Genel Bakış

HermeticWiper, Ukrayna'yı hedef aldı.

MalwareBazaar İstihbarat Verileri

Hash Örnekleri (İlk 50)

SHA256MD5İlk GörülmeTipBoyut
a64c3e0522fad787b95b... ffea1266b09abbf0... 2022-03-29 exe 117.000
2d29f9ca1d9089ba0399... 58d71fff346017cf... 2022-03-12 dll 122.632
3c557727953a8f6b4788... decc2726599edcae... 2022-02-28 exe 117.000
06086c1da4590dcc7f1e... f1a33b2be4c6215a... 2022-02-25 exe 117.032
2c10b2ec0b995b88c27d... 382fc1a3c5225fce... 2022-02-24 exe 117.000
0385eeab00e946a302b2... 84ba0197920fd3e2... 2022-02-24 exe 117.000
1bc44eef75779e3ca1ee... 3f4a16b29f2f0532... 2022-02-23 exe 117.000

IOC Özeti

  • Bu analiz 7 adet benzersiz HermeticWiper örneğini kapsar.
  • Toplam 14 hash IOC kayıt altına alındı.
  • Kampanya aktivitesi: 2022-02-23 ile 2022-03-29 arasında tespit edildi.

HermeticWiper — Malware Profile

HermeticWiper Ukrayna 2022 siber saldırısı. WNetAddConnection2W ağ sürücüsü silme. Hermetica Digital sertifikası.

Malware Type
Wiper
Programming Language
C
C2 Protocol
Target Systems
Windows

Capabilities & Behavior

Zararlı Yazılım Aktivitesi
Kalıcılık Mekanizması
C2 İletişimi
Anti-Analiz

IOC List (28 indicators)

IOC — HermeticWiper
# SHA256 a64c3e0522fad787b95bfb6a30c3aed1b5786e69e88e023c062ec7e5cebf4d3e # SHA256 2d29f9ca1d9089ba0399661bb34ba2fd8aba117f04678cd71856d5894aa7150b # SHA256 3c557727953a8f6b4788984464fb77741b821991acbf5e746aebdd02615b1767 # SHA256 06086c1da4590dcc7f1e10a6be3431e1166286a9e7761f2de9de79d7fda9c397 # SHA256 2c10b2ec0b995b88c27d141d6f7b14d6b8177c52818687e4ff8e6ecf53adf5bf # SHA256 0385eeab00e946a302b24a91dea4187c1210597b8e17cd9e2230450f5ece21da # SHA256 1bc44eef75779e3ca1eefb8ff5a64807dbc942b1e4a2672d77b9f6928d292591 # SHA256 a64c3e0522fad787b95bfb6a30c3aed1b5786e69e88e023c062ec7e5cebf4d3e # SHA256 2d29f9ca1d9089ba0399661bb34ba2fd8aba117f04678cd71856d5894aa7150b # SHA256 3c557727953a8f6b4788984464fb77741b821991acbf5e746aebdd02615b1767 # SHA256 06086c1da4590dcc7f1e10a6be3431e1166286a9e7761f2de9de79d7fda9c397 # SHA256 2c10b2ec0b995b88c27d141d6f7b14d6b8177c52818687e4ff8e6ecf53adf5bf # SHA256 0385eeab00e946a302b24a91dea4187c1210597b8e17cd9e2230450f5ece21da # SHA256 1bc44eef75779e3ca1eefb8ff5a64807dbc942b1e4a2672d77b9f6928d292591 # MD5 ffea1266b09abbf0ceb59119746d8630 # MD5 58d71fff346017cf8311120c69c9946a # MD5 decc2726599edcae8d1d1d0ca99d83a6 # MD5 f1a33b2be4c6215a1c39b45e391a3e85 # MD5 382fc1a3c5225fceb672eea13f572a38 # MD5 84ba0197920fd3e2b7dfa719fee09d2f # MD5 3f4a16b29f2f0532b7ce3e7656799125 # MD5 ffea1266b09abbf0ceb59119746d8630 # MD5 58d71fff346017cf8311120c69c9946a # MD5 decc2726599edcae8d1d1d0ca99d83a6 # MD5 f1a33b2be4c6215a1c39b45e391a3e85 # MD5 382fc1a3c5225fceb672eea13f572a38 # MD5 84ba0197920fd3e2b7dfa719fee09d2f # MD5 3f4a16b29f2f0532b7ce3e7656799125
TypeValueNote
sha256 a64c3e0522fad787b95bfb6a30c3aed1b5786e69e88e023c062ec7e5cebf4d3e MB:HermeticWiper
sha256 2d29f9ca1d9089ba0399661bb34ba2fd8aba117f04678cd71856d5894aa7150b MB:HermeticWiper
sha256 3c557727953a8f6b4788984464fb77741b821991acbf5e746aebdd02615b1767 MB:HermeticWiper
sha256 06086c1da4590dcc7f1e10a6be3431e1166286a9e7761f2de9de79d7fda9c397 MB:HermeticWiper
sha256 2c10b2ec0b995b88c27d141d6f7b14d6b8177c52818687e4ff8e6ecf53adf5bf MB:HermeticWiper
sha256 0385eeab00e946a302b24a91dea4187c1210597b8e17cd9e2230450f5ece21da MB:HermeticWiper
sha256 1bc44eef75779e3ca1eefb8ff5a64807dbc942b1e4a2672d77b9f6928d292591 MB:HermeticWiper
sha256 a64c3e0522fad787b95bfb6a30c3aed1b5786e69e88e023c062ec7e5cebf4d3e MB:HermeticWiper
sha256 2d29f9ca1d9089ba0399661bb34ba2fd8aba117f04678cd71856d5894aa7150b MB:HermeticWiper
sha256 3c557727953a8f6b4788984464fb77741b821991acbf5e746aebdd02615b1767 MB:HermeticWiper
sha256 06086c1da4590dcc7f1e10a6be3431e1166286a9e7761f2de9de79d7fda9c397 MB:HermeticWiper
sha256 2c10b2ec0b995b88c27d141d6f7b14d6b8177c52818687e4ff8e6ecf53adf5bf MB:HermeticWiper
sha256 0385eeab00e946a302b24a91dea4187c1210597b8e17cd9e2230450f5ece21da MB:HermeticWiper
sha256 1bc44eef75779e3ca1eefb8ff5a64807dbc942b1e4a2672d77b9f6928d292591 MB:HermeticWiper
md5 ffea1266b09abbf0ceb59119746d8630 MB:HermeticWiper
md5 58d71fff346017cf8311120c69c9946a MB:HermeticWiper
md5 decc2726599edcae8d1d1d0ca99d83a6 MB:HermeticWiper
md5 f1a33b2be4c6215a1c39b45e391a3e85 MB:HermeticWiper
md5 382fc1a3c5225fceb672eea13f572a38 MB:HermeticWiper
md5 84ba0197920fd3e2b7dfa719fee09d2f MB:HermeticWiper
md5 3f4a16b29f2f0532b7ce3e7656799125 MB:HermeticWiper
md5 ffea1266b09abbf0ceb59119746d8630 MB:HermeticWiper
md5 58d71fff346017cf8311120c69c9946a MB:HermeticWiper
md5 decc2726599edcae8d1d1d0ca99d83a6 MB:HermeticWiper
md5 f1a33b2be4c6215a1c39b45e391a3e85 MB:HermeticWiper
md5 382fc1a3c5225fceb672eea13f572a38 MB:HermeticWiper
md5 84ba0197920fd3e2b7dfa719fee09d2f MB:HermeticWiper
md5 3f4a16b29f2f0532b7ce3e7656799125 MB:HermeticWiper
Tags
bulkiocmalwarebazaarwiperhermeticwiper