TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究・参照ログ

Woody RAT: A new feature-rich malware spotted in the wild

【図表】


Woody Rat distribution methods

Document lure
出典: https://www.malwarebytes.com/blog/threat-intelligence/2022/08/woody-rat-a-new-feature-rich-malware-spotted-in-the-wild


【ブログ】

◆Woody RAT: A new feature-rich malware spotted in the wild (Malwarebytes, 2022/08/03)
[Woody RAT: 機能豊富な新型マルウェアが野生の状態で発見される]
https://www.malwarebytes.com/blog/threat-intelligence/2022/08/woody-rat-a-new-feature-rich-malware-spotted-in-the-wild


【関連まとめ記事】

全体まとめ
 ◆マルウェア / Malware (まとめ)
  ◆トロイの木馬 (まとめ)

◆Woody RAT (まとめ)
https://malware-log.hatenablog.com/entry/Woody_RAT


【インディケータ情報】

■ハッシュ情報(Sha256) - WoodyRat -

982ec24b5599373b65d7fec3b7b66e6afff4872847791cf3c5688f47bfcb8bf0
66378c18e9da070629a2dbbf39e5277e539e043b2b912cc3fed0209c48215d0b
b65bc098b475996eaabbb02bb5fee19a18c6ff2eee0062353aff696356e73b7a
43b15071268f757027cf27dd94675fdd8e771cdcd77df6d2530cb8e218acc2ce
408f314b0a76a0d41c99db0cb957d10ea8367700c757b0160ea925d6d7b5dd8e
0588c52582aad248cf0c43aa44a33980e3485f0621dba30445d8da45bba4f834
5c5020ee0f7a5b78a6da74a3f58710cba62f727959f8ece795b0f47828e33e80
3ba32825177d7c2aac957ff1fc5e78b64279aeb748790bc90634e792541de8d3
9bc071fb6a1d9e72c50aec88b4317c3eb7c0f5ff5906b00aa00d9e720cbc828d

(以上は Malwarebytes の情報: 引用元は https://www.malwarebytes.com/blog/threat-intelligence/2022/08/woody-rat-a-new-feature-rich-malware-spotted-in-the-wild )


■FQDN情報 - C2 -

kurmakata.duckdns[.]org
microsoft-ru-data[.]ru
194.36.189.179
microsoft-telemetry[.]ru
oakrussia[.]ru

(以上は Malwarebytes の情報: 引用元は https://www.malwarebytes.com/blog/threat-intelligence/2022/08/woody-rat-a-new-feature-rich-malware-spotted-in-the-wild )


【検索】

google: Woody RAT
google:news: Woody RAT

google: 982ec24b5599373b65d7fec3b7b66e6afff4872847791cf3c5688f47bfcb8bf0
google: 66378c18e9da070629a2dbbf39e5277e539e043b2b912cc3fed0209c48215d0b
google: b65bc098b475996eaabbb02bb5fee19a18c6ff2eee0062353aff696356e73b7a
google: 43b15071268f757027cf27dd94675fdd8e771cdcd77df6d2530cb8e218acc2ce
google: 408f314b0a76a0d41c99db0cb957d10ea8367700c757b0160ea925d6d7b5dd8e
google: 0588c52582aad248cf0c43aa44a33980e3485f0621dba30445d8da45bba4f834
google: 5c5020ee0f7a5b78a6da74a3f58710cba62f727959f8ece795b0f47828e33e80
google: 3ba32825177d7c2aac957ff1fc5e78b64279aeb748790bc90634e792541de8d3
google: 9bc071fb6a1d9e72c50aec88b4317c3eb7c0f5ff5906b00aa00d9e720cbc828d


■Bing

https://www.bing.com/search?q=Woody%20RAT
https://www.bing.com/news/search?q=Woody%20RAT


■Twitter

https://twitter.com/search?q=%23Woody%20RAT


【VT検索】

https://www.virustotal.com/gui/file/982ec24b5599373b65d7fec3b7b66e6afff4872847791cf3c5688f47bfcb8bf0
https://www.virustotal.com/gui/file/66378c18e9da070629a2dbbf39e5277e539e043b2b912cc3fed0209c48215d0b
https://www.virustotal.com/gui/file/b65bc098b475996eaabbb02bb5fee19a18c6ff2eee0062353aff696356e73b7a
https://www.virustotal.com/gui/file/43b15071268f757027cf27dd94675fdd8e771cdcd77df6d2530cb8e218acc2ce
https://www.virustotal.com/gui/file/408f314b0a76a0d41c99db0cb957d10ea8367700c757b0160ea925d6d7b5dd8e
https://www.virustotal.com/gui/file/0588c52582aad248cf0c43aa44a33980e3485f0621dba30445d8da45bba4f834
https://www.virustotal.com/gui/file/5c5020ee0f7a5b78a6da74a3f58710cba62f727959f8ece795b0f47828e33e80
https://www.virustotal.com/gui/file/3ba32825177d7c2aac957ff1fc5e78b64279aeb748790bc90634e792541de8d3
https://www.virustotal.com/gui/file/9bc071fb6a1d9e72c50aec88b4317c3eb7c0f5ff5906b00aa00d9e720cbc828d

https://www.virustotal.com/gui/domain/kurmakata.duckdns.org
https://www.virustotal.com/gui/domain/microsoft-ru-data.ru
https://www.virustotal.com/gui/domain/microsoft-telemetry.ru
https://www.virustotal.com/gui/domain/oakrussia.ru

https://www.virustotal.com/gui/ip-address/194.36.189.179


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2023