TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究・参照ログ

TA542 / Mummy Spider (まとめ)

==【目次】==

概要

【別名】
別名 命名組織
TA542 Proofpoint
Mummy Spider CrowdStrike
【概要】
  • Emotet を使った攻撃を展開
【辞書】

◆MUMMY SPIDER (Malpedia)
https://malpedia.caad.fkie.fraunhofer.de/actor/mummy_spider

記事

【ブログ】

◆Deep Analysis of New Emotet Variant – Part 1 (Fortinet, 2017/05/03)
https://www.fortinet.com/blog/threat-research/deep-analysis-of-new-emotet-variant-part-1.html
https://malware-log.hatenablog.com/entry/2017/05/03/000000_3

◆EMOTET Returns, Starts Spreading via Spam Botnet (Trendmicro, 2017/09/07 09:10)
https://blog.trendmicro.com/trendlabs-security-intelligence/emotet-returns-starts-spreading-via-spam-botnet/
https://malware-log.hatenablog.com/entry/2017/05/03/000000_3

◆Meet CrowdStrike’s Adversary of the Month for February: MUMMY SPIDER (CrowdStrike, 2018/02/08)
https://www.crowdstrike.com/blog/meet-crowdstrikes-adversary-of-the-month-for-february-mummy-spider/
https://malware-log.hatenablog.com/entry/2018/02/08/000000_3

◆Threat Actor Profile: TA542, From Banker to Malware Distribution Service (Proofpoint, 2019/05/15)
https://www.proofpoint.com/us/threat-insight/post/threat-actor-profile-ta542-banker-malware-distribution-service
https://malware-log.hatenablog.com/entry/2019/05/15/000000_18

◆日本ではURLZoneがトップマルウェアに また、EmotetとLINEフィッシングも拡大 (Proofpoint, 2019/06/19)
https://www.proofpoint.com/jp/threat-insight/post/urlzone-top-malware-japan-while-emotet-and-line-phishing-round-out-landscape-0
https://malware-log.hatenablog.com/entry/2019/06/19/000000_8


【図表】

f:id:tanigawa:20200130044632p:plain
Indexed volume of email messages containing Emotet, TA542’s signature payload (from 5/1/17-5/1/19)
f:id:tanigawa:20200130044706j:plain
Timeline of major milestones in TA542 activity
出典: https://hackernews.blog/2019/05/15/threat-actor-profile-ta542-from-banker-to-malware-distribution-service/


【Twitter】

◆ta542
https://twitter.com/hashtag/ta542

関連情報

【関連まとめ記事】

全体まとめ
 ◆攻撃組織 / Actor (まとめ)

◆サイバー犯罪組織 (まとめ)
https://malware-log.hatenablog.com/entry/Cybercrime


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2020