Twitterに書ききれないこと

イベントや技術的なことを記したい・・・

WannaCryに関する各組織の解析レポートまとめ

WannaCryに関する各組織の解析レポートを時系列にまとめた。 WannaCryを解析する際には公開情報を参照すると良い。

日付 組織 タイトル URL
2017/05/12(金) WannaCryの感染キャンペーンが開始
Malwarebytes Labs The worm that spreads WanaCrypt0r https://blog.malwarebytes.com/threat-analysis/2017/05/the-worm-that-spreads-wanacrypt0r/
TALOS Player 3 Has Entered the Game: Say Hello to ‘WannaCry’ https://blogs.cisco.com/security/talos/wannacry
Kaspersky WannaCry ransomware used in widespread attacks all over the world https://securelist.com/78351/wannacry-ransomware-used-in-widespread-attacks-all-over-the-world/
McAfee An Analysis of the WannaCry Ransomware Outbreak https://securingtomorrow.mcafee.com/executive-perspectives/analysis-wannacry-ransomware-outbreak/
TrendMicro Massive WannaCry/Wcry Ransomware Attack Hits Various Countries https://blog.trendmicro.com/trendlabs-security-intelligence/massive-wannacrywcry-ransomware-attack-hits-various-countries/
Symantec What you need to know about the WannaCry Ransomware https://www.symantec.com/connect/blogs/what-you-need-know-about-wannacry-ransomware
Microsoft WannaCrypt ransomware worm targets out-of-date systems https://blogs.technet.microsoft.com/mmpc/2017/05/12/wannacrypt-ransomware-worm-targets-out-of-date-systems/
EMSISOFT Global WannaCry ransomware outbreak uses known NSA exploits http://blog.emsisoft.com/2017/05/12/wcry-ransomware-outbreak/
2017/05/13(土) MalwareTechBlog How to Accidentally Stop a Global Cyber Attacks https://www.malwaretech.com/2017/05/how-to-accidentally-stop-a-global-cyber-attacks.html
juniper Rapid Response: The WannaCry Ransomware Outbreak https://forums.juniper.net/t5/Security-Now/Rapid-Response-The-WannaCry-Ransomware-Outbreak/ba-p/307835
TrendMicro 大規模な暗号化型ランサムウェア「WannaCry/Wcry」の攻撃、世界各国で影響 http://blog.trendmicro.co.jp/archives/14873
2017/05/14(日) ENDGAME WCry/WanaCry Ransomware Technical Analysis https://www.endgame.com/blog/technical-blog/wcrywanacry-ransomware-technical-analysis
McAfee Further Analysis of WannaCry Ransomware https://securingtomorrow.mcafee.com/mcafee-labs/analysis-wannacry-ransomware/
2017/05/15(月) McAfee 拡大するWannaCryランサムウェアの分析 http://blogs.mcafee.jp/mcafeeblog/2017/05/wannacry-f851.html
Kaspersky WannaCry FAQ: What you need to know today https://securelist.com/78411/wannacry-faq-what-you-need-to-know-today/
Kaspersky ランサムウェア「WannaCry」:あなたは大丈夫? https://blog.kaspersky.co.jp/wannacry-ransomware/15524/
Symantec WannaCry ランサムウェアについて知っておくべきこと https://www.symantec.com/connect/ja/blogs/wannacry-1
FireEye WannaCry Ransomware Campaign: Threat Details and Risk Management https://www.fireeye.com/blog/products-and-services/2017/05/wannacry-ransomware-campaign.html
Fortinet WannaCry: Evolving History from Beta to 2.0 http://blog.fortinet.com/2017/05/15/wannacry-evolving-history-from-beta-to-2-0
joe security Brief technical Analysis of Wannacry Ransomware Worm v2 https://www.joesecurity.org/blog/8272382563145970396
panda #WannaCryReport http://www.pandasecurity.com/mediacenter/src/uploads/2017/05/WannaCry_Report-en.pdf
Trustwave WannaCry: We Want to Cry https://www.trustwave.com/Resources/SpiderLabs-Blog/WannaCry–We-Want-to-Cry/
2017/05/16(火) BAE Systems WANACRYPT0R RANSOMWORM http://baesystemsai.blogspot.jp/2017/05/wanacrypt0r-ransomworm.html
Cisco Umbrella The Hours of WannaCry https://umbrella.cisco.com/blog/2017/05/16/the-hours-of-wannacry/
FireEye WANNACRY ランサムウェアキャンペーンの 脅威の詳細とリスク対策について https://www.fireeye.jp/company/press-releases/2017/wannacry-ransomware-campaign.html
Symantec Can files locked by WannaCry be decrypted: A technical analysis https://medium.com/threat-intel/wannacry-ransomware-decryption-821c7e3f0a2b|
McAfee ランサムウェアWannaCryに関するさらなる分析 http://blogs.mcafee.jp/mcafeeblog/2017/05/wannacry-651e.html
LogRhythm A Technical Analysis of WannaCry Ransomware https://logrhythm.com/blog/a-technical-analysis-of-wannacry-ransomware/
2017/05/17(水) マクニカネットワークス マルウェア解析奮闘記 WannaCryの解析 http://blog.macnica.net/blog/2017/05/wanacry-8ff1.html
NSFOCUS Analysis Report on the WannaCry Sample http://blog.nsfocus.net/wannacry-sample-analysis-report/
2017/05/18(木) Kaspersky WannaCry:情報まとめ https://blog.kaspersky.co.jp/wannacry-faq-what-you-need-to-know-today/15594/
MBSD 「WannaCry 2.0」の内部構造を紐解く http://www.mbsd.jp/blog/20170518.html
TrendMicro ランサムウェア「WannaCry/Wcry」のワーム活動を解析:侵入/拡散手法に迫る http://blog.trendmicro.co.jp/archives/14920
SecureWorks WCry Ransomware Analysis https://www.secureworks.com/research/wcry-ransomware-analysis
2017/05/19(金) 360totalsecurity WannaCry Ransomware encrypted data recovery: Feasibility and Solution https://blog.360totalsecurity.com/en/wannacry-ransomware-data-recovery/
2017/05/22(月) SecureWorks SecureWorks、WCry ランサムウェア詳細解析レポート http://ja.community.dell.com/dell-blogs/direct2dell/b/direct2dell/archive/2017/05/22/secureworks-wcry
2017/05/23(火) FireEye WannaCry Malware Profile https://www.fireeye.com/blog/threat-research/2017/05/wannacry-malware-profile.html
2017/05/26(金) FireEye SMB Exploited: WannaCry Use of “EternalBlue” https://www.fireeye.com/blog/threat-research/2017/05/smb-exploited-wannacry-use-of-eternalblue.html
2017/05/28(日) FireEye WANNACRY マルウェアのプロファイル https://www.fireeye.jp/company/press-releases/2017/wannacry-ransomware-campaign1.html
2017/06/02(金) TrendMicro MS-17-010: EternalBlue’s Large Non-Paged Pool Overflow in SRV Drive http://blog.trendmicro.com/trendlabs-security-intelligence/ms17-010-eternalblue/
2017/06/07(水) TrendMicro 「WannaCry」を拡散させた脆弱性攻撃「EternalBlue」の仕組みを解説 http://blog.trendmicro.co.jp/archives/15154