【ブログ】
◆ESXiArgsランサムウェア攻撃が2年前の脆弱性を悪用しているという衝撃 (Deep Instinct, 2023/02/17)
https://www.deepinstinct.com/ja/blog/no-surprise-esxiargs-ransomware-attacks-exploit-2-year-old-vulnerability
【関連まとめ記事】
◆全体まとめ
◆マルウェア / Malware (まとめ)
◆ランサムウェア (まとめ)
◆ESXiArgs (まとめ)
https://malware-log.hatenablog.com/entry/ESXiArgs
【インディケータ情報】
■ハッシュ情報(Sha256) - ESXiArgs -
73c66de7964b86b9fe32563b7d3195b87896a644c2bcdcaea74b81cb5da2a06b
773d147a031d8ef06ee8ec20b614a4fd9733668efeb2b05aa03e36baaf082878
10c3b6b03a9bf105d264a8e7f30dcab0a6c59a414529b0af0a6bd9f1d2984459
5a9448964178a7ad3e8ac509c06762e418280c864c1d3c2c4230422df2c66722
11b1b2375d9d840912cfd1f0d0d04d93ed0cddb0ae4ddb550a5b62cd044d6b66
7f39818a30879b314ffcff70d2e196fabec60ad94551547cf0e19f6bc3055a97
773d147a031d8ef06ee8ec20b614a4fd9733668efeb2b05aa03e36baaf082878
ee1f73140605bc1475792e4b26102caa2b2ef838590f9f73a1e4a39feda72634
e1d2d6cba7dcc0d87884e9cfdf1a5141dd7649cb8958133fb9bd0659b377ed6e
c13a5bfb4bddfb1b7ce2fa3e6ae4745566490b50b58e3ff1e57c1d1c2f696760
(以上は Deep Instinct の情報: 引用元は https://www.deepinstinct.com/ja/blog/no-surprise-esxiargs-ransomware-attacks-exploit-2-year-old-vulnerability )
| 73c66de7964b86b9fe32563b7d3195b87896a644c2bcdcaea74b81cb5da2a06b | encrypt.sh |
| 773d147a031d8ef06ee8ec20b614a4fd9733668efeb2b05aa03e36baaf082878 | vmtools.py |
| 10c3b6b03a9bf105d264a8e7f30dcab0a6c59a414529b0af0a6bd9f1d2984459 | encrypt.sh |
| 5a9448964178a7ad3e8ac509c06762e418280c864c1d3c2c4230422df2c66722 | encrypt.sh |
| 11b1b2375d9d840912cfd1f0d0d04d93ed0cddb0ae4ddb550a5b62cd044d6b66 | encrypt |
| 7f39818a30879b314ffcff70d2e196fabec60ad94551547cf0e19f6bc3055a97 | CVE-2021-21974.py |
| 773d147a031d8ef06ee8ec20b614a4fd9733668efeb2b05aa03e36baaf082878 | local.sh |
| ee1f73140605bc1475792e4b26102caa2b2ef838590f9f73a1e4a39feda72634 | Encrypt00.sh |
| e1d2d6cba7dcc0d87884e9cfdf1a5141dd7649cb8958133fb9bd0659b377ed6e | Encrypt00.sh |
| c13a5bfb4bddfb1b7ce2fa3e6ae4745566490b50b58e3ff1e57c1d1c2f696760 | Encrypt1.sh |
(以上は Deep Instinct の情報: 引用元は https://www.deepinstinct.com/ja/blog/no-surprise-esxiargs-ransomware-attacks-exploit-2-year-old-vulnerability )
【検索】
google: 73c66de7964b86b9fe32563b7d3195b87896a644c2bcdcaea74b81cb5da2a06b
google: 773d147a031d8ef06ee8ec20b614a4fd9733668efeb2b05aa03e36baaf082878
google: 10c3b6b03a9bf105d264a8e7f30dcab0a6c59a414529b0af0a6bd9f1d2984459
google: 5a9448964178a7ad3e8ac509c06762e418280c864c1d3c2c4230422df2c66722
google: 11b1b2375d9d840912cfd1f0d0d04d93ed0cddb0ae4ddb550a5b62cd044d6b66
google: 7f39818a30879b314ffcff70d2e196fabec60ad94551547cf0e19f6bc3055a97
google: 773d147a031d8ef06ee8ec20b614a4fd9733668efeb2b05aa03e36baaf082878
google: ee1f73140605bc1475792e4b26102caa2b2ef838590f9f73a1e4a39feda72634
google: e1d2d6cba7dcc0d87884e9cfdf1a5141dd7649cb8958133fb9bd0659b377ed6e
google: c13a5bfb4bddfb1b7ce2fa3e6ae4745566490b50b58e3ff1e57c1d1c2f696760
【VT検索】
https://www.virustotal.com/gui/file/73c66de7964b86b9fe32563b7d3195b87896a644c2bcdcaea74b81cb5da2a06b
https://www.virustotal.com/gui/file/773d147a031d8ef06ee8ec20b614a4fd9733668efeb2b05aa03e36baaf082878
https://www.virustotal.com/gui/file/10c3b6b03a9bf105d264a8e7f30dcab0a6c59a414529b0af0a6bd9f1d2984459
https://www.virustotal.com/gui/file/5a9448964178a7ad3e8ac509c06762e418280c864c1d3c2c4230422df2c66722
https://www.virustotal.com/gui/file/11b1b2375d9d840912cfd1f0d0d04d93ed0cddb0ae4ddb550a5b62cd044d6b66
https://www.virustotal.com/gui/file/7f39818a30879b314ffcff70d2e196fabec60ad94551547cf0e19f6bc3055a97
https://www.virustotal.com/gui/file/773d147a031d8ef06ee8ec20b614a4fd9733668efeb2b05aa03e36baaf082878
https://www.virustotal.com/gui/file/ee1f73140605bc1475792e4b26102caa2b2ef838590f9f73a1e4a39feda72634
https://www.virustotal.com/gui/file/e1d2d6cba7dcc0d87884e9cfdf1a5141dd7649cb8958133fb9bd0659b377ed6e
https://www.virustotal.com/gui/file/c13a5bfb4bddfb1b7ce2fa3e6ae4745566490b50b58e3ff1e57c1d1c2f696760
