TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 / 攻撃組織 に関する「個人」の調査・研究・参照ログ

FamousSparrow: A suspicious hotel guest — Indicators of Compromise

【公開情報】

◆FamousSparrow: A suspicious hotel guest — Indicators of Compromise (ESET, 2021/09/23)
https://github.com/eset/malware-ioc/tree/master/famoussparrow


【インディケータ情報】

■ハッシュ情報(Sha1) - FamousSparrow関連 -

B9601E60F87545441BF8579B2F62668C56507F4A
4DF896624695EA2780552E9EA3C40661DC84EFC8
76C430B55F180A85F4E1A1E40E4A2EA37DB97599
873F98CAF234C3A8A9DB18343DAD7B42117E85D4
FDC44057E87D7C350E6DF84BB72541236A770BA2
C36ECD2E0F38294E1290F4B9B36F602167E33614
BB2F5B573AC7A761015DAAD0B7FF03B294DC60F6
23E228D5603B4802398B2E7419187AEF71FF9DD5
2560B7E28B322BB7A56D0B1DA1B2652E1EFE76EA
E2B0851E2E281CC7BCA3D6D9B2FA0C4B7AC5A02B

(以上は ESET の情報: 引用元は https://github.com/eset/malware-ioc/tree/master/famoussparrow )

SHA-1 hash
ESET Detection Name
Description
B9601E60F87545441BF8579B2F62668C56507F4A Win64/Riskware.Mimikatz.H Mimikatz
4DF896624695EA2780552E9EA3C40661DC84EFC8 Win64/Riskware.Mimikatz.H Mimikatz
76C430B55F180A85F4E1A1E40E4A2EA37DB97599 Win64/Kryptik.BSQ Lsass dumper
873F98CAF234C3A8A9DB18343DAD7B42117E85D4 Win32/NetTool.Nbtscan.A Nbtscan
FDC44057E87D7C350E6DF84BB72541236A770BA2 Win32/FamousSparrow.A Dropper
C36ECD2E0F38294E1290F4B9B36F602167E33614 - Legitimate K7 Computing binary
BB2F5B573AC7A761015DAAD0B7FF03B294DC60F6 Win32/FamousSparrow.A Loader
23E228D5603B4802398B2E7419187AEF71FF9DD5 - Encrypted shellcode
2560B7E28B322BB7A56D0B1DA1B2652E1EFE76EA - Decrypted shellcode
E2B0851E2E281CC7BCA3D6D9B2FA0C4B7AC5A02B Win32/FamousSparrow.B Loader

(以上は ESET の情報: 引用元は https://github.com/eset/malware-ioc/tree/master/famoussparrow )


■url情報 - -

(以上は の情報: 引用元は)


【検索】

google: FamousSparrow
google:news: FamousSparrow

google: B9601E60F87545441BF8579B2F62668C56507F4A
google: 4DF896624695EA2780552E9EA3C40661DC84EFC8
google: 76C430B55F180A85F4E1A1E40E4A2EA37DB97599
google: 873F98CAF234C3A8A9DB18343DAD7B42117E85D4
google: FDC44057E87D7C350E6DF84BB72541236A770BA2
google: C36ECD2E0F38294E1290F4B9B36F602167E33614
google: BB2F5B573AC7A761015DAAD0B7FF03B294DC60F6
google: 23E228D5603B4802398B2E7419187AEF71FF9DD5
google: 2560B7E28B322BB7A56D0B1DA1B2652E1EFE76EA
google: E2B0851E2E281CC7BCA3D6D9B2FA0C4B7AC5A02B


【VT検索】

https://www.virustotal.com/gui/file/B9601E60F87545441BF8579B2F62668C56507F4A
https://www.virustotal.com/gui/file/4DF896624695EA2780552E9EA3C40661DC84EFC8
https://www.virustotal.com/gui/file/76C430B55F180A85F4E1A1E40E4A2EA37DB97599
https://www.virustotal.com/gui/file/873F98CAF234C3A8A9DB18343DAD7B42117E85D4
https://www.virustotal.com/gui/file/FDC44057E87D7C350E6DF84BB72541236A770BA2
https://www.virustotal.com/gui/file/C36ECD2E0F38294E1290F4B9B36F602167E33614
https://www.virustotal.com/gui/file/BB2F5B573AC7A761015DAAD0B7FF03B294DC60F6
https://www.virustotal.com/gui/file/23E228D5603B4802398B2E7419187AEF71FF9DD5
https://www.virustotal.com/gui/file/2560B7E28B322BB7A56D0B1DA1B2652E1EFE76EA
https://www.virustotal.com/gui/file/E2B0851E2E281CC7BCA3D6D9B2FA0C4B7AC5A02B


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2023