ばぁどのハニーポット・うぉっちんぐ - 2019/02/09 ~ 2019/02/15 -
ハニーポット観察日記としての定期アウトプットです。
観察期間:2019年 02月09日 00:00:00 - 2019年02月15日 23:59:59
CVE
| CVE | 検知した回数 | 前回比 |
|---|---|---|
| CVE-2005-4050 | 64 | +48 |
| CVE-2014-0160 | 14 | +2 |
| CVE-2017-5638 | 5 | -4 |
| CVE-1999-0183 | 1 | +1 |
CVE-2014-0160が64回と大量検知されています。最近本当に多いな・・・何だろう。。。
攻撃種別
| 攻撃種別 | カウント数 | % | 前回カウント数 |
|---|---|---|---|
| known attacker | 38248 | 91.98% | 69244 |
| bad reputation | 3242 | 4.55% | 3315 |
| 合計 | 41583 | ||
| 平均(集計2018年11月〜) | 48424回 |
国データ
攻撃回数は平均値ですが、中国からの攻撃が控えめですね。 その代わり、アメリカとカナダからの攻撃が増えている模様。
時間毎のデータ
時間毎のデータを見ても、ダントツで中国ですが波がある攻撃。 アメリカ、カナダからは平均して攻撃が来ているのがわかるかなと思います。
マルウェア
Cowrie
Total: 13
| ファイル名 | 取得日時 | タイプ | 検出率 |
|---|---|---|---|
| tmp02WBJu | 2019/02/09 04:09:11 | ELF 32-bit LSB executable | 40/58 |
| tmpHBRX3n | 2019/02/09 19:57:07 | ELF 32-bit LSB executable | 40/58 |
| 84a9eb140... | 2019/02/09 21:40:12 | ASCII text | - |
| tmpIWZIAF | 2019/02/10 03:33:06 | ELF 32-bit LSB executable | 40/58 |
| b33b30c3c... | 2019/02/10 13:36:29 | Bourne-Again shell script executable (binary data) | 28/57 |
| tmpWY8agZ | 2019/02/10 19:56:00 | ELF 32-bit LSB executable | 39/57 |
| tmpzXq1Rc | 2019/02/11 03:31:29 | ELF 32-bit LSB executable | 40/57 |
| tmpcnKdsM | 2019/02/11 20:37:38 | ELF 32-bit LSB executable | 40/57 |
| tmpwbqTjl | 2019/02/12 03:58:50 | ELF 32-bit LSB executable | 39/58 |
| 365198ed4... | 2019/02/13 13:18:13 | ELF 64-bit LSB executable | 24/57 |
| 75ff6cc38... | 2019/02/13 13:18:14 | ASCII text | 14/58 |
| tmpKCCNo7 | 2019/02/13 21:13:56 | ELF 32-bit LSB executable | 38/57 |
| tmpWkmRcl | 2019/02/14 10:33:54 | ELF 32-bit LSB executable | 38/57 |
Dionaea
Total: 89
| ファイル名 | 取得日時 | タイプ | 検出率 |
|---|---|---|---|
| 541244c65... | 2019/02/09 00:18:19 | PE32 executable (DLL) (GUI) Intel 80386 | 61/69 |
| 7f97f07ac... | 2019/02/09 00:36:46 | PE32 executable (DLL) (GUI) Intel 80386 | 61/70 |
| b03fdcc63... | 2019/02/09 01:09:01 | PE32 executable (DLL) (GUI) Intel 80386 | 59/70 |
| 1a4004812... | 2019/02/09 02:21:05 | PE32 executable (DLL) (GUI) Intel 80386 | 61/69 |
| 62d1b072e... | 2019/02/09 02:56:03 | PE32 executable (DLL) (GUI) Intel 80386 | 59/70 |
| b8e73a1f5... | 2019/02/09 04:51:10 | PE32 executable (DLL) (GUI) Intel 80386 | 60/69 |
| 24899e33d... | 2019/02/09 05:28:01 | PE32 executable (DLL) (GUI) Intel 80386 | 48/69 |
| 235e9af4c... | 2019/02/09 07:02:29 | PE32 executable (DLL) (GUI) Intel 80386 | 50/69 |
| 3b9fa46d8... | 2019/02/09 09:57:45 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
| 32265c5c9... | 2019/02/09 10:39:19 | PE32 executable (DLL) (GUI) Intel 80386 | 58/69 |
| 9591bd448... | 2019/02/09 12:35:13 | PE32 executable (DLL) (GUI) Intel 80386 | 58/68 |
| 2f76b88b4... | 2019/02/09 13:56:32 | PE32 executable (DLL) (GUI) Intel 80386 | 57/68 |
| bdcaf7ef3... | 2019/02/09 19:18:14 | PE32 executable (DLL) (GUI) Intel 80386 | 58/68 |
| 7e6be27b0... | 2019/02/09 20:59:29 | PE32 executable (DLL) (GUI) Intel 80386 | 58/69 |
| e423662d2... | 2019/02/09 21:45:55 | PE32 executable (DLL) (GUI) Intel 80386 | 54/66 |
| c1b161c53... | 2019/02/09 23:34:33 | PE32 executable (DLL) (GUI) Intel 80386 | 56/68 |
| 0558bb78a... | 2019/02/09 23:46:28 | PE32 executable (DLL) (GUI) Intel 80386 | 47/62 |
| a48ca7b40... | 2019/02/10 01:00:30 | PE32 executable (DLL) (GUI) Intel 80386 | 57/66 |
| 6e72ad805... | 2019/02/10 01:05:37 | PE32 executable (DLL) (GUI) Intel 80386 | 60/69 |
| 48eb7351a... | 2019/02/10 06:49:54 | PE32 executable (DLL) (GUI) Intel 80386 | 57/69 |
| 8b88b25cf... | 2019/02/10 13:55:46 | PE32 executable (DLL) (GUI) Intel 80386 | 45/69 |
| b330e0ff7... | 2019/02/10 17:07:36 | PE32 executable (DLL) (GUI) Intel 80386 | - |
| 100be08d4... | 2019/02/10 17:59:45 | PE32 executable (DLL) (GUI) Intel 80386 | 58/69 |
| dfac55e67... | 2019/02/10 21:14:56 | PE32 executable (DLL) (GUI) Intel 80386 | 54/65 |
| 4845f662f... | 2019/02/10 22:32:29 | PE32 executable (DLL) (GUI) Intel 80386 | 60/70 |
| cd99e5e4f... | 2019/02/11 00:08:48 | PE32 executable (DLL) (GUI) Intel 80386 | 59/67 |
| 0f2ee8f0e... | 2019/02/11 06:03:12 | PE32 executable (DLL) (GUI) Intel 80386 | 53/70 |
| 3aa35ac7d... | 2019/02/11 14:46:45 | PE32 executable (DLL) (GUI) Intel 80386 | 57/69 |
| aa718a028... | 2019/02/11 16:57:47 | PE32 executable (DLL) (GUI) Intel 80386 | 58/69 |
| 07632dde8... | 2019/02/11 17:16:38 | PE32 executable (DLL) (GUI) Intel 80386 | 60/70 |
| 46f02af73... | 2019/02/11 17:37:49 | PE32 executable (DLL) (GUI) Intel 80386 | 58/69 |
| 5f4c11dd7... | 2019/02/11 20:06:55 | PE32 executable (DLL) (GUI) Intel 80386 | 47/70 |
| a4d49eaf6... | 2019/02/11 20:09:36 | PE32 executable (DLL) (GUI) Intel 80386 | 58/68 |
| a9097ff46... | 2019/02/11 20:22:39 | PE32 executable (DLL) (GUI) Intel 80386 | 59/68 |
| 135c4f212... | 2019/02/11 21:06:56 | PE32 executable (DLL) (GUI) Intel 80386 | 57/67 |
| 9a9df5a62... | 2019/02/12 00:42:20 | PE32 executable (DLL) (GUI) Intel 80386 | 59/67 |
| b8ed70b80... | 2019/02/12 01:00:50 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
| 6788f15f8... | 2019/02/12 02:03:38 | PE32 executable (DLL) (GUI) Intel 80386 | 61/70 |
| 4ac258937... | 2019/02/12 02:54:14 | PE32 executable (DLL) (GUI) Intel 80386 | 57/68 |
| b2115b413... | 2019/02/12 07:11:18 | PE32 executable (DLL) (GUI) Intel 80386 | 59/70 |
| 64416e602... | 2019/02/12 07:17:25 | PE32 executable (DLL) (GUI) Intel 80386 | 58/69 |
| aa7d98d15... | 2019/02/12 09:17:43 | PE32 executable (DLL) (GUI) Intel 80386 | 59/70 |
| 6633a1960... | 2019/02/12 09:25:32 | PE32 executable (DLL) (GUI) Intel 80386 | 58/68 |
| 68d5ce5a7... | 2019/02/12 10:19:27 | PE32 executable (DLL) (GUI) Intel 80386 | 57/68 |
| 95ae8e32e... | 2019/02/12 12:15:31 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
| 51f2a5be1... | 2019/02/12 12:58:28 | PE32 executable (DLL) (GUI) Intel 80386 | 55/69 |
| dbff8fcc3... | 2019/02/12 13:11:19 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
| 95b09bec9... | 2019/02/12 13:59:07 | PE32 executable (DLL) (GUI) Intel 80386 | 58/66 |
| da5eee93a... | 2019/02/12 14:28:34 | PE32 executable (DLL) (GUI) Intel 80386 | 59/68 |
| af76bbae1... | 2019/02/12 18:29:46 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
| 8777f97e5... | 2019/02/12 21:33:47 | PE32 executable (DLL) (GUI) Intel 80386 | 55/67 |
| 03c088c14... | 2019/02/12 21:55:33 | PE32 executable (DLL) (GUI) Intel 80386 | 59/68 |
| 135b1a4f3... | 2019/02/13 00:25:53 | PE32 executable (DLL) (GUI) Intel 80386 | 56/68 |
| fecedeedc... | 2019/02/13 01:01:45 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
| bb89c6a75... | 2019/02/13 03:11:08 | PE32 executable (DLL) (GUI) Intel 80386 | 50/66 |
| 095d83ee1... | 2019/02/13 04:04:32 | PE32 executable (DLL) (GUI) Intel 80386 | 60/69 |
| 33d373e26... | 2019/02/13 05:19:40 | PE32 executable (DLL) (GUI) Intel 80386 | 58/68 |
| bcbcbed38... | 2019/02/13 05:29:14 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
| a81e9f930... | 2019/02/13 07:16:10 | PE32 executable (DLL) (GUI) Intel 80386 | 58/68 |
| 0e3e5e700... | 2019/02/13 10:56:44 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
| b794a273d... | 2019/02/13 11:31:30 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
| 3a7ea4bb6... | 2019/02/13 12:06:12 | PE32 executable (DLL) (GUI) Intel 80386 | 58/69 |
| 4fbfa7542... | 2019/02/13 13:57:04 | PE32 executable (DLL) (GUI) Intel 80386 | 56/68 |
| 06d3c24fd... | 2019/02/13 14:03:50 | PE32 executable (DLL) (GUI) Intel 80386 | 60/70 |
| a34d8bd74... | 2019/02/13 14:11:12 | PE32 executable (DLL) (GUI) Intel 80386 | 60/69 |
| 1023e2f78... | 2019/02/13 15:22:40 | PE32 executable (DLL) (GUI) Intel 80386 | 57/68 |
| 4570af5ad... | 2019/02/13 16:25:33 | PE32 executable (DLL) (GUI) Intel 80386 | 57/69 |
| fe4e11212... | 2019/02/13 16:42:23 | PE32 executable (DLL) (GUI) Intel 80386 | 58/68 |
| 2de98404e... | 2019/02/13 17:20:36 | PE32 executable (DLL) (GUI) Intel 80386 | 57/67 |
| cf4f46336... | 2019/02/13 17:42:10 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
| 8c18d77a7... | 2019/02/13 17:55:28 | PE32 executable (DLL) (GUI) Intel 80386 | 57/66 |
| 5297a5b12... | 2019/02/13 18:55:52 | PE32 executable (DLL) (GUI) Intel 80386 | 61/69 |
| d88af4a1a... | 2019/02/13 19:24:48 | PE32 executable (DLL) (GUI) Intel 80386 | 60/69 |
| 54dd9593f... | 2019/02/13 23:48:08 | PE32 executable (DLL) (GUI) Intel 80386 | 56/66 |
| 6350f8da9... | 2019/02/14 01:55:31 | PE32 executable (DLL) (GUI) Intel 80386 | 59/70 |
| ef894d1c6... | 2019/02/14 01:55:35 | PE32 executable (DLL) (GUI) Intel 80386 | 59/68 |
| 5ed9fb8f2... | 2019/02/14 02:16:52 | PE32 executable (DLL) (GUI) Intel 80386 | 60/71 |
| 4d66125fb... | 2019/02/14 02:25:08 | PE32 executable (DLL) (GUI) Intel 80386 | 60/69 |
| e6005c6ca... | 2019/02/14 07:13:38 | PE32 executable (DLL) (GUI) Intel 80386 | 58/68 |
| 8ffe05214... | 2019/02/14 08:11:37 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
| e12d0c0ba... | 2019/02/14 09:39:05 | PE32 executable (DLL) (GUI) Intel 80386 | 58/68 |
| 364e2fe94... | 2019/02/14 09:46:21 | PE32 executable (DLL) (GUI) Intel 80386 | 55/65 |
| 0b1d61164... | 2019/02/14 10:28:25 | PE32 executable (DLL) (GUI) Intel 80386 | 58/69 |
| a3ae1be39... | 2019/02/14 16:14:20 | PE32 executable (DLL) (GUI) Intel 80386 | 48/64 |
| 05a57c133... | 2019/02/14 16:21:04 | PE32 executable (DLL) (GUI) Intel 80386 | 54/66 |
| e13c5a2cf... | 2019/02/14 18:23:36 | PE32 executable (DLL) (GUI) Intel 80386 | 58/68 |
| 3ce7baba1... | 2019/02/14 20:56:06 | PE32 executable (DLL) (GUI) Intel 80386 | 60/70 |
| 9a1ae1d49... | 2019/02/14 22:07:09 | PE32 executable (DLL) (GUI) Intel 80386 | 59/70 |
| e80648d21... | 2019/02/14 22:23:47 | PE32 executable (DLL) (GUI) Intel 80386 | 55/67 |
所感
アメリカ、カナダがトップ3に入ってきたのは初めてかも。 アジア圏以外行ったことないので、カナダ行ってみたいです(今日の解析結果関係ない感想)
