2022 年 6 月 15 日 株式会社マクニカ TeamT5
Show in Graph
Image Description
Common Information
Type Value
UUID 187808d4-01b1-47c6-be57-03338cc72912
Fingerprint d579159043b11a0daf027910ea202a177288096c0407ca013da072c41d64a7a9
Analysis status DONE
Considered CTI value 2
Text language
Published June 9, 2022, 4:09 p.m.
Added to db March 11, 2024, 7:32 p.m.
Last updated Aug. 31, 2024, 4:02 a.m.
Headline 2022 年 6 月 15 日 株式会社マクニカ TeamT5
Title 2022 年 6 月 15 日 株式会社マクニカ TeamT5
Detected Hints/Tags/Attributes 107/3/158
Source URLs
Redirection Url
Details Source https://www.macnica.co.jp/business/security/cyberespionage_report_2021_6.pdf
URL Provider
Details Provider Source level domain
Details macnica.co.jp www.macnica.co.jp
Attributes
Details Type #Events CTI Value
Details CVE 7 
cve-2021-41987
Details CVE 1 
cve-2021-36472
Details Domain 15 
www.macnica.co.jp
Details Domain 71 
blogs.jpcert.or.jp
Details Domain 18 
blog.trendmicro.co.jp
Details Domain 46 
jsac.jpcert.or.jp
Details Domain 20 
insight-jp.nttsecurity.com
Details Domain 403 
securelist.com
Details Domain 1 
centos.onthewifi.com
Details Domain 1373 
twitter.com
Details Domain 17 
vblocalhost.com
Details Domain 1 
www.update.com.live-symantec.com
Details Domain 1 
pullnews.postserv.zzux.com
Details Domain 1 
update.helps.zyns.com
Details Domain 1 
client.dnsiskinky.com
Details Domain 2 
bluehexagon.ai
Details Domain 20 
www.seqrite.com
Details Domain 1 
exmail.sytes.net
Details Domain 128 
www.fbi.gov
Details Domain 360 
attack.mitre.org
Details Domain 281 
docs.microsoft.com
Details Domain 11 
detect-respond.blogspot.com
Details Domain 6 
www.dvdsesso.com
Details Domain 2 
org.misecure.com
Details Domain 1 
manager-server.lflink.com
Details Domain 1 
office-service.ftpserver.biz
Details Domain 1 
zdx.mefound.com
Details File 6 
mpressioncss_ta_report_2020_5.pdf
Details File 4 
jsac2021_202_niwa-yanagishita_jp.pdf
Details File 2 
jsac2022_9_yanagishita-tamada-nakatsuru-ishimaru_jp.pdf
Details File 1 
パブリックマルウェアリポジトリで検出されたvpsps.dll
Details File 1 
线路信息.xlsm
Details File 816 
index.html
Details File 1 
フェース経由でiexploer.exe
Details File 1 
2021-10工资中公积金问题咨询.xlsm
Details File 1 
side-loadingテクニックでベースとしていたsfsdll32.dll
Details File 11 
k7sysmn1.dll
Details File 4 
vb2021-50.pdf
Details File 6 
gh0sttimes.html
Details File 2 
mpressioncss_ta_report_2019_4.pdf
Details File 1 
chtime.exe
Details File 2 
sesvc.exe
Details File 2 
bluehexagon.ai
Details File 20 
setup.msi
Details File 1 
browser-up.exe
Details File 1 
pfxg.bin
Details File 1 
ダウンロードしてくるpfxg.bin
Details File 3 
正規ファイルk7sysmon.exe
Details File 3 
がロードするk7sysmn1.dll
Details File 7 
the-pyramid-of-pain.html
Details File 258 
robots.txt
Details File 1 
问题咨询.xlsm
Details File 1 
权限问题_2021_docx.exe
Details File 1 
_20211103_docx.exe
Details File 1 
俞通才周报1025-1031.xlsm
Details File 1 
料20211028_xlsx.exe
Details md5 1 
8c3df0e4d7ff0578d143785342a8033f
Details md5 1 
b6e76ce9f61c2ea14c402f45a76ab118
Details sha256 3 
f142eecf2defc53a310b3b00ae39ffecc1c345527fdfbfea8ccccd0d69276b41
Details sha256 3 
fde82dcccd471b63f511c6f76dc04e12334818cda8b38f5048b8ad85c9357089
Details sha256 1 
8fe30890f359b8d6e61738265cb5b6d992fc2dc64089d598e8bead3779208887
Details sha256 1 
ee6ed35568c43fbb5fd510bc863742216bba54146c6ab5f17d9bfd6eacd0f796
Details sha256 1 
ae684ffdcd999fd62dcdeb511d0d597a98e0836d57edaa59901da067a7f41576
Details sha256 1 
0911e5d1ec48430ff9a863f5c4a38f0c71872d8bd6c89f07d6ae16d78eca162f
Details sha256 3 
733b4d5174669caab2bbcc9bfe51606a13346b70af59fccea4f479d1fde7b5d7
Details sha256 2 
d196969b35966462fa03ef857e375e9d6172b34053b115df04cefa3d673b9d85
Details sha256 1 
be5dc0d38251a54350c462a7f4a6c70028ee05c01bde5c1974342893bf12ba5e
Details sha256 2 
90406d0fc975f342f0e20b49e7946e891392eb06bfc8cc5f3b9b8c86b7c1b17a
Details sha256 1 
c604f7be88bff6fb3d88e53121fb0e247be1e6297eb43cf3bf731c2cdee90594
Details sha256 2 
1e25116f33f7248e4549cb15fb20bd5d9f87cc7424e6592e565d66095ec2b647
Details sha256 2 
8bdfc1ed5bfec964050a42a0f1ddd8709fcf14fab1ede151c5a7161be904cd96
Details sha256 3 
2169d93f344e3f353444557b9009aef27f1b0a0a8aa3d947b5b8f0b36ef20672
Details sha256 3 
d75537d59954ec3cc092378f00b16b6c9935590ef1074cb308e1ed65e922762c
Details sha256 3 
1dbf67d7dadba5505073aaf3e4478dd295b074bddf10ac5ac7b80d7fc14bea63
Details sha256 3 
fc602ebcf5f9697bedae0e641adfc16985058212f7b9e69dad0f1bf53daf93f9
Details sha256 3 
978ba248c02eb9c130c1459b767527f8a3a9714c6686c12432e027da56f6c553
Details sha256 3 
dab7d79644453a7ca61b9b585c1081167dbe5df0da398df2458c1081295f68e6
Details sha256 3 
50cf6841cbc0ce395a23b9a4d2ddac77b11a376929878717e90c9a7430feddc3
Details sha256 3 
88efbc6e883336a0b910b7bcf0ef5c2172d913371db511a59a4a525811173bf1
Details sha256 3 
e764f26c3e5bf8467da51fbb33c3d80f026b8fe5bd5a6b84318b3f0aedb667cd
Details sha256 2 
ba27ae12e6f3c2c87fd2478072dfa2747d368a507c69cd90b653c9e707254a1d
Details sha256 2 
e197c583f57e6c560b576278233e3ab050e38aa9424a5d95b172de66f9cfe970
Details sha256 2 
8c3df0e4d7ff0578d143785342a8033fb6e76ce9f61c2ea14c402f45a76ab118
Details sha256 2 
54e6ea47eb04634d3e87fd7787e2136ccfbcc80ade34f246a12cf93bab527f6b
Details sha256 2 
c2b23689ca1c57f7b7b0c2fd95bfef326d6a22c15089d35d31119b104978038b
Details sha256 1 
42416e73ebc0b776c726e6075fa73bb418f24b53b0b2086141a2aba22301ec6a
Details sha256 1 
5b2c25873fd873e4cce18afc32b0a2a31ab2c11bed515ef5f671ef5c9fbe86ab
Details sha256 1 
13c19132f7c0c2c02f4070eca9367bdf8ab2bf59c5993c6e853584ac215857c7
Details sha256 2 
92c75df382218e7743359aa83b403e443550e766c8474a59c9dcbd4903a4bf02
Details sha256 1 
dc095fa5f5dca649eaeb7dac01be794938508e01cf417fe881a23dd7467dda3b
Details sha256 1 
935e61aba8df5f6e80e001af0fa9c6a50c2cf50f4068e9dd4277f2cd1297d95c
Details sha256 1 
1d956f5e1e051b58752ab88ce30fbbc229f4f466e7c410f433a386ac21619d74
Details IPv4 2 
139.162.87.180
Details IPv4 1 
172.104.109.217
Details IPv4 1 
45.77.227.248
Details IPv4 3 
172.104.78.44
Details IPv4 3 
108.61.201.135
Details IPv4 3 
139.162.112.40
Details IPv4 1 
91.0.86.59
Details IPv4 5 
172.105.223.216
Details IPv4 5 
45.77.28.124
Details IPv4 1 
45.117.102.197
Details MITRE ATT&CK Techniques 310 
T1566.001
Details MITRE ATT&CK Techniques 365 
T1204.002
Details MITRE ATT&CK Techniques 380 
T1547.001
Details MITRE ATT&CK Techniques 119 
T1218.011
Details MITRE ATT&CK Techniques 442 
T1071.001
Details MITRE ATT&CK Techniques 191 
T1133
Details MITRE ATT&CK Techniques 460 
T1059.001
Details MITRE ATT&CK Techniques 310 
T1047
Details MITRE ATT&CK Techniques 275 
T1053.005
Details MITRE ATT&CK Techniques 104 
T1505.003
Details MITRE ATT&CK Techniques 141 
T1518.001
Details MITRE ATT&CK Techniques 70 
T1574.001
Details MITRE ATT&CK Techniques 504 
T1140
Details MITRE ATT&CK Techniques 92 
T1070.001
Details MITRE ATT&CK Techniques 43 
T1003.002
Details MITRE ATT&CK Techniques 67 
T1003.003
Details MITRE ATT&CK Techniques 99 
T1087.002
Details MITRE ATT&CK Techniques 124 
T1482
Details MITRE ATT&CK Techniques 160 
T1021.001
Details MITRE ATT&CK Techniques 116 
T1560.001
Details MITRE ATT&CK Techniques 542 
T1190
Details Pdb 1 
c:\users\tsai\desktop\20180522windows_tro\btswindows\serverx86.pdb
Details Pdb 1 
c:\users\tsai\desktop\20180522windows_tro\btswindows\serverx64.pdb
Details Pdb 1 
c:\users\amiko\desktop\spider-rat\client\sample1\x64\release\sample1.pdb
Details Threat Actor Identifier - APT 278 
APT10
Details Threat Actor Identifier - APT 144 
APT38
Details Url 6 
https://www.macnica.co.jp/business/security/manufacturers/files/mpressioncss_ta_report_2020_5.pdf
Details Url 3 
https://blogs.jpcert.or.jp/ja/tags/lodeinfo
Details Url 1 
https://blog.kaspersky.co.jp/apt10-sophisticated-multi-layered-loader-ecipekac-discovered-in-a41apt-campaign/30393
Details Url 4 
https://blog.trendmicro.co.jp/archives/29842
Details Url 4 
https://jsac.jpcert.or.jp/archive/2021/pdf/jsac2021_202_niwa-yanagishita_jp.pdf
Details Url 2 
https://jsac.jpcert.or.jp/archive/2022/pdf/jsac2022_9_yanagishita-tamada-nakatsuru-ishimaru_jp.pdf
Details Url 1 
https://insight-jp.nttsecurity.com/post/102h7vx/blacktechflagpro
Details Url 2 
https://securelist.com/the-bluenoroff-cryptocurrency-hunt-is-still-on/105488
Details Url 1 
http://139.162.87.180/index.html
Details Url 1 
https://twitter.com/jpcert_ac/status/1515940912173502464
Details Url 4 
https://vblocalhost.com/uploads/vb2021-50.pdf
Details Url 4 
https://blogs.jpcert.or.jp/ja/2021/09/gh0sttimes.html
Details Url 1 
https://www.macnica.co.jp/business/security/manufacturers/files/mpressioncss_ta_report_2019_4.pdf
Details Url 1 
https://bluehexagon.ai/threat-advisory-microsoft-exchange-server
Details Url 1 
https://45.77.227.248/pfxg.bin
Details Url 4 
https://www.seqrite.com/blog/4898-2
Details Url 1 
https://exmail.sytes.net/pfxg.bin
Details Url 1 
https://exmail.sytes.net/pfxg.binをダウンロードし
Details Url 3 
https://www.fbi.gov/wanted/cyber/apt-10-group
Details Url 1 
https://attack.mitre.org/versions/v10
Details Url 1 
https://docs.microsoft.com/ja-jp/deployoffice/security/internet-macros-blocked
Details Url 5 
http://detect-respond.blogspot.com/2013/03/the-pyramid-of-pain.html
Details Url 1 
http://172.104.78.44
Details Url 1 
http://108.61.201.135
Details Url 1 
http://139.162.112.40
Details Url 1 
http://172.105.223.216
Details Url 1 
http://45.77.28.124
Details Url 1 
https://www.dvdsesso.com
Details Url 1 
http://139.162.87.180/robots.txt
Details Url 1 
http://org.misecure.com/index.html