ハニーポット観察日記としての定期アウトプットです。
観察期間:2019年 03月30日 00:00:00 - 2019年04月04日 23:59:59
CVE
CVE | 検知した回数 | 前回比 |
---|---|---|
CVE-2005-0045 | 205 | +205 |
CVE-2010-3055 | 18 | -4 |
CVE-2014-0160 | 16 | 0 |
CVE-2005-4050 | 9 | +8 |
CVE-2017-7269 | 5 | +2 |
CVE-2015-1427 | 3 | +1 |
CVE-2017-5638 | 2 | +2 |
CVE-2014-3120 | 1 | +1 |
珍しくCVE-2005-0045が205も大量の検地が行われました。 www.cvedetails.com
攻撃種別
攻撃種別 | カウント数 | % | 前回カウント数 |
---|---|---|---|
known attacker | 34833 | 90.08% | 55931 |
bad reputation | 3499 | 8.99% | 4692 |
合計 | 38669 | ||
平均(集計2018年11月〜) | 56575回 |
国別データ
普段はあまりまとめていないのですが、今回は特色があったのでまとめます。
イランからの攻撃を大量に検知しました。
一週間の国別のデータ
国名 | 攻撃回数 | % |
---|---|---|
イラン | 29856 | 31.6% |
フランス | 22402 | 23.71% |
アメリカ | 16055 | 16.99% |
中国 | 13282 | 14.06% |
ロシア | 5427 | 5.74% |
その他 | - | - |
いつもなら上位に入っているアメリカ、中国をおさえるかたちでイランからの攻撃量が多かったです。
国別の時間によるデータ
一時的にイランからの攻撃がとても多くなっているのが分かります。
イランからの攻撃データ
Cowrieによる検知が大半でした。
マルウェア
Cowrie
Total: 27
File Name | Date | Type | Detection Rate |
---|---|---|---|
tmprm7iMn | 2019/03/30 03:30:44 | ELF 32-bit LSB executable | 35/54 |
5ab400ec0... | 2019/03/30 03:57:53 | ASCII text | 0/57 |
d1858ce41... | 2019/03/30 03:57:53 | ASCII text | 0/58 |
8779e030c... | 2019/03/30 03:57:53 | ASCII text | 0/57 |
0293300dd... | 2019/03/30 03:57:53 | ASCII text | 0/57 |
20ceeed36... | 2019/03/30 03:57:53 | ASCII text | 0/55 |
f6426a2b8... | 2019/03/30 03:57:53 | ASCII text | 0/58 |
d660d1120... | 2019/03/30 03:57:53 | ASCII text | 0/54 |
512893f96... | 2019/03/30 03:57:53 | ASCII text | 0/55 |
b33b30c3c... | 2019/03/30 04:36:48 | Bourne-Again shell script executable (binary data) | 27/55 |
a52e5c9d3... | 2019/03/30 14:56:04 | OpenSSH RSA public key | 0/57 |
tmpZ35HY4 | 2019/03/30 20:05:44 | ELF 32-bit LSB executable | 35/54 |
20190330-... | 2019/03/31 06:33:10 | empty | 0/59 |
3f6d2a1c4... | 2019/03/31 06:33:10 | Bourne-Again shell script | 11/55 |
13f85ac5f... | 2019/03/31 06:33:11 | ELF 64-bit LSB executable | 16/59 |
b01ae8eba... | 2019/03/31 08:44:14 | ASCII text | 0/56 |
tmpEyc6RI | 2019/03/31 19:55:16 | ELF 32-bit LSB executable | 39/57 |
tmpcMD8UU | 2019/04/01 03:31:20 | ELF 32-bit LSB executable | 35/52 |
tmpzgfgSo | 2019/04/01 20:35:39 | ELF 32-bit LSB executable | 35/52 |
tmpGhMZBP | 2019/04/02 20:21:42 | ELF 32-bit LSB executable | 38/56 |
20190403-... | 2019/04/03 10:13:10 | empty | 0/59 |
tmpDRhlNi | 2019/04/03 13:00:08 | ELF 32-bit LSB executable | 36/55 |
tmpIEYb3I | 2019/04/03 21:11:01 | ELF 32-bit LSB executable | 36/55 |
tmpkUh9CB | 2019/04/04 02:23:27 | ELF 32-bit LSB executable | 37/55 |
tmp8OzrOe | 2019/04/04 14:21:37 | ELF 32-bit LSB executable | 37/55 |
tmpS0NGs8 | 2019/04/04 20:15:22 | ELF 32-bit LSB executable | 37/55 |
tmpytMtWy | 2019/04/05 10:16:01 | ELF 32-bit LSB executable | 38/55 |
Dionaea
Total: 115
File Name | Date | Type | Detection Rate |
---|---|---|---|
996c2b2ca... | 2019/03/30 04:26:56 | PE32 executable (DLL) (GUI) Intel 80386 | 61/71 |
3550fe2f7... | 2019/03/30 04:55:17 | data | 14/56 |
6a139899a... | 2019/03/30 05:29:47 | PE32 executable (DLL) (GUI) Intel 80386 | 60/70 |
8831cfc4b... | 2019/03/30 05:37:03 | PE32 executable (DLL) (GUI) Intel 80386 | 50/70 |
44bc540ed... | 2019/03/30 05:47:45 | PE32 executable (DLL) (GUI) Intel 80386 | 59/67 |
8c81ab1ed... | 2019/03/30 08:30:49 | PE32 executable (DLL) (GUI) Intel 80386 | 53/70 |
cd99e5e4f... | 2019/03/30 08:49:15 | PE32 executable (DLL) (GUI) Intel 80386 | 56/65 |
0f2ee8f0e... | 2019/03/30 10:57:21 | PE32 executable (DLL) (GUI) Intel 80386 | 52/68 |
414a3594e... | 2019/03/30 11:02:12 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
8295334fe... | 2019/03/30 11:02:19 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
db1d89ef8... | 2019/03/30 12:08:18 | PE32 executable (DLL) (GUI) Intel 80386 | 58/66 |
e9e1cc1d3... | 2019/03/30 15:24:34 | PE32 executable (DLL) (GUI) Intel 80386 | 54/69 |
a4d49eaf6... | 2019/03/30 15:29:50 | PE32 executable (DLL) (GUI) Intel 80386 | 58/68 |
ae12bb54a... | 2019/03/30 16:09:23 | PE32 executable (DLL) (GUI) Intel 80386 | 59/71 |
eb189ce6c... | 2019/03/30 16:15:02 | PE32 executable (DLL) (GUI) Intel 80386 | 57/69 |
0ab2aeda9... | 2019/03/30 16:49:12 | PE32 executable (DLL) (GUI) Intel 80386 | 58/66 |
0b1ddeaf4... | 2019/03/30 17:05:16 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
8215323ed... | 2019/03/30 17:51:29 | PE32 executable (DLL) (GUI) Intel 80386 | 60/71 |
ce494e90f... | 2019/03/30 20:36:25 | PE32 executable (DLL) (GUI) Intel 80386 | 58/66 |
219d5bce1... | 2019/03/30 21:48:03 | PE32 executable (DLL) (GUI) Intel 80386 | 53/64 |
ef894d1c6... | 2019/03/31 02:32:28 | PE32 executable (DLL) (GUI) Intel 80386 | 56/64 |
8041b41ab... | 2019/03/31 02:46:23 | PE32 executable (DLL) (GUI) Intel 80386 | 53/63 |
c16edec91... | 2019/03/31 04:20:36 | PE32 executable (DLL) (GUI) Intel 80386 | 57/65 |
e4cc98445... | 2019/03/31 05:42:00 | PE32 executable (DLL) (GUI) Intel 80386 | 57/66 |
af76bbae1... | 2019/03/31 06:26:56 | PE32 executable (DLL) (GUI) Intel 80386 | 55/65 |
c38d168c1... | 2019/03/31 13:17:16 | PE32 executable (DLL) (GUI) Intel 80386 | 54/65 |
3b22590fd... | 2019/03/31 14:35:08 | PE32 executable (DLL) (GUI) Intel 80386 | 61/70 |
337897f57... | 2019/03/31 15:36:00 | PE32 executable (DLL) (GUI) Intel 80386 | 56/67 |
d253b19d8... | 2019/03/31 18:14:30 | PE32 executable (DLL) (GUI) Intel 80386 | 56/66 |
0e3e5e700... | 2019/03/31 19:21:56 | PE32 executable (DLL) (GUI) Intel 80386 | 57/66 |
a55b9addb... | 2019/03/31 20:03:44 | PE32 executable (DLL) (GUI) Intel 80386 | 56/65 |
ce223b231... | 2019/03/31 20:21:26 | PE32 executable (DLL) (GUI) Intel 80386 | 58/66 |
a9ea052fb... | 2019/03/31 21:28:30 | PE32 executable (DLL) (GUI) Intel 80386 | 56/71 |
dbff8fcc3... | 2019/03/31 23:41:39 | PE32 executable (DLL) (GUI) Intel 80386 | 57/65 |
cf4f46336... | 2019/04/01 01:16:32 | PE32 executable (DLL) (GUI) Intel 80386 | 59/67 |
5f4c11dd7... | 2019/04/01 03:05:13 | PE32 executable (DLL) (GUI) Intel 80386 | 46/69 |
3991dae77... | 2019/04/01 04:54:50 | PE32 executable (DLL) (console) Intel 80386 | 23/65 |
235e9af4c... | 2019/04/01 06:04:58 | PE32 executable (DLL) (GUI) Intel 80386 | 49/66 |
78eae7fce... | 2019/04/01 08:33:27 | PE32 executable (DLL) (GUI) Intel 80386 | 61/69 |
33d373e26... | 2019/04/01 09:30:00 | PE32 executable (DLL) (GUI) Intel 80386 | 61/69 |
8fa0e5dd9... | 2019/04/01 09:44:37 | PE32 executable (DLL) (GUI) Intel 80386 | 60/70 |
ed979ce49... | 2019/04/01 10:14:44 | PE32 executable (DLL) (GUI) Intel 80386 | 56/64 |
9ba5379aa... | 2019/04/01 11:16:39 | PE32 executable (DLL) (GUI) Intel 80386 | 54/64 |
1bb736b97... | 2019/04/01 11:42:42 | PE32 executable (DLL) (GUI) Intel 80386 | 60/68 |
5d2755276... | 2019/04/01 12:28:04 | PE32 executable (DLL) (GUI) Intel 80386 | 54/68 |
24ad1977f... | 2019/04/01 12:45:04 | PE32 executable (DLL) (GUI) Intel 80386 | 59/68 |
4a5d4a82c... | 2019/04/01 13:32:07 | PE32 executable (DLL) (GUI) Intel 80386 | 55/64 |
bf7e570fb... | 2019/04/01 13:41:48 | PE32 executable (DLL) (GUI) Intel 80386 | 54/64 |
2f76b88b4... | 2019/04/01 14:12:25 | PE32 executable (DLL) (GUI) Intel 80386 | 58/66 |
00c9e54f5... | 2019/04/01 14:12:57 | PE32 executable (DLL) (GUI) Intel 80386 | 58/66 |
dbc927f7b... | 2019/04/01 16:43:23 | PE32 executable (DLL) (GUI) Intel 80386 | 55/67 |
cab74b35a... | 2019/04/01 16:51:45 | PE32 executable (DLL) (GUI) Intel 80386 | 54/64 |
54dd9593f... | 2019/04/01 17:27:12 | PE32 executable (DLL) (GUI) Intel 80386 | 55/65 |
09d2ecb96... | 2019/04/01 19:02:47 | PE32 executable (DLL) (GUI) Intel 80386 | 60/69 |
aa7d98d15... | 2019/04/01 23:53:27 | PE32 executable (DLL) (GUI) Intel 80386 | 60/69 |
431c1bf6a... | 2019/04/02 02:16:00 | PE32 executable (DLL) (GUI) Intel 80386 | 59/68 |
da4c98715... | 2019/04/02 02:28:52 | PE32 executable (DLL) (GUI) Intel 80386 | 56/65 |
474ecb2fa... | 2019/04/02 02:37:58 | PE32 executable (DLL) (GUI) Intel 80386 | 48/65 |
06d6a33dd... | 2019/04/02 03:12:51 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
5ffdc8b78... | 2019/04/02 03:25:08 | PE32 executable (DLL) (GUI) Intel 80386 | 60/68 |
88574a1df... | 2019/04/02 03:42:10 | PE32 executable (DLL) (GUI) Intel 80386 | 57/67 |
8b88b25cf... | 2019/04/02 05:11:12 | PE32 executable (DLL) (GUI) Intel 80386 | 46/66 |
3062df26e... | 2019/04/02 05:11:53 | PE32 executable (DLL) (GUI) Intel 80386 | 54/69 |
ca9fc4bdb... | 2019/04/02 05:11:59 | PE32 executable (DLL) (GUI) Intel 80386 | 40/68 |
e9c7680e6... | 2019/04/02 11:36:37 | PE32 executable (DLL) (GUI) Intel 80386 | 58/69 |
c5ff03fe7... | 2019/04/02 14:12:39 | PE32 executable (DLL) (GUI) Intel 80386 | 56/66 |
4c58581fa... | 2019/04/02 15:46:31 | PE32 executable (DLL) (GUI) Intel 80386 | 52/67 |
3a7ea4bb6... | 2019/04/02 16:03:21 | PE32 executable (DLL) (GUI) Intel 80386 | 56/66 |
135c4f212... | 2019/04/02 16:15:49 | PE32 executable (DLL) (GUI) Intel 80386 | 59/67 |
d540f05b1... | 2019/04/02 16:16:40 | PE32 executable (DLL) (GUI) Intel 80386 | 60/70 |
e5840a975... | 2019/04/02 16:27:24 | PE32 executable (DLL) (GUI) Intel 80386 | 59/67 |
004a28d1c... | 2019/04/02 17:01:52 | PE32 executable (DLL) (GUI) Intel 80386 | 62/70 |
5375d72f6... | 2019/04/02 18:11:58 | PE32 executable (DLL) (GUI) Intel 80386 | 52/62 |
dea76c8b9... | 2019/04/02 19:43:09 | PE32 executable (DLL) (GUI) Intel 80386 | 53/64 |
494753ed4... | 2019/04/02 20:25:58 | PE32 executable (DLL) (GUI) Intel 80386 | 57/66 |
e12d0c0ba... | 2019/04/03 00:15:03 | PE32 executable (DLL) (GUI) Intel 80386 | 54/64 |
24899e33d... | 2019/04/03 01:28:32 | PE32 executable (DLL) (GUI) Intel 80386 | 53/70 |
7c7262d9e... | 2019/04/03 07:02:34 | PE32 executable (DLL) (GUI) Intel 80386 | 56/65 |
9a1ae1d49... | 2019/04/03 08:17:23 | PE32 executable (DLL) (GUI) Intel 80386 | 60/69 |
9dc9f7073... | 2019/04/03 09:34:37 | PE32 executable (DLL) (GUI) Intel 80386 | 56/66 |
e9d1ba0ee... | 2019/04/03 11:08:20 | PE32 executable (DLL) (GUI) Intel 80386 | 57/66 |
dfac55e67... | 2019/04/03 12:31:44 | PE32 executable (DLL) (GUI) Intel 80386 | 62/70 |
ce62bd4a0... | 2019/04/03 12:52:58 | PE32 executable (DLL) (GUI) Intel 80386 | 54/63 |
840ee6a37... | 2019/04/03 13:00:37 | PE32 executable (DLL) (GUI) Intel 80386 | 54/67 |
59b5090fa... | 2019/04/03 13:34:57 | PE32 executable (DLL) (GUI) Intel 80386 | 59/67 |
c87283a83... | 2019/04/03 13:49:14 | PE32 executable (DLL) (GUI) Intel 80386 | 59/68 |
e7e3fa2e4... | 2019/04/03 14:21:00 | PE32 executable (DLL) (GUI) Intel 80386 | 63/71 |
e13c5a2cf... | 2019/04/03 15:52:14 | PE32 executable (DLL) (GUI) Intel 80386 | 55/66 |
1f3510824... | 2019/04/03 18:01:29 | PE32 executable (DLL) (GUI) Intel 80386 | 56/67 |
a0f7d345b... | 2019/04/03 18:31:14 | PE32 executable (DLL) (GUI) Intel 80386 | 58/67 |
dd9dacbe3... | 2019/04/03 19:15:01 | PE32 executable (DLL) (GUI) Intel 80386 | 55/64 |
2de98404e... | 2019/04/03 22:21:06 | PE32 executable (DLL) (GUI) Intel 80386 | 62/71 |
4891a63c1... | 2019/04/03 23:18:55 | PE32 executable (DLL) (GUI) Intel 80386 | 58/69 |
ce31acf4f... | 2019/04/03 23:46:16 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
90257ddb2... | 2019/04/04 05:08:24 | PE32 executable (DLL) (GUI) Intel 80386 | 56/64 |
01bdc6fb0... | 2019/04/04 08:44:28 | PE32 executable (DLL) (GUI) Intel 80386 | 58/68 |
cbd91d483... | 2019/04/04 11:20:20 | PE32 executable (DLL) (GUI) Intel 80386 | 57/70 |
ffe500010... | 2019/04/04 15:41:36 | PE32 executable (DLL) (GUI) Intel 80386 | 63/71 |
ede5b5290... | 2019/04/04 16:13:18 | PE32 executable (DLL) (GUI) Intel 80386 | 56/67 |
57967b6e7... | 2019/04/04 19:24:40 | PE32 executable (DLL) (GUI) Intel 80386 | 59/67 |
f4467cf9b... | 2019/04/04 21:48:05 | PE32 executable (DLL) (GUI) Intel 80386 | 58/68 |
1a8996bae... | 2019/04/05 00:04:07 | PE32 executable (DLL) (GUI) Intel 80386 | 56/65 |
d7898fd7e... | 2019/04/05 00:24:06 | PE32 executable (DLL) (GUI) Intel 80386 | 57/65 |
d35115a45... | 2019/04/05 01:10:04 | PE32 executable (DLL) (GUI) Intel 80386 | 59/69 |
e9e60daee... | 2019/04/05 03:12:17 | PE32 executable (DLL) (GUI) Intel 80386 | 53/64 |
f63b8c272... | 2019/04/05 04:22:55 | PE32 executable (DLL) (GUI) Intel 80386 | 60/71 |
160b8ceeb... | 2019/04/05 05:35:23 | PE32 executable (DLL) (GUI) Intel 80386 | 57/68 |
fecedeedc... | 2019/04/05 09:19:43 | PE32 executable (DLL) (GUI) Intel 80386 | 56/65 |
d8730841f... | 2019/04/05 10:23:28 | PE32 executable (DLL) (GUI) Intel 80386 | 56/65 |
fdea89006... | 2019/04/05 11:30:37 | PE32 executable (DLL) (GUI) Intel 80386 | 59/68 |
3c3591eb1... | 2019/04/05 13:18:34 | PE32 executable (DLL) (GUI) Intel 80386 | 57/65 |
fcb6b0f95... | 2019/04/05 14:15:52 | PE32 executable (DLL) (GUI) Intel 80386 | 57/65 |
98593450d... | 2019/04/05 17:39:06 | PE32 executable (DLL) (GUI) Intel 80386 | 61/69 |
ac0c78b07... | 2019/04/06 01:28:01 | PE32 executable (DLL) (GUI) Intel 80386 | 56/68 |
a48ca7b40... | 2019/04/06 02:09:34 | PE32 executable (DLL) (GUI) Intel 80386 | 54/65 |
所感
イランからの攻撃を多く検知した一週間でした。