【図表】
出典: https://blog.google/threat-analysis-group/exposing-initial-access-broker-ties-conti/
【ブログ】
◆Exposing initial access broker with ties to Conti (Google, 2022/03/17)
https://blog.google/threat-analysis-group/exposing-initial-access-broker-ties-conti/
【関連まとめ記事】
◆全体まとめ
◆マルウェア / Malware (まとめ)
◆ランサムウェア (まとめ)
◆Conti (まとめ)
https://malware-log.hatenablog.com/entry/Conti
◆Bumblebee (まとめ)
https://malware-log.hatenablog.com/entry/Bumblebee
【インディケータ情報】
■ハッシュ情報(Sha256) - BazarLoader -
5ceb28316f29c3912332065eeaaebf59f10d79cd9388ef2a7802b9bb80d797be
9fdec91231fe3a709c8d4ec39e25ce8c55282167c561b14917b52701494ac269
c896ee848586dd0c61c2a821a03192a5efef1b4b4e03b48aba18eedab1b864f7
(以上は Google の情報: 引用元は https://blog.google/threat-analysis-group/exposing-initial-access-broker-ties-conti/ )
■ハッシュ情報(Sha256) - Recent BUMBLEBEE -
9eacade8174f008c48ea57d43068dbce3d91093603db0511467c18252f60de32
6214e19836c0c3c4bc94e23d6391c45ad87fdd890f6cbd3ab078650455c31dc8
201c4d0070552d9dc06b76ee55479fc0a9dfacb6dbec6bbec5265e04644eebc9
1fd5326034792c0f0fb00be77629a10ac9162b2f473f96072397a5d639da45dd
01cc151149b5bf974449b00de08ce7dbf5eca77f55edd00982a959e48d017225
(以上は Google の情報: 引用元は https://blog.google/threat-analysis-group/exposing-initial-access-broker-ties-conti/ )
■url情報 - Recent BUMBLEBEE C2 -
23.81.246[.]187:443
(以上は Google の情報: 引用元は https://blog.google/threat-analysis-group/exposing-initial-access-broker-ties-conti/ )
■url情報 - email campaigns -
conlfex[.]com
avrobio[.]co
elemblo[.]com
phxmfg[.]co
modernmeadow[.]co
lsoplexis[.]com
craneveyor[.]us
faustel[.]us
lagauge[.]us
missionbio[.]us
richllndmetals[.]com
kvnational[.]us
prmflltration[.]com
brightlnsight[.]co
belcolnd[.]com
awsblopharma[.]com
amevida[.]us
revergy[.]us
al-ghurair[.]us
opontia[.]us
(以上は Google の情報: 引用元は https://blog.google/threat-analysis-group/exposing-initial-access-broker-ties-conti/ )
【検索】
google: 5ceb28316f29c3912332065eeaaebf59f10d79cd9388ef2a7802b9bb80d797be
google: 9fdec91231fe3a709c8d4ec39e25ce8c55282167c561b14917b52701494ac269
google: c896ee848586dd0c61c2a821a03192a5efef1b4b4e03b48aba18eedab1b864f7
google: 9eacade8174f008c48ea57d43068dbce3d91093603db0511467c18252f60de32
google: 6214e19836c0c3c4bc94e23d6391c45ad87fdd890f6cbd3ab078650455c31dc8
google: 201c4d0070552d9dc06b76ee55479fc0a9dfacb6dbec6bbec5265e04644eebc9
google: 1fd5326034792c0f0fb00be77629a10ac9162b2f473f96072397a5d639da45dd
google: 01cc151149b5bf974449b00de08ce7dbf5eca77f55edd00982a959e48d017225
google: site:virustotal.com 5ceb28316f29c3912332065eeaaebf59f10d79cd9388ef2a7802b9bb80d797be
google: site:virustotal.com 9fdec91231fe3a709c8d4ec39e25ce8c55282167c561b14917b52701494ac269
google: site:virustotal.com c896ee848586dd0c61c2a821a03192a5efef1b4b4e03b48aba18eedab1b864f7
google: site:virustotal.com 9eacade8174f008c48ea57d43068dbce3d91093603db0511467c18252f60de32
google: site:virustotal.com 6214e19836c0c3c4bc94e23d6391c45ad87fdd890f6cbd3ab078650455c31dc8
google: site:virustotal.com 201c4d0070552d9dc06b76ee55479fc0a9dfacb6dbec6bbec5265e04644eebc9
google: site:virustotal.com 1fd5326034792c0f0fb00be77629a10ac9162b2f473f96072397a5d639da45dd
google: site:virustotal.com 01cc151149b5bf974449b00de08ce7dbf5eca77f55edd00982a959e48d017225
【VT検索】
https://www.virustotal.com/gui/file/5ceb28316f29c3912332065eeaaebf59f10d79cd9388ef2a7802b9bb80d797be
https://www.virustotal.com/gui/file/9fdec91231fe3a709c8d4ec39e25ce8c55282167c561b14917b52701494ac269
https://www.virustotal.com/gui/file/c896ee848586dd0c61c2a821a03192a5efef1b4b4e03b48aba18eedab1b864f7
https://www.virustotal.com/gui/file/9eacade8174f008c48ea57d43068dbce3d91093603db0511467c18252f60de32
https://www.virustotal.com/gui/file/6214e19836c0c3c4bc94e23d6391c45ad87fdd890f6cbd3ab078650455c31dc8
https://www.virustotal.com/gui/file/201c4d0070552d9dc06b76ee55479fc0a9dfacb6dbec6bbec5265e04644eebc9
https://www.virustotal.com/gui/file/1fd5326034792c0f0fb00be77629a10ac9162b2f473f96072397a5d639da45dd
https://www.virustotal.com/gui/file/01cc151149b5bf974449b00de08ce7dbf5eca77f55edd00982a959e48d017225
