ばぁど・うぉっちんぐ

セキュリティに強いWeb屋。自由と春を求めて羽ばたく渡り鳥。

このブログはGoogle Analyticsを利用しています

ばぁどのハニーポット・うぉっちんぐ - 2019/03/30 ~ 2019/04/05 -

ハニーポット観察日記としての定期アウトプットです。

観察期間:2019年 03月30日 00:00:00 - 2019年04月04日 23:59:59

CVE

CVE 検知した回数 前回比
CVE-2005-0045 205 +205
CVE-2010-3055 18 -4
CVE-2014-0160 16 0
CVE-2005-4050 9 +8
CVE-2017-7269 5 +2
CVE-2015-1427 3 +1
CVE-2017-5638 2 +2
CVE-2014-3120 1 +1

珍しくCVE-2005-0045が205も大量の検地が行われました。 www.cvedetails.com

攻撃種別

f:id:UltraBirdTech:20190406093118p:plain

攻撃種別 カウント数 % 前回カウント数
known attacker 34833 90.08% 55931
bad reputation 3499 8.99% 4692
合計 38669
平均(集計2018年11月〜) 56575回

国別データ

普段はあまりまとめていないのですが、今回は特色があったのでまとめます。

イランからの攻撃を大量に検知しました。

一週間の国別のデータ

f:id:UltraBirdTech:20190406093503p:plain

国名 攻撃回数 %
イラン 29856 31.6%
フランス 22402 23.71%
アメリ 16055 16.99%
中国 13282 14.06%
ロシア 5427 5.74%
その他 - -

いつもなら上位に入っているアメリカ、中国をおさえるかたちでイランからの攻撃量が多かったです。

国別の時間によるデータ

f:id:UltraBirdTech:20190406093529p:plain

一時的にイランからの攻撃がとても多くなっているのが分かります。

イランからの攻撃データ

Cowrieによる検知が大半でした。 f:id:UltraBirdTech:20190406094431p:plain

マルウェア

Cowrie

Total: 27

File Name Date Type Detection Rate
tmprm7iMn 2019/03/30 03:30:44 ELF 32-bit LSB executable 35/54
5ab400ec0... 2019/03/30 03:57:53 ASCII text 0/57
d1858ce41... 2019/03/30 03:57:53 ASCII text 0/58
8779e030c... 2019/03/30 03:57:53 ASCII text 0/57
0293300dd... 2019/03/30 03:57:53 ASCII text 0/57
20ceeed36... 2019/03/30 03:57:53 ASCII text 0/55
f6426a2b8... 2019/03/30 03:57:53 ASCII text 0/58
d660d1120... 2019/03/30 03:57:53 ASCII text 0/54
512893f96... 2019/03/30 03:57:53 ASCII text 0/55
b33b30c3c... 2019/03/30 04:36:48 Bourne-Again shell script executable (binary data) 27/55
a52e5c9d3... 2019/03/30 14:56:04 OpenSSH RSA public key 0/57
tmpZ35HY4 2019/03/30 20:05:44 ELF 32-bit LSB executable 35/54
20190330-... 2019/03/31 06:33:10 empty 0/59
3f6d2a1c4... 2019/03/31 06:33:10 Bourne-Again shell script 11/55
13f85ac5f... 2019/03/31 06:33:11 ELF 64-bit LSB executable 16/59
b01ae8eba... 2019/03/31 08:44:14 ASCII text 0/56
tmpEyc6RI 2019/03/31 19:55:16 ELF 32-bit LSB executable 39/57
tmpcMD8UU 2019/04/01 03:31:20 ELF 32-bit LSB executable 35/52
tmpzgfgSo 2019/04/01 20:35:39 ELF 32-bit LSB executable 35/52
tmpGhMZBP 2019/04/02 20:21:42 ELF 32-bit LSB executable 38/56
20190403-... 2019/04/03 10:13:10 empty 0/59
tmpDRhlNi 2019/04/03 13:00:08 ELF 32-bit LSB executable 36/55
tmpIEYb3I 2019/04/03 21:11:01 ELF 32-bit LSB executable 36/55
tmpkUh9CB 2019/04/04 02:23:27 ELF 32-bit LSB executable 37/55
tmp8OzrOe 2019/04/04 14:21:37 ELF 32-bit LSB executable 37/55
tmpS0NGs8 2019/04/04 20:15:22 ELF 32-bit LSB executable 37/55
tmpytMtWy 2019/04/05 10:16:01 ELF 32-bit LSB executable 38/55

Dionaea

Total: 115

File Name Date Type Detection Rate
996c2b2ca... 2019/03/30 04:26:56 PE32 executable (DLL) (GUI) Intel 80386 61/71
3550fe2f7... 2019/03/30 04:55:17 data 14/56
6a139899a... 2019/03/30 05:29:47 PE32 executable (DLL) (GUI) Intel 80386 60/70
8831cfc4b... 2019/03/30 05:37:03 PE32 executable (DLL) (GUI) Intel 80386 50/70
44bc540ed... 2019/03/30 05:47:45 PE32 executable (DLL) (GUI) Intel 80386 59/67
8c81ab1ed... 2019/03/30 08:30:49 PE32 executable (DLL) (GUI) Intel 80386 53/70
cd99e5e4f... 2019/03/30 08:49:15 PE32 executable (DLL) (GUI) Intel 80386 56/65
0f2ee8f0e... 2019/03/30 10:57:21 PE32 executable (DLL) (GUI) Intel 80386 52/68
414a3594e... 2019/03/30 11:02:12 PE32 executable (DLL) (GUI) Intel 80386 59/69
8295334fe... 2019/03/30 11:02:19 PE32 executable (DLL) (GUI) Intel 80386 59/69
db1d89ef8... 2019/03/30 12:08:18 PE32 executable (DLL) (GUI) Intel 80386 58/66
e9e1cc1d3... 2019/03/30 15:24:34 PE32 executable (DLL) (GUI) Intel 80386 54/69
a4d49eaf6... 2019/03/30 15:29:50 PE32 executable (DLL) (GUI) Intel 80386 58/68
ae12bb54a... 2019/03/30 16:09:23 PE32 executable (DLL) (GUI) Intel 80386 59/71
eb189ce6c... 2019/03/30 16:15:02 PE32 executable (DLL) (GUI) Intel 80386 57/69
0ab2aeda9... 2019/03/30 16:49:12 PE32 executable (DLL) (GUI) Intel 80386 58/66
0b1ddeaf4... 2019/03/30 17:05:16 PE32 executable (DLL) (GUI) Intel 80386 59/69
8215323ed... 2019/03/30 17:51:29 PE32 executable (DLL) (GUI) Intel 80386 60/71
ce494e90f... 2019/03/30 20:36:25 PE32 executable (DLL) (GUI) Intel 80386 58/66
219d5bce1... 2019/03/30 21:48:03 PE32 executable (DLL) (GUI) Intel 80386 53/64
ef894d1c6... 2019/03/31 02:32:28 PE32 executable (DLL) (GUI) Intel 80386 56/64
8041b41ab... 2019/03/31 02:46:23 PE32 executable (DLL) (GUI) Intel 80386 53/63
c16edec91... 2019/03/31 04:20:36 PE32 executable (DLL) (GUI) Intel 80386 57/65
e4cc98445... 2019/03/31 05:42:00 PE32 executable (DLL) (GUI) Intel 80386 57/66
af76bbae1... 2019/03/31 06:26:56 PE32 executable (DLL) (GUI) Intel 80386 55/65
c38d168c1... 2019/03/31 13:17:16 PE32 executable (DLL) (GUI) Intel 80386 54/65
3b22590fd... 2019/03/31 14:35:08 PE32 executable (DLL) (GUI) Intel 80386 61/70
337897f57... 2019/03/31 15:36:00 PE32 executable (DLL) (GUI) Intel 80386 56/67
d253b19d8... 2019/03/31 18:14:30 PE32 executable (DLL) (GUI) Intel 80386 56/66
0e3e5e700... 2019/03/31 19:21:56 PE32 executable (DLL) (GUI) Intel 80386 57/66
a55b9addb... 2019/03/31 20:03:44 PE32 executable (DLL) (GUI) Intel 80386 56/65
ce223b231... 2019/03/31 20:21:26 PE32 executable (DLL) (GUI) Intel 80386 58/66
a9ea052fb... 2019/03/31 21:28:30 PE32 executable (DLL) (GUI) Intel 80386 56/71
dbff8fcc3... 2019/03/31 23:41:39 PE32 executable (DLL) (GUI) Intel 80386 57/65
cf4f46336... 2019/04/01 01:16:32 PE32 executable (DLL) (GUI) Intel 80386 59/67
5f4c11dd7... 2019/04/01 03:05:13 PE32 executable (DLL) (GUI) Intel 80386 46/69
3991dae77... 2019/04/01 04:54:50 PE32 executable (DLL) (console) Intel 80386 23/65
235e9af4c... 2019/04/01 06:04:58 PE32 executable (DLL) (GUI) Intel 80386 49/66
78eae7fce... 2019/04/01 08:33:27 PE32 executable (DLL) (GUI) Intel 80386 61/69
33d373e26... 2019/04/01 09:30:00 PE32 executable (DLL) (GUI) Intel 80386 61/69
8fa0e5dd9... 2019/04/01 09:44:37 PE32 executable (DLL) (GUI) Intel 80386 60/70
ed979ce49... 2019/04/01 10:14:44 PE32 executable (DLL) (GUI) Intel 80386 56/64
9ba5379aa... 2019/04/01 11:16:39 PE32 executable (DLL) (GUI) Intel 80386 54/64
1bb736b97... 2019/04/01 11:42:42 PE32 executable (DLL) (GUI) Intel 80386 60/68
5d2755276... 2019/04/01 12:28:04 PE32 executable (DLL) (GUI) Intel 80386 54/68
24ad1977f... 2019/04/01 12:45:04 PE32 executable (DLL) (GUI) Intel 80386 59/68
4a5d4a82c... 2019/04/01 13:32:07 PE32 executable (DLL) (GUI) Intel 80386 55/64
bf7e570fb... 2019/04/01 13:41:48 PE32 executable (DLL) (GUI) Intel 80386 54/64
2f76b88b4... 2019/04/01 14:12:25 PE32 executable (DLL) (GUI) Intel 80386 58/66
00c9e54f5... 2019/04/01 14:12:57 PE32 executable (DLL) (GUI) Intel 80386 58/66
dbc927f7b... 2019/04/01 16:43:23 PE32 executable (DLL) (GUI) Intel 80386 55/67
cab74b35a... 2019/04/01 16:51:45 PE32 executable (DLL) (GUI) Intel 80386 54/64
54dd9593f... 2019/04/01 17:27:12 PE32 executable (DLL) (GUI) Intel 80386 55/65
09d2ecb96... 2019/04/01 19:02:47 PE32 executable (DLL) (GUI) Intel 80386 60/69
aa7d98d15... 2019/04/01 23:53:27 PE32 executable (DLL) (GUI) Intel 80386 60/69
431c1bf6a... 2019/04/02 02:16:00 PE32 executable (DLL) (GUI) Intel 80386 59/68
da4c98715... 2019/04/02 02:28:52 PE32 executable (DLL) (GUI) Intel 80386 56/65
474ecb2fa... 2019/04/02 02:37:58 PE32 executable (DLL) (GUI) Intel 80386 48/65
06d6a33dd... 2019/04/02 03:12:51 PE32 executable (DLL) (GUI) Intel 80386 59/69
5ffdc8b78... 2019/04/02 03:25:08 PE32 executable (DLL) (GUI) Intel 80386 60/68
88574a1df... 2019/04/02 03:42:10 PE32 executable (DLL) (GUI) Intel 80386 57/67
8b88b25cf... 2019/04/02 05:11:12 PE32 executable (DLL) (GUI) Intel 80386 46/66
3062df26e... 2019/04/02 05:11:53 PE32 executable (DLL) (GUI) Intel 80386 54/69
ca9fc4bdb... 2019/04/02 05:11:59 PE32 executable (DLL) (GUI) Intel 80386 40/68
e9c7680e6... 2019/04/02 11:36:37 PE32 executable (DLL) (GUI) Intel 80386 58/69
c5ff03fe7... 2019/04/02 14:12:39 PE32 executable (DLL) (GUI) Intel 80386 56/66
4c58581fa... 2019/04/02 15:46:31 PE32 executable (DLL) (GUI) Intel 80386 52/67
3a7ea4bb6... 2019/04/02 16:03:21 PE32 executable (DLL) (GUI) Intel 80386 56/66
135c4f212... 2019/04/02 16:15:49 PE32 executable (DLL) (GUI) Intel 80386 59/67
d540f05b1... 2019/04/02 16:16:40 PE32 executable (DLL) (GUI) Intel 80386 60/70
e5840a975... 2019/04/02 16:27:24 PE32 executable (DLL) (GUI) Intel 80386 59/67
004a28d1c... 2019/04/02 17:01:52 PE32 executable (DLL) (GUI) Intel 80386 62/70
5375d72f6... 2019/04/02 18:11:58 PE32 executable (DLL) (GUI) Intel 80386 52/62
dea76c8b9... 2019/04/02 19:43:09 PE32 executable (DLL) (GUI) Intel 80386 53/64
494753ed4... 2019/04/02 20:25:58 PE32 executable (DLL) (GUI) Intel 80386 57/66
e12d0c0ba... 2019/04/03 00:15:03 PE32 executable (DLL) (GUI) Intel 80386 54/64
24899e33d... 2019/04/03 01:28:32 PE32 executable (DLL) (GUI) Intel 80386 53/70
7c7262d9e... 2019/04/03 07:02:34 PE32 executable (DLL) (GUI) Intel 80386 56/65
9a1ae1d49... 2019/04/03 08:17:23 PE32 executable (DLL) (GUI) Intel 80386 60/69
9dc9f7073... 2019/04/03 09:34:37 PE32 executable (DLL) (GUI) Intel 80386 56/66
e9d1ba0ee... 2019/04/03 11:08:20 PE32 executable (DLL) (GUI) Intel 80386 57/66
dfac55e67... 2019/04/03 12:31:44 PE32 executable (DLL) (GUI) Intel 80386 62/70
ce62bd4a0... 2019/04/03 12:52:58 PE32 executable (DLL) (GUI) Intel 80386 54/63
840ee6a37... 2019/04/03 13:00:37 PE32 executable (DLL) (GUI) Intel 80386 54/67
59b5090fa... 2019/04/03 13:34:57 PE32 executable (DLL) (GUI) Intel 80386 59/67
c87283a83... 2019/04/03 13:49:14 PE32 executable (DLL) (GUI) Intel 80386 59/68
e7e3fa2e4... 2019/04/03 14:21:00 PE32 executable (DLL) (GUI) Intel 80386 63/71
e13c5a2cf... 2019/04/03 15:52:14 PE32 executable (DLL) (GUI) Intel 80386 55/66
1f3510824... 2019/04/03 18:01:29 PE32 executable (DLL) (GUI) Intel 80386 56/67
a0f7d345b... 2019/04/03 18:31:14 PE32 executable (DLL) (GUI) Intel 80386 58/67
dd9dacbe3... 2019/04/03 19:15:01 PE32 executable (DLL) (GUI) Intel 80386 55/64
2de98404e... 2019/04/03 22:21:06 PE32 executable (DLL) (GUI) Intel 80386 62/71
4891a63c1... 2019/04/03 23:18:55 PE32 executable (DLL) (GUI) Intel 80386 58/69
ce31acf4f... 2019/04/03 23:46:16 PE32 executable (DLL) (GUI) Intel 80386 59/69
90257ddb2... 2019/04/04 05:08:24 PE32 executable (DLL) (GUI) Intel 80386 56/64
01bdc6fb0... 2019/04/04 08:44:28 PE32 executable (DLL) (GUI) Intel 80386 58/68
cbd91d483... 2019/04/04 11:20:20 PE32 executable (DLL) (GUI) Intel 80386 57/70
ffe500010... 2019/04/04 15:41:36 PE32 executable (DLL) (GUI) Intel 80386 63/71
ede5b5290... 2019/04/04 16:13:18 PE32 executable (DLL) (GUI) Intel 80386 56/67
57967b6e7... 2019/04/04 19:24:40 PE32 executable (DLL) (GUI) Intel 80386 59/67
f4467cf9b... 2019/04/04 21:48:05 PE32 executable (DLL) (GUI) Intel 80386 58/68
1a8996bae... 2019/04/05 00:04:07 PE32 executable (DLL) (GUI) Intel 80386 56/65
d7898fd7e... 2019/04/05 00:24:06 PE32 executable (DLL) (GUI) Intel 80386 57/65
d35115a45... 2019/04/05 01:10:04 PE32 executable (DLL) (GUI) Intel 80386 59/69
e9e60daee... 2019/04/05 03:12:17 PE32 executable (DLL) (GUI) Intel 80386 53/64
f63b8c272... 2019/04/05 04:22:55 PE32 executable (DLL) (GUI) Intel 80386 60/71
160b8ceeb... 2019/04/05 05:35:23 PE32 executable (DLL) (GUI) Intel 80386 57/68
fecedeedc... 2019/04/05 09:19:43 PE32 executable (DLL) (GUI) Intel 80386 56/65
d8730841f... 2019/04/05 10:23:28 PE32 executable (DLL) (GUI) Intel 80386 56/65
fdea89006... 2019/04/05 11:30:37 PE32 executable (DLL) (GUI) Intel 80386 59/68
3c3591eb1... 2019/04/05 13:18:34 PE32 executable (DLL) (GUI) Intel 80386 57/65
fcb6b0f95... 2019/04/05 14:15:52 PE32 executable (DLL) (GUI) Intel 80386 57/65
98593450d... 2019/04/05 17:39:06 PE32 executable (DLL) (GUI) Intel 80386 61/69
ac0c78b07... 2019/04/06 01:28:01 PE32 executable (DLL) (GUI) Intel 80386 56/68
a48ca7b40... 2019/04/06 02:09:34 PE32 executable (DLL) (GUI) Intel 80386 54/65

所感

イランからの攻撃を多く検知した一週間でした。

ハニーポット #ハニーポット観察