca7551815b7e8406206
bb5602ea74258ccad36d28f6a5315d07fbeb442a02d0c91b39ca6ba0a0fe71a2
6d86e68c160b25d25765a4f1a2f8f1f032b2d5cb0d1f39d1d504eeaa69492de0
18fab1420a6a968e88909793b3d87af2e8e1e968bf7279d981276a2aa8aa678e
d5213404d4cc40494af138f8051b01ec3f1856b72de3e24f75aca8c024783e89

(以上は MalwareBytes の情報: 引用元は https://blog.malwarebytes.com/trojans/2020/07/long-dreaded-emotet-has-returned/ )

■ハッシュ情報(Sha256) - Emotet Binary -

454d3f0170a0aa750253d4bf697f9fa21b8d93c8ca6625c935b30e4b18835374
d51073eef56acf21e741c827b161c3925d9b45f701a9598ced41893c723ace23
1368a26328c15b6d204aef2b7d493738c83fced23f6b49fd8575944b94bcfbf4
7814f49b3d58b0633ea0a2cb44def98673aad07bd99744ec415534606a9ef314
f04388ca778ec86e83bf41aa6bfa1b163f42e916d0fbab7e50eaadc8b47caa50

(以上は MalwareBytes の情報: 引用元は https://blog.malwarebytes.com/trojans/2020/07/long-dreaded-emotet-has-returned/ )

■FQDN - Emotet -

elseelektrikci[.]com
rviradeals[.]com
skenglish[.]com
packersmoversmohali[.]com
tri-comma[.]com
ramukakaonline[.]com
shubhinfoways[.]com
test2.cxyw[.]net
sustainableandorganicgarments[.]com
staging.icuskin[.]com
fivestarcleanerstx[.]com
bhandaraexpress[.]com
crm.shaayanpharma[.]com
zazabajouk[.]com
e2e-solution[.]com
topgameus[.]com
cpads[.]net
tyres2c[.]com
thesuperservice[.]com
ssuse[.]com

(以上は MalwareBytes の情報: 引用元は https://blog.malwarebytes.com/trojans/2020/07/long-dreaded-emotet-has-returned/ )

■IPアドレス - Emotet(C2) -

178.210.171[.]15
109.117.53[.]230
212.51.142[.]238
190.160.53[.]126

(以上は MalwareBytes の情報: 引用元は https://blog.malwarebytes.com/trojans/2020/07/long-dreaded-emotet-has-returned/ )

【検索】

google: 5d2c6110f2ea87a6b7fe9256affbac0eebdeee18081d59e05df4b4a17417492b
google: 4fdff0ebd50d37a32eb5c3a1b2009cb9764e679d8ee95ca7551815b7e8406206
google: bb5602ea74258ccad36d28f6a5315d07fbeb442a02d0c91b39ca6ba0a0fe71a2
google: 6d86e68c160b25d25765a4f1a2f8f1f032b2d5cb0d1f39d1d504eeaa69492de0
google: 18fab1420a6a968e88909793b3d87af2e8e1e968bf7279d981276a2aa8aa678e
google: d5213404d4cc40494af138f8051b01ec3f1856b72de3e24f75aca8c024783e89

google: 454d3f0170a0aa750253d4bf697f9fa21b8d93c8ca6625c935b30e4b18835374
google: d51073eef56acf21e741c827b161c3925d9b45f701a9598ced41893c723ace23
google: 1368a26328c15b6d204aef2b7d493738c83fced23f6b49fd8575944b94bcfbf4
google: 7814f49b3d58b0633ea0a2cb44def98673aad07bd99744ec415534606a9ef314
google: f04388ca778ec86e83bf41aa6bfa1b163f42e916d0fbab7e50eaadc8b47caa50

【VT検索】

https://www.virustotal.com/gui/file/5d2c6110f2ea87a6b7fe9256affbac0eebdeee18081d59e05df4b4a17417492b
https://www.virustotal.com/gui/file/4fdff0ebd50d37a32eb5c3a1b2009cb9764e679d8ee95ca7551815b7e8406206
https://www.virustotal.com/gui/file/bb5602ea74258ccad36d28f6a5315d07fbeb442a02d0c91b39ca6ba0a0fe71a2
https://www.virustotal.com/gui/file/6d86e68c160b25d25765a4f1a2f8f1f032b2d5cb0d1f39d1d504eeaa69492de0
https://www.virustotal.com/gui/file/18fab1420a6a968e88909793b3d87af2e8e1e968bf7279d981276a2aa8aa678e
https://www.virustotal.com/gui/file/d5213404d4cc40494af138f8051b01ec3f1856b72de3e24f75aca8c024783e89

https://www.virustotal.com/gui/file/454d3f0170a0aa750253d4bf697f9fa21b8d93c8ca6625c935b30e4b18835374
https://www.virustotal.com/gui/file/d51073eef56acf21e741c827b161c3925d9b45f701a9598ced41893c723ace23
https://www.virustotal.com/gui/file/1368a26328c15b6d204aef2b7d493738c83fced23f6b49fd8575944b94bcfbf4
https://www.virustotal.com/gui/file/7814f49b3d58b0633ea0a2cb44def98673aad07bd99744ec415534606a9ef314
https://www.virustotal.com/gui/file/f04388ca778ec86e83bf41aa6bfa1b163f42e916d0fbab7e50eaadc8b47caa50

https://www.virustotal.com/gui/domain/elseelektrikci.com
https://www.virustotal.com/gui/domain/rviradeals.com
https://www.virustotal.com/gui/domain/skenglish.com
https://www.virustotal.com/gui/domain/packersmoversmohali.com
https://www.virustotal.com/gui/domain/tri-comma.com
https://www.virustotal.com/gui/domain/ramukakaonline.com
https://www.virustotal.com/gui/domain/shubhinfoways.com
https://www.virustotal.com/gui/domain/test2.cxyw.net
https://www.virustotal.com/gui/domain/sustainableandorganicgarments.com
https://www.virustotal.com/gui/domain/staging.icuskin.com
https://www.virustotal.com/gui/domain/fivestarcleanerstx.com
https://www.virustotal.com/gui/domain/bhandaraexpress.com
https://www.virustotal.com/gui/domain/crm.shaayanpharma.com
https://www.virustotal.com/gui/domain/zazabajouk.com
https://www.virustotal.com/gui/domain/e2e-solution.com
https://www.virustotal.com/gui/domain/topgameus.com
https://www.virustotal.com/gui/domain/cpads.net
https://www.virustotal.com/gui/domain/tyres2c.com
https://www.virustotal.com/gui/domain/thesuperservice.com
https://www.virustotal.com/gui/domain/ssuse.com

https://www.virustotal.com/gui/ip-address/178.210.171.15]
https://www.virustotal.com/gui/ip-address/109.117.53.230]
https://www.virustotal.com/gui/ip-address/212.51.142.238]
https://www.virustotal.com/gui/ip-address/190.160.53.126]