ハニーポット観察日記としての定期アウトプットです。
観察期間:2019年 02月23日 00:00:00 - 2019年03月01日 23:59:59
CVE
| CVE | 検知した回数 | 前回比 |
|---|---|---|
| CVE-2005-4050 | 63 | +21 |
| CVE-2010-3055 | 31 | +31 |
| CVE-2014-0160 | 12 | -14 |
| CVE-2017-7269 | 7 | +6 |
攻撃種別
| 攻撃種別 | カウント数 | % | 前回カウント数 |
|---|---|---|---|
| known attacker | 63012 | 90.72% | 69310 |
| bad reputation | 6193 | 8.92% | 3422 |
| 合計 | 69458 | ||
| 平均(集計2018年11月〜) | 50641.5回 |
マルウェア
Cowrie
Total: 14
| ファイル名 | 取得日時 | タイプ | 検出率 |
|---|---|---|---|
| b33b30c3c... | 2019/02/23 10:51:08 | Bourne-Again shell script executable (binary data) | 28/57 |
| tmpzWD0w7 | 2019/02/23 14:39:13 | ELF 32-bit LSB executable | 37/59 |
| tmpa9ZYZv | 2019/02/24 02:54:53 | ELF 32-bit LSB executable | 33/52 |
| tmpHWxCwh | 2019/02/24 13:54:48 | ELF 32-bit LSB executable | 33/52 |
| tmpNv_ar2 | 2019/02/24 21:52:50 | ELF 32-bit LSB executable | 33/52 |
| tmpi21dkf | 2019/02/25 01:03:14 | ELF 32-bit LSB executable | 33/52 |
| tmpXFo2Ak | 2019/02/25 14:10:56 | ELF 32-bit LSB executable | 40/56 |
| tmpeB8Pdf | 2019/02/25 20:44:54 | ELF 32-bit LSB executable | 40/56 |
| tmpizsYtL | 2019/02/26 03:29:51 | ELF 32-bit LSB executable | 34/51 |
| tmpXl9f0W | 2019/02/26 14:47:55 | ELF 32-bit LSB executable | 34/51 |
| tmpe4Xzpu | 2019/02/26 20:27:04 | ELF 32-bit LSB executable | 34/51 |
| tmpLwQg_d | 2019/02/27 03:44:30 | ELF 32-bit LSB executable | 33/52 |
| tmpOxCd2U | 2019/02/27 22:54:38 | ELF 32-bit LSB executable | 33/52 |
| tmpf1Jc54 | 2019/02/28 03:29:28 | ELF 32-bit LSB executable | 33/52 |
Dionaea
Total: 81
| ファイル名 | 取得日時 | タイプ | 検出率 |
|---|---|---|---|
| 3980b8e10... | 2019/02/23 02:51:16 | PE32 executable (DLL) (GUI) Intel 80386 | 56/66 |
| 48eb7351a... | 2019/02/23 04:58:54 | PE32 executable (DLL) (GUI) Intel 80386 | 51/63 |
| ddc2dde72... | 2019/02/23 05:10:28 | PE32 executable (DLL) (GUI) Intel 80386 | 57/69 |
| 89d78e462... | 2019/02/23 08:02:21 | PE32 executable (DLL) (GUI) Intel 80386 | - |
| 603896b96... | 2019/02/23 10:18:57 | PE32 executable (DLL) (GUI) Intel 80386 | 55/66 |
| ce223b231... | 2019/02/23 11:44:14 | PE32 executable (DLL) (GUI) Intel 80386 | 61/68 |
| 8961631f1... | 2019/02/23 12:37:28 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
| fcb6b0f95... | 2019/02/23 16:59:08 | PE32 executable (DLL) (GUI) Intel 80386 | 54/62 |
| 82b60f47d... | 2019/02/23 18:29:41 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
| 45735a816... | 2019/02/23 18:45:55 | PE32 executable (DLL) (GUI) Intel 80386 | 55/68 |
| e49594ffa... | 2019/02/23 19:57:27 | PE32 executable (DLL) (GUI) Intel 80386 | 55/64 |
| dfac55e67... | 2019/02/23 20:08:06 | PE32 executable (DLL) (GUI) Intel 80386 | 53/62 |
| d58fef514... | 2019/02/23 21:28:48 | PE32 executable (DLL) (GUI) Intel 80386 | 54/65 |
| 2ff4c077f... | 2019/02/23 21:43:53 | PE32 executable (DLL) (GUI) Intel 80386 | 58/70 |
| d245da9a3... | 2019/02/23 23:40:48 | PE32 executable (DLL) (GUI) Intel 80386 | 57/70 |
| 2fc2099f3... | 2019/02/23 23:50:01 | PE32 executable (DLL) (GUI) Intel 80386 | 56/67 |
| 8b7e2b059... | 2019/02/24 01:31:25 | PE32 executable (DLL) (GUI) Intel 80386 | 52/65 |
| e8feae1b8... | 2019/02/24 08:48:57 | PE32 executable (DLL) (GUI) Intel 80386 | 43/61 |
| 64e25bd93... | 2019/02/24 10:23:32 | PE32 executable (DLL) (GUI) Intel 80386 | 54/67 |
| 363d9a90f... | 2019/02/24 11:01:12 | PE32 executable (DLL) (GUI) Intel 80386 | 52/62 |
| 0830d2de6... | 2019/02/24 14:27:21 | PE32 executable (DLL) (GUI) Intel 80386 | 59/68 |
| 59b5090fa... | 2019/02/24 14:51:17 | PE32 executable (DLL) (GUI) Intel 80386 | 54/64 |
| 1ecd3e839... | 2019/02/24 18:00:10 | PE32 executable (DLL) (GUI) Intel 80386 | 60/70 |
| 917622dd2... | 2019/02/24 22:06:37 | PE32 executable (DLL) (GUI) Intel 80386 | 59/68 |
| f0e4df1d5... | 2019/02/25 00:00:37 | PE32 executable (DLL) (GUI) Intel 80386 | 51/61 |
| 9b7305c52... | 2019/02/25 01:37:33 | PE32 executable (DLL) (GUI) Intel 80386 | 60/71 |
| 5a9e809ef... | 2019/02/25 05:04:28 | PE32 executable (DLL) (GUI) Intel 80386 | 57/68 |
| 6463693e6... | 2019/02/25 05:52:39 | PE32 executable (DLL) (GUI) Intel 80386 | 55/64 |
| ed39402aa... | 2019/02/25 05:58:30 | PE32 executable (DLL) (GUI) Intel 80386 | 54/64 |
| 2f76b88b4... | 2019/02/25 09:46:47 | PE32 executable (DLL) (GUI) Intel 80386 | 52/61 |
| 3ed938168... | 2019/02/25 10:13:56 | PE32 executable (DLL) (GUI) Intel 80386 | 54/64 |
| 0bcc252b7... | 2019/02/25 12:30:08 | PE32 executable (DLL) (GUI) Intel 80386 | 56/67 |
| aa7d98d15... | 2019/02/25 13:00:36 | PE32 executable (DLL) (GUI) Intel 80386 | 52/63 |
| 414c138ca... | 2019/02/25 14:50:13 | PE32 executable (DLL) (GUI) Intel 80386 | 59/68 |
| 6e72ad805... | 2019/02/25 16:04:15 | PE32 executable (DLL) (GUI) Intel 80386 | 47/58 |
| 831e8a827... | 2019/02/25 16:05:42 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
| 582443895... | 2019/02/25 16:30:36 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
| 01bdc6fb0... | 2019/02/25 16:32:01 | PE32 executable (DLL) (GUI) Intel 80386 | 54/62 |
| 0f2ee8f0e... | 2019/02/25 17:35:56 | PE32 executable (DLL) (GUI) Intel 80386 | 48/65 |
| a7870709f... | 2019/02/25 17:36:45 | PE32 executable (DLL) (GUI) Intel 80386 | 58/68 |
| 7c7262d9e... | 2019/02/25 18:22:16 | PE32 executable (DLL) (GUI) Intel 80386 | 55/65 |
| d8730841f... | 2019/02/25 18:51:21 | PE32 executable (DLL) (GUI) Intel 80386 | 53/62 |
| cab929e1c... | 2019/02/25 22:30:54 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
| d73547899... | 2019/02/26 01:23:05 | PE32 executable (DLL) (GUI) Intel 80386 | 54/64 |
| 6350f8da9... | 2019/02/26 01:59:33 | PE32 executable (DLL) (GUI) Intel 80386 | 54/63 |
| cf4f46336... | 2019/02/26 07:52:41 | PE32 executable (DLL) (GUI) Intel 80386 | 56/65 |
| 2d47fce65... | 2019/02/26 08:56:41 | PE32 executable (DLL) (GUI) Intel 80386 | 57/66 |
| daf7e72c1... | 2019/02/26 13:16:19 | PE32 executable (DLL) (GUI) Intel 80386 | 53/63 |
| 3553aeb71... | 2019/02/26 15:23:44 | PE32 executable (DLL) (GUI) Intel 80386 | 53/62 |
| 8e0650ea0... | 2019/02/26 16:01:35 | PE32 executable (DLL) (GUI) Intel 80386 | 58/69 |
| 0ab9a60a5... | 2019/02/26 16:26:37 | PE32 executable (DLL) (GUI) Intel 80386 | 59/68 |
| 3213836af... | 2019/02/26 18:40:13 | PE32 executable (DLL) (GUI) Intel 80386 | 56/68 |
| cd99e5e4f... | 2019/02/26 18:44:49 | PE32 executable (DLL) (GUI) Intel 80386 | 53/61 |
| 8c3ac09b9... | 2019/02/26 18:46:45 | PE32 executable (DLL) (GUI) Intel 80386 | 55/64 |
| b401240ef... | 2019/02/26 19:52:51 | PE32 executable (DLL) (GUI) Intel 80386 | 55/70 |
| 5818d137c... | 2019/02/26 20:33:31 | PE32 executable (DLL) (GUI) Intel 80386 | 51/62 |
| 24899e33d... | 2019/02/26 20:46:56 | PE32 executable (DLL) (GUI) Intel 80386 | 48/69 |
| e6a15cdbf... | 2019/02/26 20:55:33 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
| 08f7b9282... | 2019/02/26 21:43:23 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
| c16edec91... | 2019/02/26 22:23:49 | PE32 executable (DLL) (GUI) Intel 80386 | 53/64 |
| 50b93e08b... | 2019/02/26 23:24:35 | PE32 executable (DLL) (GUI) Intel 80386 | 55/66 |
| 54dd9593f... | 2019/02/27 00:49:52 | PE32 executable (DLL) (GUI) Intel 80386 | 53/65 |
| 51dfc5672... | 2019/02/27 01:08:24 | PE32 executable (DLL) (GUI) Intel 80386 | 58/69 |
| d31d25eed... | 2019/02/27 02:26:42 | PE32 executable (DLL) (GUI) Intel 80386 | 54/65 |
| 3062df26e... | 2019/02/27 04:01:32 | PE32 executable (DLL) (GUI) Intel 80386 | 46/64 |
| 00c9e54f5... | 2019/02/27 10:07:33 | PE32 executable (DLL) (GUI) Intel 80386 | 58/67 |
| 44ade454a... | 2019/02/27 11:39:29 | PE32 executable (DLL) (GUI) Intel 80386 | 59/68 |
| 033f9150e... | 2019/02/27 14:36:31 | PE32 executable (DLL) (GUI) Intel 80386 | 54/63 |
| 2cc3370d2... | 2019/02/27 15:48:02 | PE32 executable (DLL) (GUI) Intel 80386 | 55/66 |
| af776d0e7... | 2019/02/27 15:59:13 | PE32 executable (DLL) (GUI) Intel 80386 | 41/65 |
| bdcaf7ef3... | 2019/02/27 17:15:53 | PE32 executable (DLL) (GUI) Intel 80386 | 54/62 |
| 494753ed4... | 2019/02/27 18:01:18 | PE32 executable (DLL) (GUI) Intel 80386 | 59/70 |
| ce494e90f... | 2019/02/27 23:36:45 | PE32 executable (DLL) (GUI) Intel 80386 | 51/61 |
| aa718a028... | 2019/02/27 23:48:17 | PE32 executable (DLL) (GUI) Intel 80386 | 53/62 |
| 6746499a8... | 2019/02/28 05:04:18 | PE32 executable (DLL) (GUI) Intel 80386 | 54/65 |
| 733abfcc3... | 2019/02/28 08:44:31 | PE32 executable (DLL) (GUI) Intel 80386 | 58/69 |
| 4379e5e67... | 2019/02/28 11:44:11 | PE32 executable (DLL) (GUI) Intel 80386 | 60/69 |
| 5c83a3b84... | 2019/02/28 11:45:26 | PE32 executable (DLL) (GUI) Intel 80386 | 55/68 |
| e9d1ba0ee... | 2019/02/28 14:46:06 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
| ad7134b92... | 2019/02/28 16:05:01 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
| da2506e63... | 2019/03/01 00:35:42 | PE32 executable (DLL) (GUI) Intel 80386 | 60/69 |
所感
観察項目を増やしたいのだが、何を増やせばいいのだろうか。 ハニーポットの観察日誌も単純労働になってきたから、そろそろ解析というか、分析らしい分析を行いたい。
