【概要】
| 項目 | 内容 |
|---|---|
| MD5 | 83e1ca89bcd55a87f826bc6901ff7f3e |
| SHA-1 | d0db4d232331234f0c430008a4320c0dea993c20 |
| SHA-256 | 4dc802894c45ec4d119d002a7569be6c99a9bba732d0057364da9350f9d3659b |
| Vhash | 055076655d551d15556068z5dhz13z2fz |
| Authentihash | 06c5529542c2879ca08c10ba0daec99afd0a19723d5c3590c36f84d91e70b99b |
| Imphash | b5e8bd2552848bb7bf2f28228d014742 |
| Magic bytes | 4D 5A 90 00 03 00 00 |
| SSDEEP | 12288:HDMUibBYoo+OeO+OeNhBBhhBB7TRU+FR+q1mITXijBs0Fa:jMUiFTTRU+3+qAILOj |
| File size | 500.00 KB (512000 bytes) |
| File type | PE32 executable Win32 EXE |
【ブログ】
◆Cynet Ransomware Report: Mespinoza (Cynet, 2021/07/05)
[Cynet社のランサムウェアのレポートです]Ransomware: Mespinoza / PYSA
Ransomnote: Readme.txthttps://www.cynet.com/attack-techniques-hands-on/cynet-ransomware-report-mespinoza/
【検索】
google: 83e1ca89bcd55a87f826bc6901ff7f3e
google: d0db4d232331234f0c430008a4320c0dea993c20
google: 4dc802894c45ec4d119d002a7569be6c99a9bba732d0057364da9350f9d3659b
google:news: 83e1ca89bcd55a87f826bc6901ff7f3e
google:news: d0db4d232331234f0c430008a4320c0dea993c20
google:news: 4dc802894c45ec4d119d002a7569be6c99a9bba732d0057364da9350f9d3659b
【VT検索】
https://www.virustotal.com/gui/file/83e1ca89bcd55a87f826bc6901ff7f3e
https://www.virustotal.com/gui/file/0db4d232331234f0c430008a4320c0dea993c20
https://www.virustotal.com/gui/file/4dc802894c45ec4d119d002a7569be6c99a9bba732d0057364da9350f9d3659b
【リークサイト】
Wqmfzni2nvbbpk25.onion
【関連まとめ記事】
◆全体まとめ
◆マルウェア / Malware (まとめ)
◆ランサムウェア (まとめ)
◆Mespinoza / PYSA (まとめ)
https://malware-log.hatenablog.com/entry/Mespinoza
◆二重恐喝 (まとめ)
https://malware-log.hatenablog.com/entry/Double_extortion
【インディケータ情報】
■ハッシュ情報(Sha256) - -
4dc802894c45ec4d119d002a7569be6c99a9bba732d0057364da9350f9d3659b
8b4b233e87c61c8698e086b376da640c9ab2ecd71c58b1f6a2eceb60b7e1a691
f0939ebfda6b30a330a00c57497038a54da359e316e0d6e6e71871fd50fec16a
1e2009549452ed6b524b94ed683079ee60c2b9542b1bfd5b9ee42e9161d5e7c8
48355bd2a57d92e017bdada911a4b31aa7225c0b12231c9cbda6717616abaea3
0f0014669bc10a7d87472cafc05301c66516857607b920ddeb3039f4cb8f0a50
e9662b468135f758a9487a1be50159ef57f3050b753de2915763b4ed78839ead
61bb42fe06b3511d512af33ef59baa295b29bd62eb4d0bf28639c7910a65e4ae
425945a93beb160f101d51de36363d1e7ebc45279987c3eaf5e7f183ed0a3776
a18c85399cd1ec3f1ec85cd66ff2e97a0dcf7ccb17ecf697a5376da8eda4d327
5510ae74b7e2a10fdafa577dc278612f7796b0252b7d1438615e26c49e1fc560
1a0ff707938a1399e23af000567806a87fff9b8789ae43badb4d28d4bef1fb81
b1381635c936e8de92cfa26938c80a359904c1d709ef11ee286ba875cfb7b330
(以上は Cynet の情報: 引用元は https://www.cynet.com/attack-techniques-hands-on/cynet-ransomware-report-mespinoza/ )
【検索】
google: 4dc802894c45ec4d119d002a7569be6c99a9bba732d0057364da9350f9d3659b
google: 8b4b233e87c61c8698e086b376da640c9ab2ecd71c58b1f6a2eceb60b7e1a691
google: f0939ebfda6b30a330a00c57497038a54da359e316e0d6e6e71871fd50fec16a
google: 1e2009549452ed6b524b94ed683079ee60c2b9542b1bfd5b9ee42e9161d5e7c8
google: 48355bd2a57d92e017bdada911a4b31aa7225c0b12231c9cbda6717616abaea3
google: 0f0014669bc10a7d87472cafc05301c66516857607b920ddeb3039f4cb8f0a50
google: e9662b468135f758a9487a1be50159ef57f3050b753de2915763b4ed78839ead
google: 61bb42fe06b3511d512af33ef59baa295b29bd62eb4d0bf28639c7910a65e4ae
google: 425945a93beb160f101d51de36363d1e7ebc45279987c3eaf5e7f183ed0a3776
google: a18c85399cd1ec3f1ec85cd66ff2e97a0dcf7ccb17ecf697a5376da8eda4d327
google: 5510ae74b7e2a10fdafa577dc278612f7796b0252b7d1438615e26c49e1fc560
google: 1a0ff707938a1399e23af000567806a87fff9b8789ae43badb4d28d4bef1fb81
google: b1381635c936e8de92cfa26938c80a359904c1d709ef11ee286ba875cfb7b330
【VT検索】
https://www.virustotal.com/gui/file/4dc802894c45ec4d119d002a7569be6c99a9bba732d0057364da9350f9d3659b
https://www.virustotal.com/gui/file/8b4b233e87c61c8698e086b376da640c9ab2ecd71c58b1f6a2eceb60b7e1a691
https://www.virustotal.com/gui/file/f0939ebfda6b30a330a00c57497038a54da359e316e0d6e6e71871fd50fec16a
https://www.virustotal.com/gui/file/1e2009549452ed6b524b94ed683079ee60c2b9542b1bfd5b9ee42e9161d5e7c8
https://www.virustotal.com/gui/file/48355bd2a57d92e017bdada911a4b31aa7225c0b12231c9cbda6717616abaea3
https://www.virustotal.com/gui/file/0f0014669bc10a7d87472cafc05301c66516857607b920ddeb3039f4cb8f0a50
https://www.virustotal.com/gui/file/e9662b468135f758a9487a1be50159ef57f3050b753de2915763b4ed78839ead
https://www.virustotal.com/gui/file/61bb42fe06b3511d512af33ef59baa295b29bd62eb4d0bf28639c7910a65e4ae
https://www.virustotal.com/gui/file/425945a93beb160f101d51de36363d1e7ebc45279987c3eaf5e7f183ed0a3776
https://www.virustotal.com/gui/file/a18c85399cd1ec3f1ec85cd66ff2e97a0dcf7ccb17ecf697a5376da8eda4d327
https://www.virustotal.com/gui/file/5510ae74b7e2a10fdafa577dc278612f7796b0252b7d1438615e26c49e1fc560
https://www.virustotal.com/gui/file/1a0ff707938a1399e23af000567806a87fff9b8789ae43badb4d28d4bef1fb81
https://www.virustotal.com/gui/file/b1381635c936e8de92cfa26938c80a359904c1d709ef11ee286ba875cfb7b330
