2021-05-13

Ransomware Groups Use Tor-Based Backdoor for Persistent Access

【ブログ】

◆Ransomware Groups Use Tor-Based Backdoor for Persistent Access (SecureWorks, 2021/05/13)
https://www.secureworks.com/blog/ransomware-groups-use-tor-based-backdoor-for-persistent-access

◆Snatch (まとめ)
https://malware-log.hatenablog.com/entry/Snatch

【インディケータ情報】

■ハッシュ情報(Sha256) - -

689f01d9a58bba687da177654dedbcd5cf7e525cd51be5fe26d1946767b1fce5
fd319f0bd259ccb83fe8992b43525629594a1fd27b84c6091ed62d0fd2fe0050

(以上は SecureWorks の情報: 引用元は https://www.secureworks.com/blog/ransomware-groups-use-tor-based-backdoor-for-persistent-access )

■ハッシュ情報(Sha1) - -

eb47854dac531b4723e1c7c8ce65221404de95d1
046d8a6aaa060cad8c78e531d5c700ec66b0c05a

(以上は SecureWorks の情報: 引用元は https://www.secureworks.com/blog/ransomware-groups-use-tor-based-backdoor-for-persistent-access )

■ハッシュ情報(MD5) - -

4c84fa62a7267a2b3b62dc2059fda48b
6691b4bf79624963fb2dcb22141998a5

(以上は SecureWorks の情報: 引用元は https://www.secureworks.com/blog/ransomware-groups-use-tor-based-backdoor-for-persistent-access )

【検索】

google: 689f01d9a58bba687da177654dedbcd5cf7e525cd51be5fe26d1946767b1fce5
google: fd319f0bd259ccb83fe8992b43525629594a1fd27b84c6091ed62d0fd2fe0050

google: eb47854dac531b4723e1c7c8ce65221404de95d1
google: 046d8a6aaa060cad8c78e531d5c700ec66b0c05a

google: 4c84fa62a7267a2b3b62dc2059fda48b
google: 6691b4bf79624963fb2dcb22141998a5

【VT検索】

https://www.virustotal.com/gui/file/689f01d9a58bba687da177654dedbcd5cf7e525cd51be5fe26d1946767b1fce5
https://www.virustotal.com/gui/file/fd319f0bd259ccb83fe8992b43525629594a1fd27b84c6091ed62d0fd2fe0050

https://www.virustotal.com/gui/file/eb47854dac531b4723e1c7c8ce65221404de95d1
https://www.virustotal.com/gui/file/046d8a6aaa060cad8c78e531d5c700ec66b0c05a

https://www.virustotal.com/gui/file/4c84fa62a7267a2b3b62dc2059fda48b
https://www.virustotal.com/gui/file/6691b4bf79624963fb2dcb22141998a5

TT Malware Log

マルウェア / サイバー攻撃 / 解析技術に関する「個人」の調査・研究・参照ログ

Ransomware Groups Use Tor-Based Backdoor for Persistent Access