NuGet¤«¤éÉÔ¿³¤Ê¥Ñ¥Ã¥±¡¼¥¸¡¢ÃÇÄê¤Ç¤¤º»º¶È¥¹¥Ñ¥¤¥Ä¡¼¥ë¤Î²ÄǽÀ
ReversingLabs¤Ï3·î26Æü(Êƹñ»þ´Ö)¡¢¡ÖSuspicious NuGet package grabs data from industrial systems¡×¤Ë¤ª¤¤¤Æ¡¢Microsoft¤¬Ä󶡤·¤Æ¤¤¤ë.NET Framework¤Î¥Ñ¥Ã¥±¡¼¥¸´ÉÍý¥·¥¹¥Æ¥à¡ÖNuGet¡×¤«¤éÉÔ¿³¤Ê¥Ñ¥Ã¥±¡¼¥¸¡ÖSqzrFramework480¡×¤òȯ¸«¤·¤¿¤È¤·¤Æ¡¢¤½¤Î¾ÜºÙ¤òÅÁ¤¨¤¿¡£¤³¤Î¥Ñ¥Ã¥±¡¼¥¸¤ÏÃæ¹ñ¤ÎBOZHON Precision Industry Technology¤Îµ»½Ñ¤òÍøÍѤ¹¤ë³«È¯¼Ô¤òɸŪ¤Ë¤·¤Æ¤¤¤ë¤È¤ß¤é¤ì¤Æ¤¤¤ë¡£
¡ûÉÔ¿³¤Ê¥Ñ¥Ã¥±¡¼¥¸¡ÖSqzrFramework480¡×¤ÎÀµÂÎ
ReversingLabs¤ÎÄ´ºº¤Ë¤è¤ë¤È¡¢¤³¤Î¥Ñ¥Ã¥±¡¼¥¸¤Ë¤ÏÉÔ¿³¤Ê¥Ð¥¤¥Ê¥ê¥Õ¥¡¥¤¥ë¤È¤·¤Æ¡ÖSqzrFramework480.dll¡×¤¬´Þ¤Þ¤ì¤Æ¤¤¤ë¡£¤³¤Î¥À¥¤¥Ê¥ß¥Ã¥¯¥ê¥ó¥¯¥é¥¤¥Ö¥é¥ê(DLL: Dynamic Link Library)¤Ë¤ÏÀµ¾ï¤Êµ¡Ç½¤È¤·¤ÆGUI¤Î´ÉÍý¤ª¤è¤ÓºîÀ®¡¢¥Þ¥·¥ó¥Ó¥¸¥ç¥ó¥é¥¤¥Ö¥é¥ê¤Î½é´ü²½¤ª¤è¤ÓÀßÄê¡¢¥í¥Ü¥Ã¥È¤ÎÆ°ºîÀßÄê¤Ê¤É¤Îµ¡Ç½¤ò»ý¤Ä¤È¤µ¤ì¤ë¡£
ReversingLabs¤Ï¤³¤ì¤éÀµµ¬¤Îµ¡Ç½¤Î¤Û¤«¡¢¥¹¥¯¥ê¡¼¥ó¥·¥ç¥Ã¥È¤Î¼èÆÀ¡¢ping¥Ñ¥±¥Ã¥È¤ÎÁ÷¿®¡¢ÄÌ¿®µ¡Ç½¤¬´Þ¤Þ¤ì¤Æ¤¤¤ë¤È¤·¤Æ¾Ü¤·¤¯Ê¬ÀϤ·¤Æ¤¤¤ë¡£¤½¤Î·ë²Ì¡¢¤³¤Î¥é¥¤¥Ö¥é¥ê¤Ë¤Ï¥¹¥¯¥ê¡¼¥ó¥·¥ç¥Ã¥È¤ò¼èÆÀ¤·¤Æ¤½¤Î²èÁü¥Ç¡¼¥¿¤ò¥ê¥â¡¼¥È¥µ¡¼¥Ð¤Ë1ʬ¤´¤È¤ËÁ÷¿®¤ò³¤±¤ëµ¡Ç½¤¬¤¢¤ë¤È¤µ¤ì¤ë¡£¤·¤«¤·¤Ê¤¬¤é¡¢¤³¤Îµ¡Ç½¤Ï¥é¥¤¥Ö¥é¥ê¤Î¥í¡¼¥É»þ¤Ë¤Ï¼«Æ°Åª¤Ë¼Â¹Ô¤µ¤ì¤º¡¢¥é¥¤¥Ö¥é¥ê¤ò»ÈÍѤ¹¤ë³«È¯¼Ô¤¬Init´Ø¿ô¤ò¸Æ¤Ó½Ð¤¹¤³¤È¤ÇÆ°ºî¤¹¤ë¤È¤¤¤¦¡£
¡û±Æ¶Á¤ÈÂкö
¤³¤Î¥é¥¤¥Ö¥é¥ê¤Ï¥¹¥¯¥ê¡¼¥ó¥·¥ç¥Ã¥È¤Î¼èÆÀ¤ËÆò½¤·¤Æ¤ª¤ê¡¢´Êñ¤ÊÆñÆɲ½½èÍý¤ò»Ü¤µ¤ì¤Æ¤¤¤ë¤³¤È¤«¤é»º¶È¥¹¥Ñ¥¤¥Ä¡¼¥ë¤È¤·¤ÆÇÛÉÛ¤µ¤ì¤¿²ÄǽÀ¤¬¤¢¤ë¡£¤·¤«¤·¤Ê¤¬¤é¡¢¤³¤Î¥é¥¤¥Ö¥é¥ê¤Ë¤ÏBOZHON¤ÎÀ½ÉÊ»ÅÍͤòÃΤäƤ¤¤ë³«È¯¼Ô¤Î¤ß¤¬³«È¯¤Ç¤¤ëÀµµ¬¤Îµ¡Ç½¤¬¼ÂÁõ¤µ¤ì¤Æ¤ª¤ê¡¢BOZHON¤Î½¾¶È°÷¤Þ¤¿¤Ï¤½¤Î´ØÏ¢²ñ¼Ò¤«¤éή½Ð¤·¤¿¥Ä¡¼¥ë¤Î²ÄǽÀ¤â¤¢¤ë¤È»ØŦ¤µ¤ì¤Æ¤¤¤ë¡£¤½¤Î¤¿¤á¡¢ReversingLabs¤Ï¤³¤Î¥Ñ¥Ã¥±¡¼¥¸¤¬°°Õ¤Î¤¢¤ë¤â¤Î¤Ê¤Î¤«ÃÇÄê¤Ç¤¤Ê¤¤¤È¤·¤Æ¤¤¤ë¡£
¤¤¤º¤ì¤Ë¤·¤Æ¤â¡¢¤³¤Î¥Ñ¥Ã¥±¡¼¥¸¤Î»ÈÍѤϥꥹ¥¯¤òȼ¤¦¤¿¤á¡¢³«È¯¼Ô¤Ï¥¤¥ó¥¹¥È¡¼¥ë¤·¤Ê¤¤¤³¤È¤¬¿ä¾©¤µ¤ì¤ë¡£¤Þ¤¿¡¢Æ±Íͤι¶·â¤ò²óÈò¤¹¤ë¤¿¤á¡¢¥ª¡¼¥×¥ó¥ê¥Ý¥¸¥È¥ê¤«¤éÇÛÉÛ¤µ¤ì¤ë¥é¥¤¥Ö¥é¥ê¤ò»ÈÍѤ¹¤ë¾ì¹ç¤Ï¡¢¥Ñ¥Ã¥±¡¼¥¸¤ò¥¤¥ó¥¹¥È¡¼¥ë¤¹¤ëÁ°¤ËÇÛÉۼԤο®ÍêÀ¤ò¸¡¾Ú¤·¡¢¥Ñ¥Ã¥±¡¼¥¸¤ÎÃæ¿È¤òÄ´ºº¡¢Ê¬ÀϤ·¤Æ¤«¤é³èÍѤ¹¤ë¤³¤È¤¬Ë¾¤Þ¤ì¤Æ¤¤¤ë¡£
¡ûÉÔ¿³¤Ê¥Ñ¥Ã¥±¡¼¥¸¡ÖSqzrFramework480¡×¤ÎÀµÂÎ
ReversingLabs¤ÎÄ´ºº¤Ë¤è¤ë¤È¡¢¤³¤Î¥Ñ¥Ã¥±¡¼¥¸¤Ë¤ÏÉÔ¿³¤Ê¥Ð¥¤¥Ê¥ê¥Õ¥¡¥¤¥ë¤È¤·¤Æ¡ÖSqzrFramework480.dll¡×¤¬´Þ¤Þ¤ì¤Æ¤¤¤ë¡£¤³¤Î¥À¥¤¥Ê¥ß¥Ã¥¯¥ê¥ó¥¯¥é¥¤¥Ö¥é¥ê(DLL: Dynamic Link Library)¤Ë¤ÏÀµ¾ï¤Êµ¡Ç½¤È¤·¤ÆGUI¤Î´ÉÍý¤ª¤è¤ÓºîÀ®¡¢¥Þ¥·¥ó¥Ó¥¸¥ç¥ó¥é¥¤¥Ö¥é¥ê¤Î½é´ü²½¤ª¤è¤ÓÀßÄê¡¢¥í¥Ü¥Ã¥È¤ÎÆ°ºîÀßÄê¤Ê¤É¤Îµ¡Ç½¤ò»ý¤Ä¤È¤µ¤ì¤ë¡£
ReversingLabs¤Ï¤³¤ì¤éÀµµ¬¤Îµ¡Ç½¤Î¤Û¤«¡¢¥¹¥¯¥ê¡¼¥ó¥·¥ç¥Ã¥È¤Î¼èÆÀ¡¢ping¥Ñ¥±¥Ã¥È¤ÎÁ÷¿®¡¢ÄÌ¿®µ¡Ç½¤¬´Þ¤Þ¤ì¤Æ¤¤¤ë¤È¤·¤Æ¾Ü¤·¤¯Ê¬ÀϤ·¤Æ¤¤¤ë¡£¤½¤Î·ë²Ì¡¢¤³¤Î¥é¥¤¥Ö¥é¥ê¤Ë¤Ï¥¹¥¯¥ê¡¼¥ó¥·¥ç¥Ã¥È¤ò¼èÆÀ¤·¤Æ¤½¤Î²èÁü¥Ç¡¼¥¿¤ò¥ê¥â¡¼¥È¥µ¡¼¥Ð¤Ë1ʬ¤´¤È¤ËÁ÷¿®¤ò³¤±¤ëµ¡Ç½¤¬¤¢¤ë¤È¤µ¤ì¤ë¡£¤·¤«¤·¤Ê¤¬¤é¡¢¤³¤Îµ¡Ç½¤Ï¥é¥¤¥Ö¥é¥ê¤Î¥í¡¼¥É»þ¤Ë¤Ï¼«Æ°Åª¤Ë¼Â¹Ô¤µ¤ì¤º¡¢¥é¥¤¥Ö¥é¥ê¤ò»ÈÍѤ¹¤ë³«È¯¼Ô¤¬Init´Ø¿ô¤ò¸Æ¤Ó½Ð¤¹¤³¤È¤ÇÆ°ºî¤¹¤ë¤È¤¤¤¦¡£
¡û±Æ¶Á¤ÈÂкö
¤³¤Î¥é¥¤¥Ö¥é¥ê¤Ï¥¹¥¯¥ê¡¼¥ó¥·¥ç¥Ã¥È¤Î¼èÆÀ¤ËÆò½¤·¤Æ¤ª¤ê¡¢´Êñ¤ÊÆñÆɲ½½èÍý¤ò»Ü¤µ¤ì¤Æ¤¤¤ë¤³¤È¤«¤é»º¶È¥¹¥Ñ¥¤¥Ä¡¼¥ë¤È¤·¤ÆÇÛÉÛ¤µ¤ì¤¿²ÄǽÀ¤¬¤¢¤ë¡£¤·¤«¤·¤Ê¤¬¤é¡¢¤³¤Î¥é¥¤¥Ö¥é¥ê¤Ë¤ÏBOZHON¤ÎÀ½ÉÊ»ÅÍͤòÃΤäƤ¤¤ë³«È¯¼Ô¤Î¤ß¤¬³«È¯¤Ç¤¤ëÀµµ¬¤Îµ¡Ç½¤¬¼ÂÁõ¤µ¤ì¤Æ¤ª¤ê¡¢BOZHON¤Î½¾¶È°÷¤Þ¤¿¤Ï¤½¤Î´ØÏ¢²ñ¼Ò¤«¤éή½Ð¤·¤¿¥Ä¡¼¥ë¤Î²ÄǽÀ¤â¤¢¤ë¤È»ØŦ¤µ¤ì¤Æ¤¤¤ë¡£¤½¤Î¤¿¤á¡¢ReversingLabs¤Ï¤³¤Î¥Ñ¥Ã¥±¡¼¥¸¤¬°°Õ¤Î¤¢¤ë¤â¤Î¤Ê¤Î¤«ÃÇÄê¤Ç¤¤Ê¤¤¤È¤·¤Æ¤¤¤ë¡£
¤¤¤º¤ì¤Ë¤·¤Æ¤â¡¢¤³¤Î¥Ñ¥Ã¥±¡¼¥¸¤Î»ÈÍѤϥꥹ¥¯¤òȼ¤¦¤¿¤á¡¢³«È¯¼Ô¤Ï¥¤¥ó¥¹¥È¡¼¥ë¤·¤Ê¤¤¤³¤È¤¬¿ä¾©¤µ¤ì¤ë¡£¤Þ¤¿¡¢Æ±Íͤι¶·â¤ò²óÈò¤¹¤ë¤¿¤á¡¢¥ª¡¼¥×¥ó¥ê¥Ý¥¸¥È¥ê¤«¤éÇÛÉÛ¤µ¤ì¤ë¥é¥¤¥Ö¥é¥ê¤ò»ÈÍѤ¹¤ë¾ì¹ç¤Ï¡¢¥Ñ¥Ã¥±¡¼¥¸¤ò¥¤¥ó¥¹¥È¡¼¥ë¤¹¤ëÁ°¤ËÇÛÉۼԤο®ÍêÀ¤ò¸¡¾Ú¤·¡¢¥Ñ¥Ã¥±¡¼¥¸¤ÎÃæ¿È¤òÄ´ºº¡¢Ê¬ÀϤ·¤Æ¤«¤é³èÍѤ¹¤ë¤³¤È¤¬Ë¾¤Þ¤ì¤Æ¤¤¤ë¡£
