ハニーポット観察日記としての定期アウトプットです。
観察期間:2019年 02月23日 00:00:00 - 2019年03月01日 23:59:59
CVE
CVE | 検知した回数 | 前回比 |
---|---|---|
CVE-2005-4050 | 63 | +21 |
CVE-2010-3055 | 31 | +31 |
CVE-2014-0160 | 12 | -14 |
CVE-2017-7269 | 7 | +6 |
攻撃種別
攻撃種別 | カウント数 | % | 前回カウント数 |
---|---|---|---|
known attacker | 63012 | 90.72% | 69310 |
bad reputation | 6193 | 8.92% | 3422 |
合計 | 69458 | ||
平均(集計2018年11月〜) | 50641.5回 |
マルウェア
Cowrie
Total: 14
ファイル名 | 取得日時 | タイプ | 検出率 |
---|---|---|---|
b33b30c3c... | 2019/02/23 10:51:08 | Bourne-Again shell script executable (binary data) | 28/57 |
tmpzWD0w7 | 2019/02/23 14:39:13 | ELF 32-bit LSB executable | 37/59 |
tmpa9ZYZv | 2019/02/24 02:54:53 | ELF 32-bit LSB executable | 33/52 |
tmpHWxCwh | 2019/02/24 13:54:48 | ELF 32-bit LSB executable | 33/52 |
tmpNv_ar2 | 2019/02/24 21:52:50 | ELF 32-bit LSB executable | 33/52 |
tmpi21dkf | 2019/02/25 01:03:14 | ELF 32-bit LSB executable | 33/52 |
tmpXFo2Ak | 2019/02/25 14:10:56 | ELF 32-bit LSB executable | 40/56 |
tmpeB8Pdf | 2019/02/25 20:44:54 | ELF 32-bit LSB executable | 40/56 |
tmpizsYtL | 2019/02/26 03:29:51 | ELF 32-bit LSB executable | 34/51 |
tmpXl9f0W | 2019/02/26 14:47:55 | ELF 32-bit LSB executable | 34/51 |
tmpe4Xzpu | 2019/02/26 20:27:04 | ELF 32-bit LSB executable | 34/51 |
tmpLwQg_d | 2019/02/27 03:44:30 | ELF 32-bit LSB executable | 33/52 |
tmpOxCd2U | 2019/02/27 22:54:38 | ELF 32-bit LSB executable | 33/52 |
tmpf1Jc54 | 2019/02/28 03:29:28 | ELF 32-bit LSB executable | 33/52 |
Dionaea
Total: 81
ファイル名 | 取得日時 | タイプ | 検出率 |
---|---|---|---|
3980b8e10... | 2019/02/23 02:51:16 | PE32 executable (DLL) (GUI) Intel 80386 | 56/66 |
48eb7351a... | 2019/02/23 04:58:54 | PE32 executable (DLL) (GUI) Intel 80386 | 51/63 |
ddc2dde72... | 2019/02/23 05:10:28 | PE32 executable (DLL) (GUI) Intel 80386 | 57/69 |
89d78e462... | 2019/02/23 08:02:21 | PE32 executable (DLL) (GUI) Intel 80386 | - |
603896b96... | 2019/02/23 10:18:57 | PE32 executable (DLL) (GUI) Intel 80386 | 55/66 |
ce223b231... | 2019/02/23 11:44:14 | PE32 executable (DLL) (GUI) Intel 80386 | 61/68 |
8961631f1... | 2019/02/23 12:37:28 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
fcb6b0f95... | 2019/02/23 16:59:08 | PE32 executable (DLL) (GUI) Intel 80386 | 54/62 |
82b60f47d... | 2019/02/23 18:29:41 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
45735a816... | 2019/02/23 18:45:55 | PE32 executable (DLL) (GUI) Intel 80386 | 55/68 |
e49594ffa... | 2019/02/23 19:57:27 | PE32 executable (DLL) (GUI) Intel 80386 | 55/64 |
dfac55e67... | 2019/02/23 20:08:06 | PE32 executable (DLL) (GUI) Intel 80386 | 53/62 |
d58fef514... | 2019/02/23 21:28:48 | PE32 executable (DLL) (GUI) Intel 80386 | 54/65 |
2ff4c077f... | 2019/02/23 21:43:53 | PE32 executable (DLL) (GUI) Intel 80386 | 58/70 |
d245da9a3... | 2019/02/23 23:40:48 | PE32 executable (DLL) (GUI) Intel 80386 | 57/70 |
2fc2099f3... | 2019/02/23 23:50:01 | PE32 executable (DLL) (GUI) Intel 80386 | 56/67 |
8b7e2b059... | 2019/02/24 01:31:25 | PE32 executable (DLL) (GUI) Intel 80386 | 52/65 |
e8feae1b8... | 2019/02/24 08:48:57 | PE32 executable (DLL) (GUI) Intel 80386 | 43/61 |
64e25bd93... | 2019/02/24 10:23:32 | PE32 executable (DLL) (GUI) Intel 80386 | 54/67 |
363d9a90f... | 2019/02/24 11:01:12 | PE32 executable (DLL) (GUI) Intel 80386 | 52/62 |
0830d2de6... | 2019/02/24 14:27:21 | PE32 executable (DLL) (GUI) Intel 80386 | 59/68 |
59b5090fa... | 2019/02/24 14:51:17 | PE32 executable (DLL) (GUI) Intel 80386 | 54/64 |
1ecd3e839... | 2019/02/24 18:00:10 | PE32 executable (DLL) (GUI) Intel 80386 | 60/70 |
917622dd2... | 2019/02/24 22:06:37 | PE32 executable (DLL) (GUI) Intel 80386 | 59/68 |
f0e4df1d5... | 2019/02/25 00:00:37 | PE32 executable (DLL) (GUI) Intel 80386 | 51/61 |
9b7305c52... | 2019/02/25 01:37:33 | PE32 executable (DLL) (GUI) Intel 80386 | 60/71 |
5a9e809ef... | 2019/02/25 05:04:28 | PE32 executable (DLL) (GUI) Intel 80386 | 57/68 |
6463693e6... | 2019/02/25 05:52:39 | PE32 executable (DLL) (GUI) Intel 80386 | 55/64 |
ed39402aa... | 2019/02/25 05:58:30 | PE32 executable (DLL) (GUI) Intel 80386 | 54/64 |
2f76b88b4... | 2019/02/25 09:46:47 | PE32 executable (DLL) (GUI) Intel 80386 | 52/61 |
3ed938168... | 2019/02/25 10:13:56 | PE32 executable (DLL) (GUI) Intel 80386 | 54/64 |
0bcc252b7... | 2019/02/25 12:30:08 | PE32 executable (DLL) (GUI) Intel 80386 | 56/67 |
aa7d98d15... | 2019/02/25 13:00:36 | PE32 executable (DLL) (GUI) Intel 80386 | 52/63 |
414c138ca... | 2019/02/25 14:50:13 | PE32 executable (DLL) (GUI) Intel 80386 | 59/68 |
6e72ad805... | 2019/02/25 16:04:15 | PE32 executable (DLL) (GUI) Intel 80386 | 47/58 |
831e8a827... | 2019/02/25 16:05:42 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
582443895... | 2019/02/25 16:30:36 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
01bdc6fb0... | 2019/02/25 16:32:01 | PE32 executable (DLL) (GUI) Intel 80386 | 54/62 |
0f2ee8f0e... | 2019/02/25 17:35:56 | PE32 executable (DLL) (GUI) Intel 80386 | 48/65 |
a7870709f... | 2019/02/25 17:36:45 | PE32 executable (DLL) (GUI) Intel 80386 | 58/68 |
7c7262d9e... | 2019/02/25 18:22:16 | PE32 executable (DLL) (GUI) Intel 80386 | 55/65 |
d8730841f... | 2019/02/25 18:51:21 | PE32 executable (DLL) (GUI) Intel 80386 | 53/62 |
cab929e1c... | 2019/02/25 22:30:54 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
d73547899... | 2019/02/26 01:23:05 | PE32 executable (DLL) (GUI) Intel 80386 | 54/64 |
6350f8da9... | 2019/02/26 01:59:33 | PE32 executable (DLL) (GUI) Intel 80386 | 54/63 |
cf4f46336... | 2019/02/26 07:52:41 | PE32 executable (DLL) (GUI) Intel 80386 | 56/65 |
2d47fce65... | 2019/02/26 08:56:41 | PE32 executable (DLL) (GUI) Intel 80386 | 57/66 |
daf7e72c1... | 2019/02/26 13:16:19 | PE32 executable (DLL) (GUI) Intel 80386 | 53/63 |
3553aeb71... | 2019/02/26 15:23:44 | PE32 executable (DLL) (GUI) Intel 80386 | 53/62 |
8e0650ea0... | 2019/02/26 16:01:35 | PE32 executable (DLL) (GUI) Intel 80386 | 58/69 |
0ab9a60a5... | 2019/02/26 16:26:37 | PE32 executable (DLL) (GUI) Intel 80386 | 59/68 |
3213836af... | 2019/02/26 18:40:13 | PE32 executable (DLL) (GUI) Intel 80386 | 56/68 |
cd99e5e4f... | 2019/02/26 18:44:49 | PE32 executable (DLL) (GUI) Intel 80386 | 53/61 |
8c3ac09b9... | 2019/02/26 18:46:45 | PE32 executable (DLL) (GUI) Intel 80386 | 55/64 |
b401240ef... | 2019/02/26 19:52:51 | PE32 executable (DLL) (GUI) Intel 80386 | 55/70 |
5818d137c... | 2019/02/26 20:33:31 | PE32 executable (DLL) (GUI) Intel 80386 | 51/62 |
24899e33d... | 2019/02/26 20:46:56 | PE32 executable (DLL) (GUI) Intel 80386 | 48/69 |
e6a15cdbf... | 2019/02/26 20:55:33 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
08f7b9282... | 2019/02/26 21:43:23 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
c16edec91... | 2019/02/26 22:23:49 | PE32 executable (DLL) (GUI) Intel 80386 | 53/64 |
50b93e08b... | 2019/02/26 23:24:35 | PE32 executable (DLL) (GUI) Intel 80386 | 55/66 |
54dd9593f... | 2019/02/27 00:49:52 | PE32 executable (DLL) (GUI) Intel 80386 | 53/65 |
51dfc5672... | 2019/02/27 01:08:24 | PE32 executable (DLL) (GUI) Intel 80386 | 58/69 |
d31d25eed... | 2019/02/27 02:26:42 | PE32 executable (DLL) (GUI) Intel 80386 | 54/65 |
3062df26e... | 2019/02/27 04:01:32 | PE32 executable (DLL) (GUI) Intel 80386 | 46/64 |
00c9e54f5... | 2019/02/27 10:07:33 | PE32 executable (DLL) (GUI) Intel 80386 | 58/67 |
44ade454a... | 2019/02/27 11:39:29 | PE32 executable (DLL) (GUI) Intel 80386 | 59/68 |
033f9150e... | 2019/02/27 14:36:31 | PE32 executable (DLL) (GUI) Intel 80386 | 54/63 |
2cc3370d2... | 2019/02/27 15:48:02 | PE32 executable (DLL) (GUI) Intel 80386 | 55/66 |
af776d0e7... | 2019/02/27 15:59:13 | PE32 executable (DLL) (GUI) Intel 80386 | 41/65 |
bdcaf7ef3... | 2019/02/27 17:15:53 | PE32 executable (DLL) (GUI) Intel 80386 | 54/62 |
494753ed4... | 2019/02/27 18:01:18 | PE32 executable (DLL) (GUI) Intel 80386 | 59/70 |
ce494e90f... | 2019/02/27 23:36:45 | PE32 executable (DLL) (GUI) Intel 80386 | 51/61 |
aa718a028... | 2019/02/27 23:48:17 | PE32 executable (DLL) (GUI) Intel 80386 | 53/62 |
6746499a8... | 2019/02/28 05:04:18 | PE32 executable (DLL) (GUI) Intel 80386 | 54/65 |
733abfcc3... | 2019/02/28 08:44:31 | PE32 executable (DLL) (GUI) Intel 80386 | 58/69 |
4379e5e67... | 2019/02/28 11:44:11 | PE32 executable (DLL) (GUI) Intel 80386 | 60/69 |
5c83a3b84... | 2019/02/28 11:45:26 | PE32 executable (DLL) (GUI) Intel 80386 | 55/68 |
e9d1ba0ee... | 2019/02/28 14:46:06 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
ad7134b92... | 2019/02/28 16:05:01 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
da2506e63... | 2019/03/01 00:35:42 | PE32 executable (DLL) (GUI) Intel 80386 | 60/69 |
所感
観察項目を増やしたいのだが、何を増やせばいいのだろうか。 ハニーポットの観察日誌も単純労働になってきたから、そろそろ解析というか、分析らしい分析を行いたい。