不正URLへのアクセス、不正メールの受信
-
メール受信した
弊社お客様32社
URLアクセスした
弊社お客様0社
-
2022/07/14
※2022/07/19 更新
07/13から発生していたマルウェア(Emotet)に感染させると考えられるメールの受信・URLアクセスを検知
メール及び添付ファイルを開かないでください
■IoC
添付ファイル拡張子:xls
添付ファイルハッシュ値:(※1 ※2)
002685777d405d5894762490da08d200b3d087f51d2f2c3364dc1d87f58236d4
0543f81fed598bf012c9f827f9cc9a459e332484e9186e9801748a6a79342d1b
068f43c18650f1b8c317a8a892a1a524a50ed098056f1c0f4a3f9fb9d5b63000
07ef2d0fa3866751c2e1cdbf94f4d16670536a1e48961594e32be9f87266a69d
0869ac5d9d262e5b57c2c1fb35cb80ddf3184b713ef5008b6ad033b77826fb62
0dc3dd6dda182225b265e26c790f8f9dff3fa2796ed4b6a48289e382c19fea17
0eac68b99d437596c340a2900eb92542360e403f0955576ef51066b0a491ed33
19982637d5c151ff15033f97451b10a9b4a0db4814ebddd1a8ecc98b8ac52d52
1b69627e54154088ed8005f4163db85635dcb9e0ef1fecce39133fe2d5a1afac
1cc071c69ded6e82a9e7dbda82bb8d88c657d22bf8eb5bafa02ca4ee31da0dec
1d4fce6bf9847d4c46ac0389659509b86331e4600dea78feb12f75e9e481ef74
1dbefcf64293295d035dd87239c6596767238bfc30460c6a1341a97191b23a8e
1fea8b596971f39331d88f9fade87f5d279b819a492d155e496e1f12a3aa655e
21c13a034912d303ee5d0a0ddac17c65155e1146758ef70304698f1b667632c2
22858919c45e9792242735a093d42790dda9baf2a34f58192636ca7957cf38f1
23a38d98bd0acb32e461f6537883f25c0f2f5461382119c09894a1c23bd905a4
26a5cdecbe68dac8b53ffec82a53606c3b6eb1ffbfac1b812f6c6cd3f13fda5d
26c337d24db116888ed9cd31959857b52ae63d07847fdef20f480853c962793c
289def48e166fbd152d8dc36898de0776d46b93e9e99427063ccbf4e0c239ddc
28b9635e5bb3537fb7409a11a306b9abfe25d17e1800e285f586e773388b8d66
296476a70ff0df121704fdc9168d1e2b586953b83125c0c64e08ca968cb859e8
2a400eece1e68fcf1fd0ff10915e0f42cebc6e7a8abb92e2dacf0f100950f250
2a5170a267eca766ab752be847e91daeb3f0e4507dfe48f48e90ea404d8636ef
2c68cdbb739c78084bac568777cda803a10fdc7d5a19629668a70b30c9d43671
2df600617fdf6d3f6fa1aaa02b2d611379249c75a975a0b8596e6f1ad4d2a530
2ead46f79240f96b0387c307d0c487c1b5a507af0b8082b2a9b8c65655771c3b
2ebfde223301a7022751d62f5aa1465b1b6ecb241420c7a8090de3b9dfbe9299
31e2c516f50b5ad7ab1a8e924a8cdaf2390f79ec918a945f68258a8679115fe6
35ed00b3076921fb343b97e8562d95c8149a8ed9bb6395ca6120f51c61a1875d
36ea29c58d073b17ce38dfb9c3652d00941aae970b48f2bbcc02fafb9b854e92
36f74085b5681b443a4cc768ecdf8fe33a1db2856c46e73f072131cb50fd3acc
37128962715484fc18c93a79bc832641edadd4d9d12063c73aaa6e417be96c9e
39d49b1ab1332702f4ad45ca98d08a21ba80089ef33a6a20c5e96d01fc85f59a
3a1a881fb867e3f7c2911f3fce702f42f99eec107308eb45bc0c1a29d730aeca
3cb7bda53f25421750702ad6e0f6838f1c5d4672bdbf11068c70cc255634f8c9
3e325994c45d0b4e0a7cc9ff289d844f7cd090e411ab65ea7b581ad466a10608
3f1d2acf830e92f3189ffb778ad4c9bc417a5d2959082d20e9c87c14fa4bbb40
3f338e1025de450cf5cd492072eae49de7100bb7f495000fb429b220a95d37e9
40504d01f6b78465ca92e333f345d6a5ad54a9829eaf91d0104f0ec17225668b
437f57721a4cda755889fbac0b8ab51a22c9cb3a36195e2f0c155c7e3a196854
4621655ffb22e15bd3bc3fdf4db2505192f3cba1b9fbfbf8e6ab67f7b797e162
466c08cf9ca02b3120024988d45758b9b6c248a9da50f98e1478eef85256272f
46fba10182740ff7d0eebb062a175e9840e5a1cb271b474e001efcade0aa9f50
48b321141a638e9e3aa8370e1bec2fd832ca685df1d03853c8d5053c0a4a62db
48fe14285ce49a637d4393ec9ff34f7ca002dd889f780b95b52650280ccf64c3
4971c5931a91cabbe3d70e9034087a03a5a81fdd8b9bcef43037a5545fba396e
49caf0a9fe1a812b3ac053ca9101133b064fd1c958fab3002f8c71f2c3defa8e
4a0701ca8e029595775a59c633028843379ebc9414a83afcaa2240139132a757
4cf9629a611589456b5df903d0d2b87a28b15a946543738136e016b9f3c8b0aa
4de6aa37bae9b7efcd76303b49c0f15e434b440975981d4be9e75aba36eb9d5c
4f4c5fa620bd245be09e70009b574dae6f8ba7577961102775110aae360fdea3
4f8c70a77335cf3b9f60977ba1c4da2859e5481b34062d466e0c213017774322
4f9b07388fd4eec45475232e3d995f09eef5f00812b1b22876e490dc0afd45a0
5044193094ef135401f64706b3d521c171daa1836213b7f80b8cf5627d5aa98f
518884c4e46f717721601a9a1afe4513d6d46a291838afe7c6c1b356be01131b
51e6be8c782f580e88dc99049a2bf5db2fb97466c765aebf882e6afbc71718bc
51f1f339040eade593d16f00c70a60234ca3b3a9ad3cd21f3ba5ffe029e158af
52a4174aa55978a1846baa16c1ba712736860d3cd7813ce02c4cf29cfd725d80
53a600571461a09b2ca02e1b0e82593ffb5e5ad4a66cefe6d74878a57183a18f
5441c6780fa6b62e157eb13a8367b7f9959748165f44dac5f5801f1d757a7637
56d04a13bf659677ae5a476a3f4209584d3629d646ccadcc2f2a2fe5fa92b9e8
5b377d44ecaf8106ff6754fa2fdcce5b1d023dd16190a8d47e5e110faf2de408
6071325d5fdc77b699e20dc166654a2e9d7cb755855b9ea1e9ebabcf2b28f9b6
6380f37936d3c8767337041921cf4ec8ae582dab5ef338f58d836b70110c0693
6a67975b648641f3f2022c7a625592c8c3344043c3046b4f8cf3c408f0870fee
6beb38392f9f8a6bbf681dc092494b309574d5e0c69bcdcd17422f4575d985ce
6f4ad9087c286b08b4c6f2a60962d76d9ba3846d555da66b13a243df7f1d6120
6f837cf6c2d778cbfbc03da0614d2f0924ce46a2fa1e4d6614c1815d87b746aa
719556bec7dafbfd72576372834e37d4f86405adde5eea095c7b1a3074fbaee1
759e31cee3635340abfcfc4f728a29ce8ac47984fbfce8af38a75853edeabc57
786e52a9d57ef18f791cca5ea2ffed046894b8cc2c125574c510937f00cbd290
78df3a3bee40af3f6540f96d6824db8b5953c0a45f7096a93ea6437752ca67e7
793483e49508a760325c716416c1e9f6b7152035b31c3643b59058429091a966
79e76054a915a88b4025e506065ef75118640d62bebde9859375066a9d9988eb
7ae5a6faaf9f8589aadd2c1fa1b2fd6718565ce33a61a28a8ab16ecf5923eb8d
7c37687f4d922f99388f7bde7f45ba6e8f6ecfe2f495d7892070177d844c721a
7e87b5a47979fbc9ba4f0cc0243876a525fbe786aab54250caecefd4349776be
80572359abd86093f06ed8545c298f4752f95f2df11b5937e0620c8130c8bdf8
830c3c6d9efda97e1f3e4139ea5fbe4ea3d87a9f5e13898a82def4ed28813938
859e64d2f612817509bd039aa936f2b96a37ed20a4a49476b3c92b3bfaffca2e
85ff5c7a6fbf36bfa9aee8863cc78625858ddcf7aa7bb72dcc9bb1c37143d86e
8766dc827b04fb252ac48dc42fed738729f2029b0feb9cac48feeb90fc3918a4
8954bf3bffcdb4efd2eafe1b90d738be0ebeaa7cf4804d448636a4f3c52da78a
8e14fdb73b730948314f5ab0b4a33ca7507c255390a1d51a6b443c0d87d8c1ac
8f36d76e02693afda7f0c75c352ca6ab1523244caa1be3e37a8a6ea98c0d9055
97bc24b2f0bad3a4d32f0cef262f9cf37027b2c9ca3eac3aab47c7af7b7723f2
987b92592f1176bd1b493a596cce091fac1a72919605bd41e52ee3b08d237164
995ab664df1b6786f8617eaca000f82aaa059dc71e69eb12210ac0c4914296bf
9c7f703c26d67ccae8b3ef845d4093c95bdfd36328880b918b0fa623eec30d18
a00b0b52b743bae21fca60389dca3864312fffc2beec0620b019005bcb2d9e65
a2c4e0937b33d5807f4e41355be976ec5abbcf0e5e439c01a195e813bb86cd04
a2e7abea7d171bdcbff93d18ca802ac913755f21559ebf5f79a3aaf7c86f78bc
a447a7fe7e17af44aaec10f90523a5d394f9d000488e73ea014d293ee2a46dc2
a4dad5ac119153a25b7e44b8e114b56cb2ce7d6dd05f57c69f51a58de090f7d5
ab4231fe9bbe8f00f7aa82889249f3a8d8974e88619c1aa0d193db474488e6a4
abbe6c5f1d598ef8fd3360adbd7f2e6d743d6641882987e66b79ae824d39ae45
abee834d608a0becb97289991030020bc410440ff81f7bacd781140779304012
ac414a2635be32ee05400de02dcb1b6f434a58e8303f7e26e2a6cf52b775c977
b389dd1e80955fb3d88335c582383da29f917bea2dce1b6de973b742638b5ff2
b47d2c83f9faa2b21b1bcf76bffee6b304359703853bfa74a25191bacda4992a
b4b97aa6e00d2b430dce11044c66da1e8b3b2a4c83e7f40f8b25f7f725adc451
b64b44447df426ca9f6688622d4ceddf3d6fa14cb41fa883c3eaed286e72f1c7
b7de192f6fa0342700d66bf1dcf4a2c92a3c225b8747fd1f37edf995572b82b3
bdf7e4ba4a269e3d5be41e0ba0370ded3d41e3f0a49192b39497f04c97f0e4c7
bef7b57c46c521cf0ecb46957551385e02fc3a07ce6146b30d33521c5c2dca5f
c04fd95767de034d0ecdad7c450e9138cd5ccf9dd1556beadcbc5ffc517764be
c0e505f7ccf54578354e15ef0166a856521f595dd27a5b117c133c7f7dceb4eb
c0ec1ae38fb8a7ac260c0dc224f49ed6f6f5ac90ac0cf3bd56120964a370bbd9
c1fd3032c777282725ada709d60f35f318918c14c168dc095e5cc979e723e8d7
c3270d3df35be42e08e1af7e4f73016d6ba12a89a9b929c5ca5b860b65fe2cc6
c4bc5a8a3ae5d93a7ab0a2fbba78156071993517299c728477b4949ef5daccc5
c67c88e8099198b9b429942704149b5052ddb5cf7ba84408487770c8e423deeb
c8710d82d25f8cfbdea7940b6b863bdfa60a171c554ec535ff4c66d841435fe3
cbf8dbae57f3ab99126f339a09d92b15d46368865af9f3cb8b7c7c47aa573c55
ce3d59e96d98a780acd828282f842f3e8ead070ebc0f449b135f10f004edee26
ce7a47a6e3b4a913c4ba6b218e7f0ef40d2d109133ef11e38070b8e4b9518db6
cf14222114de26b25828e9caf384f9980523c74e6e3b46363d8b40e311b8107c
d09f36d12e76a6589051942e078681cf2dc1d4b8bbf8f9735b4090fe9e0ae1b3
d5042b5ac5027e6da6626842d9ce878eddd3197b68876ffcf2253dc558b81b5e
d71a7b66180bd493706fa71cb25bccf0769f80e610c87ff1870cf2a57fa65179
d891d3c6bb7047ac8c2c53e3528b3733b8efa00200bdbedb9859399bb30f5212
dae8a93099e034182f578f6e99918c6d4c23b046a4f6eda0a532d8fae37471c4
df7a7a1d7b023fd2169efdd12501343edd25a575034314c11fc21c533b07e942
dfc20a845f0bbb97c9df1a2deb4f19d311a9f7e34320ea3b28b4e9b3771cec11
e3ee9464fc1d1cc18e23d7d66a16ce15df5b559dc03a714a591178c52785a618
e58e153a05e61173f9c1181f7f626ce24833c4574a3b8bd81b075941adc342cc
e7221b05e40ef25f61d9aaa09180194bd94babbf074a9055a3a5c3f28e3e1b98
eadd719b0a13599d07f120a579c4ef48e7a2f6461e456af4e73823f8e3ffaf07
efb6a0c653520124d07ccab0797e718ea26c19b69df0b82cf876390211fda33d
f149bb0905809a3aef284a23120e832250f9bb1f9e99f64e9eb51b16d86b5dc4
f3847e514e8dbb86d2cf29f80ee0a9222fe049e0d231a79075b6fffd4edc20ca
f43e5fb48ea7e23b5605db2300918f362a81f20d88871b30153ef9339d1474e6
f56170ed27e7664c779a9f4f9ac8855e35efb12b76cf2ba53864278d31d2da18
f596b1231fda7894d5eb4411f89083187d1e573fe873dc2e2a9bee18512b1230
f791e97c11c7b9aedd2278782e6809521a4746769d052b69410d2b97da9875d9
f8bb5a02df51f6b41844ca0cbc7d2bfa5e849e279c89307ec76bc16dd67a1df4
fb20a5aef9eb6e5bd8432a5c6aae596b964ff1bd0ab8e77f32510aadb05f2b0f
fc3dae357141e7ef06bc18aa26fc4ecb8dc6ba9c024c9b51d6ee1c04e9cdb100
fccf2502e026aa92b5b0588d8f5eb0d55bbdaf52370c914cf3e2c738d5a4c253
fedf364ea1ae9f6d1d0d006c9d2e69c73f3855e5ecd16a0e67d69ba64f8e98c5
※1 メールアーカイブにて検索が可能です。
※2 弊社で観測したすべての情報を掲載しております。
通信先一覧:(※3 ※4)
hxxp://atici[.]net/c/JDFDBMIz/
hxxp://balletmagazine[.]ro/wp-content/9VrMPV/
hxxp://domesticuif[.]co[.]za/libraries/nbnH9dpd/
hxxp://fisika[.]mipa[.]uns[.]ac[.]id/reseller/img/nRAvAgoY8Y/
hxxp://greycoconut[.]com/edm/71qUA/
hxxp://zonainformatica[.]es/tienda/XCHJmidSYTkE/
hxxps://akuntansi[.]itny[.]ac[.]id/asset/NH7qwRrn81Taa0VVqpx/
hxxps://atperson[.]com/campusvirtual/EOgFGo17w/
hxxps://bpsjambi[.]id/about/CcN5IbuInPQ/
hxxps://eliteturismo[.]com/phpmailer-old/dafdBxQONtk5Uf9dxll/
hxxps://greenlizard[.]co[.]za/amanah/pu8xeUOpqqq/
hxxps://www[.]yell[.]ge/nav_logo/x960wo3PHaIUm/
※3「i-FILTER」アクセスログを検索し端末を特定してください
※4 不要なアクセスを避けるため、一部変更しております。
■製品対応状況(※5)
▽m-FILTER
・偽装レベル2以上で隔離可能
・添付ファイル偽装判定(添付ファイルマクロ)で判定
▽i-FILTER(※6)
・[脅威情報サイト]カテゴリでブロック可能なよう対処済み
・ダウンロードフィルターでブロック可能
※5 ブロックの可否は各製品の設定によるため、実際の結果はアクセスログを参照してください。
※6 暗号化された通信の場合は、SSL Adapterの設定を「利用」にする必要があります。