Taidoor を用いた標的型攻撃 解析レポート
Show in Graph
Image Description
Common Information
Type Value
UUID 5c38f260-11b5-4183-948b-67ad5e7c0a45
Fingerprint 4fccfd01cd0942f6b81bea206a38aaa2a9f9fbe7fde850e74830f9740345045f
Analysis status DONE
Considered CTI value 1
Text language
Published March 6, 2019, 10:05 a.m.
Added to db March 11, 2024, 7:53 p.m.
Last updated Aug. 31, 2024, 4:02 a.m.
Headline Taidoor を用いた標的型攻撃 解析レポート
Title Taidoor を用いた標的型攻撃 解析レポート
Detected Hints/Tags/Attributes 31/1/25
Source URLs
Redirection Url
Details Source https://jp.security.ntt/resources/taidoor.pdf
URL Provider
Details Provider Source level domain
Details security.ntt jp.security.ntt
Attributes
Details Type #Events CTI Value
Details Domain 184 
www.fireeye.com
Details Domain 18 
blog.trendmicro.co.jp
Details Domain 1 
www.trendmicro.co.kr
Details Domain 604 
www.trendmicro.com
Details File 1 
当社の需要について.doc
Details File 2 
load.txt
Details File 1018 
rundll32.exe
Details File 22 
start.vbs
Details File 2 
igfxper.dll
Details File 2 
evasive-tactics-taidoor-3.html
Details File 7 
wp_the_taidoor_campaign.pdf
Details File 1 
について.doc
Details sha1 1 
7ed26fdb2b6a41f3ce0b8e270c93de6c9b6f7c3a
Details IPv4 1 
35.200.168.117
Details IPv4 1 
47.52.90.176
Details IPv4 1 
119.28.232.60
Details Url 4 
https://www.fireeye.com/blog
Details Url 2 
https://blog.trendmicro.co.jp/archives/16893
Details Url 1 
https://www.trendmicro.co.kr/cloud-content/us/pdfs
Details Url 1 
https://www.trendmicro.com/vinfo/jp/threat-enc
Details Windows Registry Key 3 
HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID
Details Windows Registry Key 3 
HKEY_CURRENT_USER\SOFTWARE\Classes
Details Windows Registry Key 1 
HKEY_CURRENT_USER\SOFTWARE\Classes\Folder\shellex\ContextMen
Details Windows Registry Key 1 
HKEY_CURRENT_USER\SOFTWARE\Classes\Folder\shellex\DragDropH
Details Windows Registry Key 1 
HKEY_CURRENT_USER\SOFTWARE\Classes\Folder\shellex\PropertySh