ハニーポット観察日記としての定期アウトプットです。
観察期間:2019年 03月09日 00:00:00 - 2019年03月15日 23:59:59
CVE
| CVE | 検知した回数 | 前回比 |
|---|---|---|
| CVE-2005-4050 | 49 | -36 |
| CVE-2014-0160 | 12 | -6 |
| CVE-2017-7269 | 12 | +9 |
| CVE-2010-3055 | 12 | -19 |
| CVE-1999-0427 | 12 | +12 |
| CVE-2000-0630 | 12 | +12 |
| CVE-2010-0569 | 8 | +8 |
| CVE-2000-0071 | 6 | +6 |
| CVE-2003-0818 | 5 | +2 |
初観測のCVE
攻撃種別
| 攻撃種別 | カウント数 | % | 前回カウント数 |
|---|---|---|---|
| known attacker | 42138 | 90.25% | 57324 |
| bad reputation | 3392 | 7.26% | 3864 |
| tor exit know | 1082 | 2.32% | - |
| 合計 | 46690 | ||
| 平均(集計2018年11月〜) | 51034.5回 |
マルウェア
Cowrie
Total: 28
| ファイル名 | 取得日時 | タイプ | 検出率 |
|---|---|---|---|
| tmpWbeF7G | 2019/03/08 03:30:00 | ELF 32-bit LSB executable | 40/59 |
| b01ae8eba... | 2019/03/08 06:26:15 | ASCII text | 0/57 |
| 20ceeed36... | 2019/03/08 06:26:15 | ASCII text | 0/55 |
| d660d1120... | 2019/03/08 06:26:15 | ASCII text | 0/39 |
| 8779e030c... | 2019/03/08 06:26:15 | ASCII text | 0/57 |
| 512893f96... | 2019/03/08 06:26:15 | ASCII text | 0/55 |
| 5ab400ec0... | 2019/03/08 06:26:15 | ASCII text | 0/57 |
| f6426a2b8... | 2019/03/08 06:26:15 | ASCII text | 0/58 |
| d1858ce41... | 2019/03/08 06:26:15 | ASCII text | 0/55 |
| b33b30c3c... | 2019/03/08 10:08:11 | Bourne-Again shell script executable (binary data) | 28/57 |
| tmpCS2rix | 2019/03/09 01:52:25 | ELF 32-bit LSB executable | 36/54 |
| 0293300dd... | 2019/03/09 04:33:40 | ASCII text | 0/55 |
| tmp_hpAtg | 2019/03/09 15:11:45 | ELF 32-bit LSB executable | 36/54 |
| tmpvBqumq | 2019/03/10 01:19:03 | ELF 32-bit LSB executable | 36/54 |
| tmpmEhlOf | 2019/03/10 13:28:48 | ELF 32-bit LSB executable | 40/59 |
| tmpjSmU_k | 2019/03/11 14:43:40 | ELF 32-bit LSB executable | 38/55 |
| tmpoPCb0_ | 2019/03/11 19:46:49 | ELF 32-bit LSB executable | 38/55 |
| tmpe1xz0m | 2019/03/12 03:05:35 | ELF 32-bit LSB executable | 38/59 |
| tmpoQ9y3I | 2019/03/12 20:08:50 | ELF 32-bit LSB executable | 38/59 |
| tmp8gv7sj | 2019/03/13 04:01:02 | ELF 32-bit LSB executable | 40/59 |
| tmpGMmT3E | 2019/03/13 19:42:17 | ELF 32-bit LSB executable | 40/59 |
| tmpMYku8e | 2019/03/14 03:29:05 | ELF 32-bit LSB executable | 38/55 |
| tmpQq4cPl | 2019/03/14 19:24:21 | ELF 32-bit LSB executable | 38/55 |
| 9c2848962... | 2019/03/15 02:04:31 | ELF 32-bit LSB executable | 38/57 |
| 5685b086c... | 2019/03/15 02:04:56 | ELF 32-bit LSB executable | 30/56 |
| 86fbdd7df... | 2019/03/15 02:05:22 | ELF 32-bit MSB executable | 30/53 |
| 5c8c41253... | 2019/03/15 02:05:47 | ELF 32-bit LSB executable | 36/57 |
| 0ffa9e646... | 2019/03/15 02:06:12 | ELF 32-bit LSB executable | 35/56 |
Dionaea
Total: 83
| ファイル名 | 取得日時 | タイプ | 検出率 |
|---|---|---|---|
| a19bf4a16... | 2019/03/09 00:31:49 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
| b99e6f96a... | 2019/03/09 00:46:02 | PE32 executable (DLL) (GUI) Intel 80386 | 52/62 |
| 01d87121a... | 2019/03/09 01:56:44 | PE32 executable (DLL) (GUI) Intel 80386 | 53/64 |
| ae12bb54a... | 2019/03/09 03:42:20 | PE32 executable (DLL) (GUI) Intel 80386 | 55/64 |
| ce494e90f... | 2019/03/09 05:50:42 | PE32 executable (DLL) (GUI) Intel 80386 | 55/64 |
| 8d340ce81... | 2019/03/09 08:56:11 | PE32 executable (DLL) (GUI) Intel 80386 | 56/66 |
| 6ad5150a7... | 2019/03/09 09:33:04 | PE32 executable (DLL) (GUI) Intel 80386 | 57/69 |
| e68e7cec8... | 2019/03/09 09:47:58 | PE32 executable (DLL) (GUI) Intel 80386 | 58/69 |
| 6633a1960... | 2019/03/09 10:14:00 | PE32 executable (DLL) (GUI) Intel 80386 | 55/64 |
| dab719e74... | 2019/03/09 12:00:57 | PE32 executable (DLL) (GUI) Intel 80386 | 58/69 |
| 9f6f1b47b... | 2019/03/09 13:27:33 | PE32 executable (DLL) (GUI) Intel 80386 | 59/67 |
| 9ecca0844... | 2019/03/09 14:26:26 | PE32 executable (DLL) (GUI) Intel 80386 | 59/70 |
| 2118ffc9a... | 2019/03/09 14:59:01 | PE32 executable (DLL) (GUI) Intel 80386 | 55/65 |
| 59b5090fa... | 2019/03/09 15:14:59 | PE32 executable (DLL) (GUI) Intel 80386 | 54/65 |
| 66bf5ed7b... | 2019/03/09 16:06:23 | PE32 executable (DLL) (GUI) Intel 80386 | 52/62 |
| 8ffd85a89... | 2019/03/09 18:10:20 | PE32 executable (DLL) (GUI) Intel 80386 | 54/64 |
| 25d6d73e9... | 2019/03/10 01:00:21 | PE32 executable (DLL) (GUI) Intel 80386 | 53/64 |
| 95ae8e32e... | 2019/03/10 02:43:08 | PE32 executable (DLL) (GUI) Intel 80386 | 56/65 |
| e8feae1b8... | 2019/03/10 12:10:46 | PE32 executable (DLL) (GUI) Intel 80386 | 49/65 |
| 53fb690bc... | 2019/03/10 18:46:29 | PE32 executable (DLL) (GUI) Intel 80386 | 56/66 |
| b8e5a0202... | 2019/03/10 23:38:02 | PE32 executable (DLL) (GUI) Intel 80386 | 54/64 |
| 2f76b88b4... | 2019/03/11 00:50:44 | PE32 executable (DLL) (GUI) Intel 80386 | 57/67 |
| c908bf2a4... | 2019/03/11 01:04:02 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
| 1f74df8f8... | 2019/03/11 02:01:51 | PE32 executable (DLL) (GUI) Intel 80386 | 58/67 |
| 85045b516... | 2019/03/11 11:10:43 | PE32 executable (DLL) (GUI) Intel 80386 | 55/68 |
| 59e0d7e76... | 2019/03/11 14:08:15 | PE32 executable (DLL) (GUI) Intel 80386 | 57/68 |
| 53f57c490... | 2019/03/11 14:40:51 | PE32 executable (DLL) (GUI) Intel 80386 | 56/66 |
| 9f58205e4... | 2019/03/11 14:41:35 | PE32 executable (DLL) (GUI) Intel 80386 | 55/67 |
| 69535849c... | 2019/03/11 14:47:13 | PE32 executable (DLL) (GUI) Intel 80386 | 55/65 |
| e49594ffa... | 2019/03/11 15:16:16 | PE32 executable (DLL) (GUI) Intel 80386 | 58/67 |
| 978fcc48a... | 2019/03/11 15:51:08 | PE32 executable (DLL) (GUI) Intel 80386 | 57/67 |
| 078cc10ec... | 2019/03/11 16:20:40 | PE32 executable (DLL) (GUI) Intel 80386 | 55/66 |
| bdcaf7ef3... | 2019/03/11 16:35:28 | PE32 executable (DLL) (GUI) Intel 80386 | 55/64 |
| 890d5aa0d... | 2019/03/11 17:22:25 | PE32 executable (DLL) (GUI) Intel 80386 | 55/64 |
| 99be653b9... | 2019/03/11 18:38:08 | PE32 executable (DLL) (GUI) Intel 80386 | 55/64 |
| a9aecfb5a... | 2019/03/11 18:47:29 | PE32 executable (DLL) (GUI) Intel 80386 | 55/67 |
| e13c5a2cf... | 2019/03/11 19:09:45 | PE32 executable (DLL) (GUI) Intel 80386 | 56/65 |
| cf4f46336... | 2019/03/11 20:14:05 | PE32 executable (DLL) (GUI) Intel 80386 | 55/65 |
| 3c2ee1cb6... | 2019/03/11 23:05:50 | PE32 executable (DLL) (GUI) Intel 80386 | 58/68 |
| 001489e82... | 2019/03/11 23:24:34 | PE32 executable (DLL) (GUI) Intel 80386 | 57/66 |
| 8b08b13d1... | 2019/03/11 23:43:19 | PE32 executable (DLL) (GUI) Intel 80386 | 57/67 |
| b8d67ae32... | 2019/03/12 01:10:08 | PE32 executable (DLL) (GUI) Intel 80386 | 55/65 |
| 24899e33d... | 2019/03/12 01:29:22 | PE32 executable (DLL) (GUI) Intel 80386 | 52/68 |
| 856e92809... | 2019/03/12 02:35:54 | PE32 executable (DLL) (GUI) Intel 80386 | 56/65 |
| ef894d1c6... | 2019/03/12 02:57:11 | PE32 executable (DLL) (GUI) Intel 80386 | 58/67 |
| 3c3591eb1... | 2019/03/12 03:10:18 | PE32 executable (DLL) (GUI) Intel 80386 | 57/67 |
| 59bef54ef... | 2019/03/12 03:53:41 | PE32 executable (DLL) (GUI) Intel 80386 | 59/68 |
| 33d373e26... | 2019/03/12 04:17:32 | PE32 executable (DLL) (GUI) Intel 80386 | 54/64 |
| f361db5db... | 2019/03/12 06:55:27 | PE32 executable (DLL) (GUI) Intel 80386 | 57/67 |
| cbd91d483... | 2019/03/12 10:07:38 | PE32 executable (DLL) (GUI) Intel 80386 | 50/65 |
| 1a6a8bac6... | 2019/03/12 11:03:00 | PE32 executable (DLL) (GUI) Intel 80386 | 59/67 |
| 1af7b2c5d... | 2019/03/12 13:36:57 | PE32 executable (DLL) (GUI) Intel 80386 | 55/67 |
| 0064e2641... | 2019/03/12 16:31:15 | PE32 executable (DLL) (GUI) Intel 80386 | 53/64 |
| 95d2d197c... | 2019/03/12 17:44:40 | PE32 executable (DLL) (GUI) Intel 80386 | 55/67 |
| 27b190903... | 2019/03/12 19:04:29 | PE32 executable (DLL) (GUI) Intel 80386 | 54/64 |
| 8003965bb... | 2019/03/12 19:11:26 | PE32 executable (DLL) (GUI) Intel 80386 | 58/69 |
| 1bb736b97... | 2019/03/12 19:54:39 | PE32 executable (DLL) (GUI) Intel 80386 | 53/63 |
| ce223b231... | 2019/03/12 21:18:41 | PE32 executable (DLL) (GUI) Intel 80386 | 56/65 |
| aa718a028... | 2019/03/13 02:36:24 | PE32 executable (DLL) (GUI) Intel 80386 | 56/64 |
| 951806fed... | 2019/03/13 11:19:48 | PE32 executable (DLL) (GUI) Intel 80386 | 54/64 |
| 1a8996bae... | 2019/03/13 13:02:50 | PE32 executable (DLL) (GUI) Intel 80386 | 48/66 |
| ddc2dde72... | 2019/03/13 13:17:31 | PE32 executable (DLL) (GUI) Intel 80386 | 57/69 |
| 5f4c11dd7... | 2019/03/13 14:53:24 | PE32 executable (DLL) (GUI) Intel 80386 | 46/69 |
| 54dd9593f... | 2019/03/13 15:23:37 | PE32 executable (DLL) (GUI) Intel 80386 | 55/66 |
| c96b8c08a... | 2019/03/13 15:31:35 | PE32 executable (DLL) (GUI) Intel 80386 | 55/65 |
| 9d5af9499... | 2019/03/13 19:28:55 | PE32 executable (DLL) (GUI) Intel 80386 | 60/69 |
| abfedfc75... | 2019/03/13 21:53:01 | PE32 executable (DLL) (GUI) Intel 80386 | 56/68 |
| b401240ef... | 2019/03/14 00:01:39 | PE32 executable (DLL) (GUI) Intel 80386 | 47/64 |
| e89f26590... | 2019/03/14 00:07:23 | PE32 executable (DLL) (GUI) Intel 80386 | 55/63 |
| 6e72ad805... | 2019/03/14 00:39:29 | PE32 executable (DLL) (GUI) Intel 80386 | 59/66 |
| d3891f56a... | 2019/03/14 04:43:25 | PE32 executable (DLL) (GUI) Intel 80386 | 56/64 |
| bacf38cf7... | 2019/03/14 10:31:14 | PE32 executable (DLL) (GUI) Intel 80386 | 53/65 |
| df2d5298e... | 2019/03/14 12:18:15 | PE32 executable (DLL) (GUI) Intel 80386 | 59/66 |
| 3ddcb6df0... | 2019/03/14 12:26:10 | PE32 executable (DLL) (GUI) Intel 80386 | 54/63 |
| d7fbbdfda... | 2019/03/14 13:21:47 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
| 99b4880d1... | 2019/03/14 14:01:35 | PE32 executable (DLL) (GUI) Intel 80386 | 57/67 |
| c5ff03fe7... | 2019/03/14 17:03:42 | PE32 executable (DLL) (GUI) Intel 80386 | 55/66 |
| a13567725... | 2019/03/14 20:17:25 | PE32 executable (DLL) (GUI) Intel 80386 | 58/67 |
| 03abf1911... | 2019/03/14 21:38:06 | PE32 executable (DLL) (GUI) Intel 80386 | 58/69 |
| feae26f17... | 2019/03/14 23:33:29 | PE32 executable (DLL) (GUI) Intel 80386 | 53/63 |
| e5551e9a1... | 2019/03/15 00:23:07 | PE32 executable (DLL) (GUI) Intel 80386 | 56/66 |
| 588bc28d3... | 2019/03/15 01:30:32 | PE32 executable (DLL) (GUI) Intel 80386 | 58/67 |
| 6567e6633... | 2019/03/15 02:32:45 | PE32 executable (DLL) (GUI) Intel 80386 | 56/66 |
所感
初観測のCVEを久々に見つけた気がする。
