読者です 読者をやめる 読者になる 読者になる

APT12

マルウェア情報】

◆APT12の攻撃に使用されたマルウェアIOC (FireEye, 2014/10/28)
https://github.com/fireeye/iocs/blob/master/APT12/2384c8ce-6eca-4d06-8aa4-151b53d9a6bc.ioc


マルウェア検体のハッシュ値

◆APT12
MD5: f6fafb7c30b1114befc93f39d0698560
SHA1: 7430743f4e6b48a334d9c8ba541cece48d44fc9c
SHA256: 7144eaf8bbec1629b600087956b0943dde7d49a5b265865b16164d06d57a9155
SHA512:
SSDEEP: 3072:EslNBID25TykosDD90kz//uRi/pp17nLn4/bxq:EUNr3zXuqp9Ox
authentihash:
imphash:
File Size: 168378 bytes
File Type: MS Word Document
作成日時: 2012/11/23 05:35:00
File Name: 0824.1.doc
File Path:
利用脆弱性: CVE2012-0158
https://www.virustotal.com/ja/file/7144eaf8bbec1629b600087956b0943dde7d49a5b265865b16164d06d57a9155/analysis/
https://totalhash.cymru.com/analysis/?7430743f4e6b48a334d9c8ba541cece48d44fc9c
https://cryptam.com/docsearch.php?sha256=7144eaf8bbec1629b600087956b0943dde7d49a5b265865b16164d06d57a9155
http://securitybloggersnetwork.com/author/ned-moran/

◆APT12
MD5: 6e59861931fa2796ee107dc27bfdd480
SHA1: 9a8b19a954bc4e3bbea569651c4ff14d7c973692
SHA256: 3cd6ad651257f66e9a68d9c89f14666941886e4251983fe7f9bff898b435827e
SHA512:
SSDEEP: 1536:g1Tn3aHGcQJW0jFyiLdalkBEVGF8k3xL83vX4:42AjFyi5aS19J8fX
authentihash: 9c131d2dd3054c9be76acb3ff5c3310515e9afb8b635b06fe77fea6c2dd2155c
imphash: ead55ef2b18a80c00786c25211981570
File Size: 75264 bytes
File Type: PE32 executable for MS Windows (GUI) Intel 80386 32-bit
コンパイル日時: 2014/08/23 08:22:49
File Name:
File Path:
通信先:

参考資料:

MD5

  • 73f493f6a2b0da23a79b50765c164e88
  • eaa6e03d9dae356481215e3a9d2914dc
  • 06da4eb2ab6412c0dc7f295920eb61c4
  • 53baedf3765e27fb465057c48387c9b6
  • e009b95ff7b69cbbebc538b2c5728b11
  • 16e627dbe730488b1c3d448bfc9096e2
  • 499bec15ac83f2c8998f03917b63652e
  • f9cfda6062a8ac9e332186a7ec0e706a
  • 4ab6bf7e6796bb930be2dd0141128d06

Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2016