Genel Bakış
HermeticWiper, Ukrayna'yı hedef aldı.
MalwareBazaar İstihbarat Verileri
Hash Örnekleri (İlk 50)
| SHA256 | MD5 | İlk Görülme | Tip | Boyut |
|---|---|---|---|---|
| a64c3e0522fad787b95b... | ffea1266b09abbf0... | 2022-03-29 | exe | 117.000 |
| 2d29f9ca1d9089ba0399... | 58d71fff346017cf... | 2022-03-12 | dll | 122.632 |
| 3c557727953a8f6b4788... | decc2726599edcae... | 2022-02-28 | exe | 117.000 |
| 06086c1da4590dcc7f1e... | f1a33b2be4c6215a... | 2022-02-25 | exe | 117.032 |
| 2c10b2ec0b995b88c27d... | 382fc1a3c5225fce... | 2022-02-24 | exe | 117.000 |
| 0385eeab00e946a302b2... | 84ba0197920fd3e2... | 2022-02-24 | exe | 117.000 |
| 1bc44eef75779e3ca1ee... | 3f4a16b29f2f0532... | 2022-02-23 | exe | 117.000 |
IOC Özeti
- Bu analiz 7 adet benzersiz HermeticWiper örneğini kapsar.
- Toplam 14 hash IOC kayıt altına alındı.
- Kampanya aktivitesi: 2022-02-23 ile 2022-03-29 arasında tespit edildi.
HermeticWiper — Malware Profile
HermeticWiper Ukrayna 2022 siber saldırısı. WNetAddConnection2W ağ sürücüsü silme. Hermetica Digital sertifikası.
Malware Type
Wiper
Programming Language
C
C2 Protocol
—
Target Systems
Windows
Capabilities & Behavior
Zararlı Yazılım Aktivitesi
Kalıcılık Mekanizması
C2 İletişimi
Anti-Analiz
IOC List (28 indicators)
IOC — HermeticWiper
# SHA256
a64c3e0522fad787b95bfb6a30c3aed1b5786e69e88e023c062ec7e5cebf4d3e
# SHA256
2d29f9ca1d9089ba0399661bb34ba2fd8aba117f04678cd71856d5894aa7150b
# SHA256
3c557727953a8f6b4788984464fb77741b821991acbf5e746aebdd02615b1767
# SHA256
06086c1da4590dcc7f1e10a6be3431e1166286a9e7761f2de9de79d7fda9c397
# SHA256
2c10b2ec0b995b88c27d141d6f7b14d6b8177c52818687e4ff8e6ecf53adf5bf
# SHA256
0385eeab00e946a302b24a91dea4187c1210597b8e17cd9e2230450f5ece21da
# SHA256
1bc44eef75779e3ca1eefb8ff5a64807dbc942b1e4a2672d77b9f6928d292591
# SHA256
a64c3e0522fad787b95bfb6a30c3aed1b5786e69e88e023c062ec7e5cebf4d3e
# SHA256
2d29f9ca1d9089ba0399661bb34ba2fd8aba117f04678cd71856d5894aa7150b
# SHA256
3c557727953a8f6b4788984464fb77741b821991acbf5e746aebdd02615b1767
# SHA256
06086c1da4590dcc7f1e10a6be3431e1166286a9e7761f2de9de79d7fda9c397
# SHA256
2c10b2ec0b995b88c27d141d6f7b14d6b8177c52818687e4ff8e6ecf53adf5bf
# SHA256
0385eeab00e946a302b24a91dea4187c1210597b8e17cd9e2230450f5ece21da
# SHA256
1bc44eef75779e3ca1eefb8ff5a64807dbc942b1e4a2672d77b9f6928d292591
# MD5
ffea1266b09abbf0ceb59119746d8630
# MD5
58d71fff346017cf8311120c69c9946a
# MD5
decc2726599edcae8d1d1d0ca99d83a6
# MD5
f1a33b2be4c6215a1c39b45e391a3e85
# MD5
382fc1a3c5225fceb672eea13f572a38
# MD5
84ba0197920fd3e2b7dfa719fee09d2f
# MD5
3f4a16b29f2f0532b7ce3e7656799125
# MD5
ffea1266b09abbf0ceb59119746d8630
# MD5
58d71fff346017cf8311120c69c9946a
# MD5
decc2726599edcae8d1d1d0ca99d83a6
# MD5
f1a33b2be4c6215a1c39b45e391a3e85
# MD5
382fc1a3c5225fceb672eea13f572a38
# MD5
84ba0197920fd3e2b7dfa719fee09d2f
# MD5
3f4a16b29f2f0532b7ce3e7656799125
| Type | Value | Note |
|---|---|---|
| sha256 | a64c3e0522fad787b95bfb6a30c3aed1b5786e69e88e023c062ec7e5cebf4d3e | MB:HermeticWiper |
| sha256 | 2d29f9ca1d9089ba0399661bb34ba2fd8aba117f04678cd71856d5894aa7150b | MB:HermeticWiper |
| sha256 | 3c557727953a8f6b4788984464fb77741b821991acbf5e746aebdd02615b1767 | MB:HermeticWiper |
| sha256 | 06086c1da4590dcc7f1e10a6be3431e1166286a9e7761f2de9de79d7fda9c397 | MB:HermeticWiper |
| sha256 | 2c10b2ec0b995b88c27d141d6f7b14d6b8177c52818687e4ff8e6ecf53adf5bf | MB:HermeticWiper |
| sha256 | 0385eeab00e946a302b24a91dea4187c1210597b8e17cd9e2230450f5ece21da | MB:HermeticWiper |
| sha256 | 1bc44eef75779e3ca1eefb8ff5a64807dbc942b1e4a2672d77b9f6928d292591 | MB:HermeticWiper |
| sha256 | a64c3e0522fad787b95bfb6a30c3aed1b5786e69e88e023c062ec7e5cebf4d3e | MB:HermeticWiper |
| sha256 | 2d29f9ca1d9089ba0399661bb34ba2fd8aba117f04678cd71856d5894aa7150b | MB:HermeticWiper |
| sha256 | 3c557727953a8f6b4788984464fb77741b821991acbf5e746aebdd02615b1767 | MB:HermeticWiper |
| sha256 | 06086c1da4590dcc7f1e10a6be3431e1166286a9e7761f2de9de79d7fda9c397 | MB:HermeticWiper |
| sha256 | 2c10b2ec0b995b88c27d141d6f7b14d6b8177c52818687e4ff8e6ecf53adf5bf | MB:HermeticWiper |
| sha256 | 0385eeab00e946a302b24a91dea4187c1210597b8e17cd9e2230450f5ece21da | MB:HermeticWiper |
| sha256 | 1bc44eef75779e3ca1eefb8ff5a64807dbc942b1e4a2672d77b9f6928d292591 | MB:HermeticWiper |
| md5 | ffea1266b09abbf0ceb59119746d8630 | MB:HermeticWiper |
| md5 | 58d71fff346017cf8311120c69c9946a | MB:HermeticWiper |
| md5 | decc2726599edcae8d1d1d0ca99d83a6 | MB:HermeticWiper |
| md5 | f1a33b2be4c6215a1c39b45e391a3e85 | MB:HermeticWiper |
| md5 | 382fc1a3c5225fceb672eea13f572a38 | MB:HermeticWiper |
| md5 | 84ba0197920fd3e2b7dfa719fee09d2f | MB:HermeticWiper |
| md5 | 3f4a16b29f2f0532b7ce3e7656799125 | MB:HermeticWiper |
| md5 | ffea1266b09abbf0ceb59119746d8630 | MB:HermeticWiper |
| md5 | 58d71fff346017cf8311120c69c9946a | MB:HermeticWiper |
| md5 | decc2726599edcae8d1d1d0ca99d83a6 | MB:HermeticWiper |
| md5 | f1a33b2be4c6215a1c39b45e391a3e85 | MB:HermeticWiper |
| md5 | 382fc1a3c5225fceb672eea13f572a38 | MB:HermeticWiper |
| md5 | 84ba0197920fd3e2b7dfa719fee09d2f | MB:HermeticWiper |
| md5 | 3f4a16b29f2f0532b7ce3e7656799125 | MB:HermeticWiper |