{"id":106168,"date":"2016-04-08T09:50:16","date_gmt":"2016-04-08T16:50:16","guid":{"rendered":"https:\/\/unit42.paloaltonetworks.com\/?p=106168"},"modified":"2020-04-08T19:56:39","modified_gmt":"2020-04-09T02:56:39","slug":"unit42-ransomware-locky-teslacrypt-other-malware-families-use-new-tool-to-evade-detection","status":"publish","type":"post","link":"https:\/\/unit42.paloaltonetworks.com\/ja\/unit42-ransomware-locky-teslacrypt-other-malware-families-use-new-tool-to-evade-detection\/","title":{"rendered":"\u30e9\u30f3\u30b5\u30e0\u30a6\u30a7\u30a2: Locky\u3001TeslaCrypt\u306a\u3069\u306e\u30de\u30eb\u30a6\u30a7\u30a2 \u30d5\u30a1\u30df\u30ea\u304c\u65b0\u305f\u306a\u30c4\u30fc\u30eb\u3092\u4f7f\u3063\u3066\u691c\u51fa\u3092\u56de\u907f"},"content":{"rendered":"<h2>\u6982\u8981<\/h2>\n<p>Palo Alto Networks\u306e\u8105\u5a01\u30a4\u30f3\u30c6\u30ea\u30b8\u30a7\u30f3\u30b9\u30c1\u30fc\u30e0Unit 42\u306f\u672c\u65e5\u3001Locky\u306b\u95a2\u9023\u3059\u308b\u4e00\u9023\u306e\u30e9\u30f3\u30b5\u30e0\u30a6\u30a7\u30a2\u304c\u3001\u65b0\u305f\u306a\u624b\u6cd5\u3092\u4f7f\u3063\u3066\u80fd\u52d5\u7684\u306b\u691c\u51fa\u3092\u56de\u907f\u3057\u3001\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u3078\u306e\u611f\u67d3\u3092\u8a66\u307f\u3066\u3044\u308b\u3053\u3068\u3092\u7a81\u304d\u6b62\u3081\u307e\u3057\u305f\u3002Unit 42\u306f\u3001\u8105\u5a01\u30a4\u30f3\u30c6\u30ea\u30b8\u30a7\u30f3\u30b9 \u30b5\u30fc\u30d3\u30b9\u300cAutoFocus\u300d\u3092\u4f7f\u7528\u3057\u3066Locky\u306e\u52d5\u4f5c\u306e\u7d30\u304b\u306a\u5909\u5316\u3092\u7279\u5b9a\u3057\u3001\u30b0\u30ed\u30fc\u30d0\u30eb \u30c7\u30fc\u30bf\u3092\u76f8\u4e92\u306b\u95a2\u9023\u4ed8\u3051\u308b\u3053\u3068\u3067\u3001\u8907\u6570\u306e\u30e9\u30f3\u30b5\u30e0\u30a6\u30a7\u30a2 \u30d5\u30a1\u30df\u30ea\u3092\u30d1\u30c3\u30af\u5316\u3059\u308b\u305f\u3081\u306b\u4f7f\u308f\u308c\u3066\u3044\u308b\u65b0\u3057\u3044\u624b\u6cd5\u3092\u767a\u898b\u3057\u307e\u3057\u305f\u3002\u653b\u6483\u8005\u306f\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5236\u5fa1\u3092\u8fc2\u56de\u3059\u308b\u65b0\u3057\u3044\u624b\u6cd5\u3092\u7d76\u3048\u305a\u6a21\u7d22\u3057\u3066\u304a\u308a\u3001AutoFocus\u304b\u3089\u306e\u30c7\u30fc\u30bf\u3092\u898b\u3066\u53d6\u308b\u306b\u3001\u30b9\u30d1\u30a4\u6280\u8853\u304c\u5e83\u7bc4\u56f2\u3067\u9032\u5316\u3057\u3066\u3044\u308b\u3053\u3068\u3092\u8868\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>Locky\u306f\u30012016\u5e742\u6708\u521d\u65ec\u4ee5\u964d\u767b\u5834\u3057\u305f\u65b0\u3057\u3044\u30e9\u30f3\u30b5\u30e0\u30a6\u30a7\u30a2\u3067\u3059\u3002\u30b0\u30ed\u30fc\u30d0\u30eb\u3067\u306f\u30011500\u4ee5\u4e0a\u306e\u4e9c\u7a2e\u3092\u78ba\u8a8d\u3057\u300182\u4e07\u56de\u4ee5\u4e0a\u306e\u30bb\u30c3\u30b7\u30e7\u30f3\u3092\u78ba\u8a8d\u3057\u3066\u3044\u307e\u3059\u3002\u65e5\u672c\u3067\u30826000\u4ee5\u4e0a\u306e\u30bb\u30c3\u30b7\u30e7\u30f3\u304c\u78ba\u8a8d\u3055\u308c\u3066\u3044\u307e\u3059\u3002\u4e3b\u306b\u30bf\u30fc\u30b2\u30c3\u30c8\u3068\u306a\u3063\u3066\u3044\u308b\u306e\u306f\u7c73\u56fd\u3067\u3059\u304c\u3001\u4e16\u754c\u4e2d\u3067\u5e45\u5e83\u304f\u767a\u898b\u3055\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n<div>\n<figure style=\"width: 900px\" class=\"wp-caption aligncenter\"><img  data-src=\"https:\/\/www.paloaltonetworks.jp\/content\/dam\/paloaltonetworks-com\/ja_JP\/Images\/blog\/0411-0.png\" alt=\"(Locky\u306e\u767a\u898b\u5206\u5e03\u56f3)\" width=\"900\" height=\"448\" \/><figcaption class=\"wp-caption-text\">(Locky\u306e\u767a\u898b\u5206\u5e03\u56f3)<\/figcaption><\/figure>\n<\/div>\n<p>\u5206\u6790\u6642\u306b\u306f\u3001\u30de\u30eb\u30a6\u30a7\u30a2\u306e\u8907\u6570\u306e\u30b5\u30f3\u30d7\u30eb\u306b\u3001\u96a0\u853d\u3055\u308c\u305fAPI\u3092\u547c\u3073\u51fa\u3059\u3088\u3046\u306a\u30b3\u30fc\u30c9\u304c\u3042\u3063\u305f\u3053\u3068\u304c\u76ee\u3092\u5f15\u304d\u307e\u3059\u3002\u3053\u308c\u3089\u306f\u3001\u57cb\u3081\u8fbc\u307e\u308c\u305f\u5358\u8a9e\u306e\u8f9e\u66f8\u304b\u3089\u751f\u6210\u3055\u308c\u3001\u30b7\u30b9\u30c6\u30e0\u95a2\u6570\u3092\u89e3\u6c7a\u3057\u3001\u4e00\u822c\u7684\u306a\u9759\u7684\u5206\u6790\u30c4\u30fc\u30eb\u304b\u3089\u771f\u306e\u6a5f\u80fd\u3092\u96a0\u3059\u305f\u3081\u306e\u3082\u306e\u306e\u3088\u3046\u3067\u3059\u3002<\/p>\n<div>\n<figure style=\"width: 406px\" class=\"wp-caption aligncenter\"><img  data-src=\"https:\/\/www.paloaltonetworks.jp\/content\/dam\/paloaltonetworks-com\/ja_JP\/Images\/blog\/Locky_Word-of-the-Day-1.png\" alt=\"(API\u547c\u3073\u51fa\u3057\u306b\u6e21\u3055\u308c\u308b\u5947\u5999\u306a\u540d\u524d\u306e\u5909\u6570)\" width=\"406\" height=\"268\" \/><figcaption class=\"wp-caption-text\">(API\u547c\u3073\u51fa\u3057\u306b\u6e21\u3055\u308c\u308b\u5947\u5999\u306a\u540d\u524d\u306e\u5909\u6570)<\/figcaption><\/figure>\n<\/div>\n<p>API\u547c\u3073\u51fa\u3057\u306b\u7d30\u5de5\u3092\u52a0\u3048\u308b\u3053\u3068\u3067\u3001\u30ad\u30fc\u540d\u306b\u57fa\u3065\u3044\u305f\u5206\u985e\u304c\u6a5f\u80fd\u3057\u306a\u304f\u306a\u308a\u3001\u305d\u306e\u7d50\u679c\u30de\u30eb\u30a6\u30a7\u30a2\u304c\u691c\u51fa\u3055\u308c\u306a\u3044\u78ba\u7387\u304c\u4e0a\u304c\u308a\u307e\u3059\u3002\u3057\u304b\u3057\u8a71\u306f\u3053\u3053\u304b\u3089\u9762\u767d\u304f\u306a\u308a\u307e\u3059\u3002\u306a\u305c\u306a\u3089\u3001\u30a2\u30ca\u30ea\u30b9\u30c8\u306e\u76ee\u3092\u6b3a\u3053\u3046\u3068\u4ed5\u639b\u3051\u3089\u308c\u305f\u4e00\u9023\u306e\u507d\u306e\u6307\u793a\u306e\u4e2d\u3067\u3001\u3053\u308c\u306f\u5358\u306b\u6700\u521d\u306e\u3082\u306e\u306b\u904e\u304e\u306a\u3044\u3088\u3046\u3060\u304b\u3089\u3067\u3059\u3002<\/p>\n<p>\u65b0\u3057\u3044\u30b5\u30f3\u30d7\u30eb\u3092\u898b\u308b\u3068\u3001\u5b9f\u884c\u6642\u306b\u30e9\u30a4\u30d6\u30e9\u30ea\u306b\u30ed\u30fc\u30c9\u3055\u308c\u308b\u30a4\u30f3\u30dd\u30fc\u30c8 \u30c6\u30fc\u30d6\u30eb\u306f\u5927\u304d\u304f\u9055\u3063\u3066\u3044\u3066\u3001\u5b9f\u969b\u306b\u306f\u5b9f\u884c\u6642\u306b\u307e\u3063\u305f\u304f\u4f7f\u7528\u3055\u308c\u3066\u3044\u307e\u305b\u3093\u3002\u3053\u306e\u305f\u3081\u3001\u30a4\u30f3\u30dd\u30fc\u30c8 \u30cf\u30c3\u30b7\u30e5\u306b\u3088\u308b\u3044\u304b\u306a\u308b\u7a2e\u985e\u306e\u6709\u610f\u7fa9\u306a\u691c\u51fa\u3082\u3067\u304d\u306a\u304f\u306a\u3063\u3066\u3044\u307e\u3059\u3002\u3055\u3089\u306b\u3001\u5b9f\u884c\u30d5\u30a1\u30a4\u30eb\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u60c5\u5831\u3092\u898b\u308b\u3068\u3001\u60c5\u5831\u306f\u30b5\u30f3\u30d7\u30eb\u3054\u3068\u306b\u9055\u3044\u304c\u3042\u308b\u3082\u306e\u306e\u3001\u4eca\u5f8c\u306e\u8b58\u5225\u306b\u5229\u7528\u3067\u304d\u305d\u3046\u306a\u660e\u78ba\u306a\u30d1\u30bf\u30fc\u30f3\u304c\u3042\u308b\u3053\u3068\u304c\u308f\u304b\u308a\u307e\u3059\u3002<\/p>\n<table border=\"0\" width=\"400\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td valign=\"bottom\" width=\"143\">LegalCopyright<\/td>\n<td valign=\"bottom\" width=\"141\">Copyright \\xa9 2017<\/td>\n<\/tr>\n<tr>\n<td valign=\"bottom\" width=\"143\">InternalName<\/td>\n<td valign=\"bottom\" width=\"141\">Phoneticist<\/td>\n<\/tr>\n<tr>\n<td valign=\"bottom\" width=\"143\">FileVersion<\/td>\n<td valign=\"bottom\" width=\"141\">218, 158, 104, 112<\/td>\n<\/tr>\n<tr>\n<td valign=\"bottom\" width=\"143\">CompanyName<\/td>\n<td valign=\"bottom\" width=\"141\">Cyber Power Systems Inc.<\/td>\n<\/tr>\n<tr>\n<td valign=\"bottom\" width=\"143\">ProductName<\/td>\n<td valign=\"bottom\" width=\"141\">Nesting Punk<\/td>\n<\/tr>\n<tr>\n<td valign=\"bottom\" width=\"143\">ProductVersion<\/td>\n<td valign=\"bottom\" width=\"141\">221, 202, 46, 180<\/td>\n<\/tr>\n<tr>\n<td valign=\"bottom\" width=\"143\">FileDescription<\/td>\n<td valign=\"bottom\" width=\"141\">Skittles<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<table border=\"0\" width=\"400\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td valign=\"bottom\" width=\"147\">LegalCopyright<\/td>\n<td valign=\"bottom\" width=\"147\">Copyright \\xa9 2015<\/td>\n<\/tr>\n<tr>\n<td valign=\"bottom\" width=\"147\">InternalName<\/td>\n<td valign=\"bottom\" width=\"147\">Grated<\/td>\n<\/tr>\n<tr>\n<td valign=\"bottom\" width=\"147\">FileVersion<\/td>\n<td valign=\"bottom\" width=\"147\">82, 233, 256, 103<\/td>\n<\/tr>\n<tr>\n<td valign=\"bottom\" width=\"147\">CompanyName<\/td>\n<td valign=\"bottom\" width=\"147\">SafeNet Inc.<\/td>\n<\/tr>\n<tr>\n<td valign=\"bottom\" width=\"147\">ProductName<\/td>\n<td valign=\"bottom\" width=\"147\">Geomagnetic Espadrilles<\/td>\n<\/tr>\n<tr>\n<td valign=\"bottom\" width=\"147\">ProductVersion<\/td>\n<td valign=\"bottom\" width=\"147\">176, 194, 91, 229<\/td>\n<\/tr>\n<tr>\n<td valign=\"bottom\" width=\"147\">FileDescription<\/td>\n<td valign=\"bottom\" width=\"147\">Connectivity<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>\u57cb\u3081\u8fbc\u307f\u6587\u5b57\u5217\u306f\u30de\u30eb\u30a6\u30a7\u30a2\u306e\u30b5\u30f3\u30d7\u30eb\u3054\u3068\u306b\u7570\u306a\u3063\u3066\u304a\u308a\u3001\u4f7f\u308f\u308c\u3066\u3044\u308b\u3082\u306e\u3082\u3001\u4f7f\u308f\u308c\u3066\u3044\u306a\u3044\u3082\u306e\u3082\u3042\u308a\u307e\u3057\u305f\u3002<\/p>\n<div>\n<figure style=\"width: 975px\" class=\"wp-caption aligncenter\"><img  data-src=\"https:\/\/www.paloaltonetworks.jp\/content\/dam\/paloaltonetworks-com\/ja_JP\/Images\/blog\/Locky_Word-of-the-Day-2.png\" alt=\"(\u5358\u8a9e\u30ea\u30b9\u30c8)\" width=\"975\" height=\"505\" \/><figcaption class=\"wp-caption-text\">(\u5358\u8a9e\u30ea\u30b9\u30c8)<\/figcaption><\/figure>\n<\/div>\n<p>\u3055\u3089\u306b\u7d30\u304b\u304f\u8abf\u67fb\u3057\u305f\u3068\u3053\u308d\u3001\u4f5c\u6210\u8005\u306f\u3001\u5206\u6790\u3092\u56f0\u96e3\u306b\u3057\u3088\u3046\u3068\u3001\u5927\u91cf\u306e\u5358\u8a9e\u3092\u4f7f\u3063\u3066\u30ce\u30a4\u30ba\u3084\u7121\u610f\u5473\u306a\u547d\u4ee4\u3092\u751f\u6210\u3057\u3066\u3044\u308b\u3088\u3046\u3067\u3059\u3002\u4e0b\u306e\u56f3\u3067\u8d64\u304f\u5f37\u8abf\u8868\u793a\u3055\u308c\u305f\u90e8\u5206\u304b\u3089\u3001\u3053\u306e\u30b5\u30f3\u30d7\u30eb\u306f\u5b9f\u969b\u306e\u5c55\u958b\u51e6\u7406\u3092\u958b\u59cb\u3057\u3001PEB\u69cb\u9020\u4f53\u3092\u4f7f\u3063\u3066kernel32.dll\u306e\u30d9\u30fc\u30b9 \u30a2\u30c9\u30ec\u30b9\u3092\u7279\u5b9a\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<div>\n<figure style=\"width: 938px\" class=\"wp-caption aligncenter\"><img  data-src=\"https:\/\/www.paloaltonetworks.jp\/content\/dam\/paloaltonetworks-com\/ja_JP\/Images\/blog\/Locky_Word-of-the-Day-3.png\" alt=\"(PEB\u306e\u4f7f\u7528\u958b\u59cb)\" width=\"938\" height=\"349\" \/><figcaption class=\"wp-caption-text\">(PEB\u306e\u4f7f\u7528\u958b\u59cb)<\/figcaption><\/figure>\n<\/div>\n<p>\u3053\u308c\u306f\u3001\u5b9f\u884c\u3055\u308c\u308b\u305f\u3073\u306bDWORD\u30921\u3064\u5897\u3084\u3057\u3001\u6700\u7d42\u7684\u306b\u306fXOR\u6f14\u7b97\u3057\u305f\u5024\u30920x958B9963\u306b\u5bfe\u3057\u3066\u6bd4\u8f03\u3057\u3001kernel32.dll\u304c\u898b\u3064\u304b\u3063\u305f\u304b\u3069\u3046\u304b\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002<\/p>\n<div>\n<figure style=\"width: 975px\" class=\"wp-caption aligncenter\"><img  data-src=\"https:\/\/www.paloaltonetworks.jp\/content\/dam\/paloaltonetworks-com\/ja_JP\/Images\/blog\/Locky_Word-of-the-Day-4.png\" alt=\"(\u76ee\u7684\u306e\u30bf\u30fc\u30b2\u30c3\u30c8DLL\u3092\u691c\u51fa\u3059\u308b\u3068\u3001\u305d\u308c\u3092\u30ec\u30b8\u30b9\u30bf\u306b\u4fdd\u5b58\u3059\u308b)\" width=\"975\" height=\"187\" \/><figcaption class=\"wp-caption-text\">(\u76ee\u7684\u306e\u30bf\u30fc\u30b2\u30c3\u30c8DLL\u3092\u691c\u51fa\u3059\u308b\u3068\u3001\u305d\u308c\u3092\u30ec\u30b8\u30b9\u30bf\u306b\u4fdd\u5b58\u3059\u308b)<\/figcaption><\/figure>\n<\/div>\n<p>\u3053\u308c\u3067\u3001kernel32.dll\u306e\u57fa\u672c\u30a2\u30c9\u30ec\u30b9\u3092\u4fdd\u6301\u3057\u3001\u95a2\u6570\u306e\u5217\u6319\u3092\u958b\u59cb\u3057\u307e\u3059\u3002\u3053\u306e\u30d7\u30ed\u30bb\u30b9\u306e\u9593\u3001\u30b9\u30bf\u30c3\u30af\u4e0a\u3067\u7d99\u7d9a\u7684\u306b\u5909\u6570\u3092\u5909\u66f4\u3057\u3001\u76ee\u7684\u3068\u306f\u9055\u3046\u65b9\u5411\u3078\u3055\u3089\u306b\u5c0e\u304d\u307e\u3059\u3002<\/p>\n<div>\n<figure style=\"width: 975px\" class=\"wp-caption aligncenter\"><img  data-src=\"https:\/\/www.paloaltonetworks.jp\/content\/dam\/paloaltonetworks-com\/ja_JP\/Images\/blog\/Locky_Word-of-the-Day-5.png\" alt=\"(\u95a2\u6570\u306e\u7e70\u308a\u8fd4\u3057)\" width=\"975\" height=\"388\" \/><figcaption class=\"wp-caption-text\">(\u95a2\u6570\u306e\u7e70\u308a\u8fd4\u3057)<\/figcaption><\/figure>\n<\/div>\n<div>\n<figure style=\"width: 807px\" class=\"wp-caption aligncenter\"><img  data-src=\"https:\/\/www.paloaltonetworks.jp\/content\/dam\/paloaltonetworks-com\/ja_JP\/Images\/blog\/Locky_Word-of-the-Day-6.png\" alt=\"(\u30bf\u30fc\u30b2\u30c3\u30c8\u306e\u691c\u51fa)\" width=\"807\" height=\"574\" \/><figcaption class=\"wp-caption-text\">(\u30bf\u30fc\u30b2\u30c3\u30c8\u306e\u691c\u51fa)<\/figcaption><\/figure>\n<\/div>\n<p>kernel32\u5185\u306eVirtualAlloc\u95a2\u6570\u306e\u4f4d\u7f6e\u3092\u7279\u5b9a\u3059\u308b\u3068\u3001\u30ce\u30a4\u30ba\u5185\u306b\u96a0\u308c\u3066\u8a66\u884c\u3092\u7d99\u7d9a\u3057\u306a\u304c\u3089\u3001\u30b9\u30bf\u30c3\u30af\u3067\u547c\u3073\u51fa\u3057\u3059\u308b\u305f\u3081\u306b\u5fc5\u8981\u306a\u5909\u6570\u3092\u914d\u7f6e\u3057\u59cb\u3081\u307e\u3059\u3002\u6b21\u306b\u793a\u3059\u3068\u304a\u308a\u3001\u30b9\u30bf\u30c3\u30af\u304c\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u3055\u308c\u308b\u3068\u3001VirtualAlloc\u3078\u306e\u30c0\u30a4\u30ec\u30af\u30c8JMP\u3092\u5b9f\u884c\u3057\u3001\u6700\u7d42\u7684\u306b2\u3064\u306e\u30c7\u30b3\u30fc\u30c9 \u30eb\u30fc\u30c1\u30f3\u306b\u5c0e\u304f\u30ea\u30bf\u30fc\u30f3 \u30a2\u30c9\u30ec\u30b9\u3092\u63d0\u4f9b\u3057\u307e\u3059\u3002<\/p>\n<div>\n<figure style=\"width: 844px\" class=\"wp-caption aligncenter\"><img  data-src=\"https:\/\/www.paloaltonetworks.jp\/content\/dam\/paloaltonetworks-com\/ja_JP\/Images\/blog\/Locky_Word-of-the-Day-7.png\" alt=\"(VirtualAlloc\u3078JMP\u3057\u3066\u30a8\u30f3\u30b3\u30fc\u30c9\u3055\u308c\u305f\u30c7\u30fc\u30bf\u7528\u306e\u30b9\u30da\u30fc\u30b9\u3092\u5272\u308a\u5f53\u3066\u308b)\" width=\"844\" height=\"451\" \/><figcaption class=\"wp-caption-text\">(VirtualAlloc\u3078JMP\u3057\u3066\u30a8\u30f3\u30b3\u30fc\u30c9\u3055\u308c\u305f\u30c7\u30fc\u30bf\u7528\u306e\u30b9\u30da\u30fc\u30b9\u3092\u5272\u308a\u5f53\u3066\u308b)<\/figcaption><\/figure>\n<\/div>\n<div>\n<figure style=\"width: 769px\" class=\"wp-caption aligncenter\"><img  data-src=\"https:\/\/www.paloaltonetworks.jp\/content\/dam\/paloaltonetworks-com\/ja_JP\/Images\/blog\/Locky_Word-of-the-Day-8.png\" alt=\"(\u5272\u308a\u5f53\u3066\u305f\u30b9\u30da\u30fc\u30b9\u306b\u30c7\u30fc\u30bf\u3092\u30c7\u30b3\u30fc\u30c9\u3059\u308b)\" width=\"769\" height=\"853\" \/><figcaption class=\"wp-caption-text\">(\u5272\u308a\u5f53\u3066\u305f\u30b9\u30da\u30fc\u30b9\u306b\u30c7\u30fc\u30bf\u3092\u30c7\u30b3\u30fc\u30c9\u3059\u308b)<\/figcaption><\/figure>\n<\/div>\n<p>\u3053\u306e\u6bb5\u968e\u304c\u7d42\u4e86\u3059\u308b\u3068\u3001\u30de\u30eb\u30a6\u30a7\u30a2\u306f\u65b0\u305f\u306b\u30c7\u30b3\u30fc\u30c9\u3055\u308c\u305f\u30c7\u30fc\u30bf\u306b\u5b9f\u884c\u3092\u79fb\u3057\u3001\u8907\u6570\u56de\u306e\u7e70\u308a\u8fd4\u3057\u3092\u901a\u3058\u3066\u7d99\u7d9a\u7684\u306b\u81ea\u8eab\u3092\u5909\u66f4\u3057\u307e\u3059\u3002<\/p>\n<div>\n<figure style=\"width: 621px\" class=\"wp-caption aligncenter\"><img  data-src=\"https:\/\/www.paloaltonetworks.jp\/content\/dam\/paloaltonetworks-com\/ja_JP\/Images\/blog\/Locky_Word-of-the-Day-9.png\" alt=\"(\u5b9f\u884c\u6642\u306b\u30b3\u30fc\u30c9\u3092\u81ea\u5df1\u6539\u5909\u3059\u308b)\" width=\"621\" height=\"318\" \/><figcaption class=\"wp-caption-text\">(\u5b9f\u884c\u6642\u306b\u30b3\u30fc\u30c9\u3092\u81ea\u5df1\u6539\u5909\u3059\u308b)<\/figcaption><\/figure>\n<\/div>\n<p>\u3053\u306e\u8a18\u4e8b\u306e\u5192\u982d\u3067\u898b\u305f\u3068\u304a\u308a\u3001API\u547c\u3073\u51fa\u3057\u306b\u6e21\u3055\u308c\u305f\u7570\u5e38\u306a\u5f15\u6570\u304c\u3001\u5909\u66f4\u3055\u308c\u305f\u3082\u306e\u306e\u6700\u521d\u306e\u624b\u639b\u304b\u308a\u3068\u306a\u308a\u307e\u3057\u305f\u3002\u3053\u306e\u6bb5\u968e\u3067\u306f\u3001\u30d3\u30b8\u30cd\u30b9\u304c\u518d\u3073\u4e2d\u65ad\u3055\u308c\u308b\u524d\u306b\u3001\u6b21\u306e\u4e00\u9023\u306e\u507d\u88c5\u5de5\u4f5c\u3078\u306e\u81ea\u5df1\u6539\u5909\u3092\u8ffd\u8de1\u3067\u304d\u307e\u3059\u3002<\/p>\n<div>\n<figure style=\"width: 638px\" class=\"wp-caption aligncenter\"><img  data-src=\"https:\/\/www.paloaltonetworks.jp\/content\/dam\/paloaltonetworks-com\/ja_JP\/Images\/blog\/Locky_Word-of-the-Day-10.png\" alt=\"(\u30b3\u30fc\u30c9\u306f\u65b0\u3057\u3044\u30aa\u30d5\u30bb\u30c3\u30c8\u3078\u306eJMP\u3092\u7d99\u7d9a\u3057\u3001\u305d\u308c\u4ee5\u964d\u306e\u3059\u3079\u3066\u306e\u547d\u4ee4\u3092\u5909\u66f4\u3059\u308b)\" width=\"638\" height=\"188\" \/><figcaption class=\"wp-caption-text\">(\u30b3\u30fc\u30c9\u306f\u65b0\u3057\u3044\u30aa\u30d5\u30bb\u30c3\u30c8\u3078\u306eJMP\u3092\u7d99\u7d9a\u3057\u3001\u305d\u308c\u4ee5\u964d\u306e\u3059\u3079\u3066\u306e\u547d\u4ee4\u3092\u5909\u66f4\u3059\u308b)<\/figcaption><\/figure>\n<\/div>\n<div>\n<figure style=\"width: 619px\" class=\"wp-caption aligncenter\"><img  data-src=\"https:\/\/www.paloaltonetworks.jp\/content\/dam\/paloaltonetworks-com\/ja_JP\/Images\/blog\/Locky_Word-of-the-Day-11.png\" alt=\"(1\u3064\u306e\u5b9f\u969b\u306e\u547d\u4ee4\u306e\u4e2d\u306b\u5965\u6df1\u304f\u96a0\u308c\u306a\u304c\u3089\u6b21\u3005\u3068JMP\u3059\u308b)\" width=\"619\" height=\"207\" \/><figcaption class=\"wp-caption-text\">(1\u3064\u306e\u5b9f\u969b\u306e\u547d\u4ee4\u306e\u4e2d\u306b\u5965\u6df1\u304f\u96a0\u308c\u306a\u304c\u3089\u6b21\u3005\u3068JMP\u3059\u308b)<\/figcaption><\/figure>\n<\/div>\n<p>\u3053\u308c\u306b\u3088\u308a\u6700\u7d42\u7684\u306b\u3001\u30de\u30c3\u30d7\u3055\u308c\u306a\u3044\u67b6\u7a7a\u306e\u540d\u524d\u3092\u6301\u3064LoadLibraryA\u306e\u547c\u3073\u51fa\u3057\u306b\u3064\u306a\u304c\u308a\u307e\u3059\u3002\u547c\u3073\u51fa\u3057\u306f\u6700\u5f8c\u306b\u5931\u6557\u3057\u3001\u7121\u610f\u5473\u3060\u304c\u52b9\u679c\u7684\u306b\u6df7\u4e71\u3092\u62db\u304fNULL\u7d50\u679c\u3092\u8fd4\u3057\u307e\u3059\u3002<\/p>\n<div>\n<figure style=\"width: 618px\" class=\"wp-caption aligncenter\"><img  data-src=\"https:\/\/www.paloaltonetworks.jp\/content\/dam\/paloaltonetworks-com\/ja_JP\/Images\/blog\/Locky_Word-of-the-Day-12.png\" alt=\"(\u3088\u308a\u5de7\u5999\u306a\u507d\u88c5\u5de5\u4f5c)\" width=\"618\" height=\"41\" \/><figcaption class=\"wp-caption-text\">(\u3088\u308a\u5de7\u5999\u306a\u507d\u88c5\u5de5\u4f5c)<\/figcaption><\/figure>\n<\/div>\n<p>\u3053\u306e\u3059\u3079\u3066\u304c\u5b8c\u4e86\u3059\u308b\u3068\u3001\u4e0a\u8a18\u306e\u30d7\u30ed\u30bb\u30b9\u3068\u540c\u69d8\u306b\u3001\u5225\u306e\u30e1\u30e2\u30ea\u9818\u57df\u3092\u5272\u308a\u5f53\u3066\u3001\u305d\u306e\u4e0a\u306b\u5b9f\u969b\u306e\u30de\u30eb\u30a6\u30a7\u30a2\u3092\u30b3\u30d4\u30fc\u3057\u3066\u30c7\u30b3\u30fc\u30c9\u3057\u307e\u3059\u3002<\/p>\n<div>\n<figure style=\"width: 619px\" class=\"wp-caption aligncenter\"><img  data-src=\"https:\/\/www.paloaltonetworks.jp\/content\/dam\/paloaltonetworks-com\/ja_JP\/Images\/blog\/Locky_Word-of-the-Day-13.png\" alt=\"(\u30d1\u30c3\u30ab\u30fc\u306e\u6700\u7d42\u30da\u30a4\u30ed\u30fc\u30c9)\" width=\"619\" height=\"656\" \/><figcaption class=\"wp-caption-text\">(\u30d1\u30c3\u30ab\u30fc\u306e\u6700\u7d42\u30da\u30a4\u30ed\u30fc\u30c9)<\/figcaption><\/figure>\n<\/div>\n<p>\u79c1\u305f\u3061\u306f\u3001\u30da\u30a4\u30ed\u30fc\u30c9\u3092\u62bd\u51fa\u3057\u305f\u3068\u304d\u306b\u3001\u305d\u308c\u304c\u78ba\u304b\u306bLocky\u3067\u3042\u308b\u3053\u3068\u3092\u691c\u8a3c\u3057\u3001\u5b9f\u969b\u306b\u691c\u51fa\u3067\u304d\u307e\u3057\u305f\u3002<\/p>\n<div>\n<p><img  class=\"aligncenter lozad\"  data-src=\"https:\/\/www.paloaltonetworks.jp\/content\/dam\/paloaltonetworks-com\/ja_JP\/Images\/blog\/Locky_Word-of-the-Day-14.png\" \/><\/p>\n<\/div>\n<p>Palo Alto Networks\u306f\u3001Locky\u30e9\u30f3\u30b5\u30e0\u30a6\u30a7\u30a2\u306b\u3088\u3063\u3066\u6700\u8fd1\u53d6\u308a\u5165\u308c\u3089\u308c\u305f\u3053\u306e\u624b\u6cd5\u3092\u8b58\u5225\u3057\u307e\u3057\u305f\u304c\u3001\u305d\u306e\u624b\u6cd5\u3092\u793a\u3059TeslaCrypt\u304a\u3088\u3073Andromeda\u30de\u30eb\u30a6\u30a7\u30a2\u30d5\u30a1\u30df\u30ea\u306e\u30b5\u30f3\u30d7\u30eb\u30822016\u5e743\u670814\u65e5\u306b\u8b58\u5225\u3057\u3066\u3044\u307e\u3059\u3002\u3053\u306e\u96a0\u853d\u306f\u3001WildFire\u30b5\u30fc\u30d3\u30b9\u306b\u3088\u308b\u9759\u7684\u5206\u6790\u3068\u7d44\u307f\u5408\u308f\u305b\u3066\u4f7f\u7528\u3055\u308c\u308b\u52d5\u7684\u5206\u6790\u306b\u3088\u3063\u3066\u691c\u51fa\u3067\u304d\u3001Palo Alto Networks\u306e\u304a\u5ba2\u69d8\u306f\u3053\u306e\u8105\u5a01\u304b\u3089\u4fdd\u8b77\u3055\u308c\u3066\u3044\u308b\u70b9\u3092\u7406\u89e3\u3059\u308b\u3053\u3068\u304c\u91cd\u8981\u3067\u3059\u3002<\/p>\n<p>WildFire\u306f\u3001\u3053\u306e\u8a18\u4e8b\u3067\u8aac\u660e\u3057\u305f\u8907\u6570\u306e\u30de\u30eb\u30a6\u30a7\u30a2 \u30d5\u30a1\u30df\u30ea\u3067\u5229\u7528\u3055\u308c\u3066\u3044\u308b\u65b0\u3057\u3044\u30d1\u30c3\u30ad\u30f3\u30b0\u624b\u6cd5\u3092\u691c\u51fa\u3067\u304d\u3001\u3055\u3089\u306b\u30a2\u30f3\u30d1\u30c3\u30af\u5f8c\u306f\u5404\u30d5\u30a1\u30df\u30ea\u3092\u691c\u51fa\u3067\u304d\u307e\u3059\u3002AutoFocus\u306e\u30e6\u30fc\u30b6\u30fc\u306f\u3001<a href=\"https:\/\/autofocus.paloaltonetworks.com\/#\/tag\/Unit42.Locky\" data-page-track=\"true\" data-page-track-value=\"company:160411-unit42-ransomware-locky-teslacrypt-other-malware-families-use-new-tool-to-evade-detection: section: \">Locky<\/a>\u3001<a href=\"https:\/\/autofocus.paloaltonetworks.com\/#\/tag\/Unit42.TeslaCrypt\" data-page-track=\"true\" data-page-track-value=\"company:160411-unit42-ransomware-locky-teslacrypt-other-malware-families-use-new-tool-to-evade-detection: section: \">TeslaCrypt<\/a>\u304a\u3088\u3073<a href=\"https:\/\/autofocus.paloaltonetworks.com\/#\/tag\/Unit42.Andromeda\" data-page-track=\"true\" data-page-track-value=\"company:160411-unit42-ransomware-locky-teslacrypt-other-malware-families-use-new-tool-to-evade-detection: section: \">Andromeda<\/a>\u30bf\u30b0\u3067\u3001\u5f71\u97ff\u3092\u53d7\u3051\u308b\u30de\u30eb\u30a6\u30a7\u30a2 \u30d5\u30a1\u30df\u30ea\u306e\u8a73\u7d30\u3092\u78ba\u8a8d\u3067\u304d\u307e\u3059\u3002<\/p>\n<p>\u79c1\u305f\u3061\u306f\u3053\u306e\u624b\u6cd5\u3092\u793a\u3059Locky\u3092\u76e3\u8996\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<p style=\"padding-left: 40px;\">4b9a525a80cdba0d827b52d1e19c0b74e055b9afacfa2910dd32230826f91a7a<br \/>\n7fe3c82165fa2fad745c337325eaa99bbbc1ca7b89479a52d64af7813b47e1e4<br \/>\nd958c6f0a5208a6040e06ab71decbed47f3ac7e8235a13c918a0b68eb5ae5748<br \/>\n6715765a36d6e6cb6f2e8b159e21d914aa0bdf433f2ece3032535e9ea0382f80<br \/>\n38774f2381c0d62b522604e66d42d4b320b6a10a229f25c129e96ad6d62c57c1<br \/>\nafcaa1b0e7864a3e471b5d6ffb66816d2def62c363aa0d8a23cdf96684d4960d<br \/>\n5d29dbf3f854457b71a502d4487d620986924582f5c8997ef9f55c6ba038b6b5<br \/>\n64d51aaf4abe4e87013056277277f05c55c6554d2a7005374f254983ac846c4d<br \/>\n127c4c0437af192ad9b216b7dc3daf7b8b20e04f39559487ff5bf6d29e7b624d<br \/>\n24e330f05b3fd86761969037cfd384a044b81c05bd3626b2d74dbacb2d18972b<br \/>\n00fba93cee17df9d76475c4a07ecbc4663917990d5175284f4ec9fd5e9de9314<br \/>\n94cfc072d57250f5da4409682bab75f655ac70bf384885b008b785357e0cc256<br \/>\n85e22edb58902c1c087103f1be083f3fbdd1f6b2737efb32b229c92eb1fbf30f<br \/>\na83824d43c04893a3c0563f4bc8ca9adde5ad2d4f8b9eddd7e8521f3c36be0e0<br \/>\nc7d9b7e3cc672d0bb588d247b5860527d8e48eb0ae642ab4454ff12cb921d8e3<br \/>\n9fec0efb432f7ab3dc68c2e9913492d5e640084eb2e94226837a896dc1a3ea8e<\/p>\n<p>\u3000\u79c1\u305f\u3061\u306f\u3053\u306e\u624b\u6cd5\u3092\u793a\u3059TeslaCrypt\u3092\u76e3\u8996\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<p style=\"padding-left: 40px;\">9651d0cbca5c0affc47229c33be182b67e7bfbc09d08fd2d1c3eb2185bb29cdf<br \/>\n9fff99c289db327d2ed6b65c199c3424f85b013ecb9826a47f368841386f1f42<br \/>\n8b30a779db7a22a48ec923c2e0f2277be777ebb196487d15872e2df4a3742fda<br \/>\ne08fec9f5a41f47c66531755a6f229b1066d475abf3f36d87f8901358b475c26<br \/>\nd7cacf0b6c8ed4f0dfb0666e9fb7cc0bfe44da540db0ac613b920229681d2d9a<br \/>\nb00ce6a6107f0ace12878c3636fd42494bc387ba494f87c094c3597eb1dd4943<br \/>\nae006b6c9d03e3e5ee0a98cf82fa517ac361f04d66ebf98029e12569e1f467be<br \/>\ne12617985ebb160e6e6e02ecaad83adfda37df66722002f63fd0804f45f7ff09<br \/>\nc2d4f240122354a6db5edc428dba1b6d6540dc10818d5561128690d57388c508<br \/>\n84b5d49183870ec8adaea182bdcb857e503720a4e656ad580397ec98bc7bc6cf<br \/>\naf5bc5a9d2dc6f0c5e6321a7b760867d7c52f6701212e1ac0ad667dd5bee94b3<br \/>\nbb002ddcc4ef252d0d9457f5e91589933ee99ee9142656a8b37e02be7b90742f<br \/>\nad6bfc0b940aa142ec925b54ff3feabbfab60751034a102f8a7a5ee84f5eda51<br \/>\nbbd8a4b1d60547638c67c325a3ce1b449758146c3e3a49731c3ddaf8f987c0d3<br \/>\n8ca7583fc45500e4f02955022350c9b64c1ce774eeca2d7684fe0118d2f469ff<br \/>\n99a3457f10de4b4e33fd65ec341e0f4cc543a1c076c2f3eefca8d41ef56c93b7<br \/>\n83427ffa553f49bb627045c609b5d4e505f7129616cccce9958f61c084985676<br \/>\n961ac867a29c0afe193aedc279d95a08872e524e8ac1b6d62f83644ba1db5692<br \/>\n8d342e16a1ab0b33c666e86b03f9580f25be2eb1067d590a8c21545f9e5247a7<br \/>\nb76dde85793d4f8ea23957f9cf9fac790c18968429aab3a9024cefcead7db309<br \/>\nb3f8a863a7ab9d14510e83424a1a4b8ace18d7e0997102ed6731880aad9859bf<br \/>\na70a192bbe3fd9126b138d16bb70ee2f941756be8b695f450355e1fa1aaa05aa<br \/>\n7f862e66f96764eff67d06ee7edfb086e5c871720681c5d7caed7df2c9734f8c<br \/>\nd9934d3cf498e08fe39bfb070545b010b1888f85716db9aca7f5b20134a7437a<br \/>\na677620dfe3676d80cbb655e5a28eab477256a1023418c225002e6cd2e886e3f<br \/>\n8e8ce12b7d5efd2315ea11516d17f503772d306b106713a505d7bdfc658ff564<br \/>\n8f53da2f01194680b7ec2fa848b7e3d438f4bf1d3cef72e6b4094b00a1a877cc<br \/>\n9b0939fa4c00061cb9588ae8d30679fe92d46e38f48af6c7bad1317c5e93d2e0<br \/>\n8537361d63e80f5479ad8e36c61c2f8dc798eff9bc364ef4f4e74bee035f1820<br \/>\n8f8a91dc0b525da0aa81ceda682aaf4580300f3c2fb63da545646a1c2f088bf1<br \/>\ne0449abe02aa3ec49f98e900685d0bab920fdab5012588a7892f4b992fa86b28<br \/>\nb27336bf97cc72499336ba3c5f0ba8134d6aeb95225a17342379bea74e9dc758<br \/>\nb3fe8b423dfb28b0b505259efc28e567c4b2adeae550d0fd214dbf4368806f1a<br \/>\ndb0654584870e3c7e701cd8a35b8267728db0dacaa9c411cf18e335ae062196e<br \/>\n7d7f02a051696bc706cc9b07b115a11c89093ccb22a37fc27b825486e7ff0a0d<br \/>\n97c6d884eb61dba0f0798464351d69ce24b528b24f68e668e81af52582a9a0ab<br \/>\naf20e170ae290df4f0b34909c51d18e0ea1ce6fea47adb29d858df42d4d50750<br \/>\n86ed651308c6c04d4ad2b2eecae31637a70f0d9b6d2fb04726f3bd07fbc5ad4a<br \/>\n7aed6b832bb58adebeb560ce532840edfeee65d8e18c1a0be61b264cf74c1e47<br \/>\n93d16b2b5a3fefa578ffec2f2bd2e3b818702b0988a6bd14050e485fcef5cf06<br \/>\na670f6fc15074e1fd79b26fee28d48eebce25fe6608b00dc23e1386dacca9442<br \/>\nab035382f8dfe6fc13374d1e9cc92ebf3d44e32e1d757485568545f92dae5005<br \/>\nd70c74726a8ab6c4dd2ee530795267a409f0504ed1384537241f5bc0fd77d65d<br \/>\nac4b81c115787ea2724a48a6ccd36ea11f62336fe4cac01d7b8e6dd05c318b69<br \/>\ncba3f4d1b73b5be52a4a79de875b1fda7d6cb58c0b6782f9a03e0562940eab7d<br \/>\nad970a3a893b5b67f4b805606bb3ea04f0552e2cda6adaa38a4ebfa323a67838<br \/>\nadd5534feeee9fdeb962d2bf55baddda8854d9e3b43103cc2007d6a75860774a<br \/>\ndd2998e204f7179c550728c77ed05290bde36dd897d851ce323b6b84800bfe80<br \/>\nc0f1da5ef339a0f47734704ea77611a43232fad5819ae9dab04178380e38aec3<br \/>\n7fa1ed71fda8accb83ca520957c985019b7e43947b4bee47c8d71a826cd50035<br \/>\nbdf819317a9e7fe8d5c1b337625230391a91f30449979b9b786f43f5c840d485<br \/>\n52ddbadeb560819500f031406ed629ea53f7ccdb0feccb43968fa3be668c45a1<br \/>\n58dabaefe317881362df1e13d190505285c38a0e2fe353d2784defde4c709f92<br \/>\n75336c9de17b7444ac5220360b5a0766d3898d81eb77ba01cd2bbef95975797b<br \/>\n0712e38624f0cf75f79245326108b754efbc318545ef8e1c685b3306369d2384<br \/>\n70a443f84aae5e88824df72d39f797b7aa5ba00aa82940f16c23d1b5bcee5cce<br \/>\n356b11753cde7d628406f61580bc823300bc4b954eb79c0766224bd4b8dad05f<br \/>\n2d44dd2dd4d4d5ef835ce8a1cde4a45ab39119196a6fe26ab4c9ee8a3b790228<br \/>\n1dcdc62763c4d77f8ea9d64eca310fceb74194efb8700b365028862b44d7e8df<br \/>\n76a3883da15069287c8972099fc922477e41f3160599eb86de4ad9377a3f43ed<br \/>\n3af0c37ab942960fc642665e36644a5cc0ac2d0e779172bc1d5233cb3ecff710<br \/>\n3efd082e3aed3a42d7a16825201153928787cfd6438e7a5f5ecddc9c15efdaf1<br \/>\n288a00387f76046c1598f21bb54dcfbc6a499499f4117c39e7645c54d350c130<br \/>\n25e233b41022d6fa9a3fcb5c723229065a499ea77a4f4eb6e33d185b131e27d0<br \/>\n6345af00608caadb29b82ed03674a6e889a3c33e6b76e1434052ca5e65e64c7d<br \/>\n42ab4fdff74592bf0097efda55b0f0529d6579dd8c83e9fb79d81dd8f4d76376<br \/>\n01c814fa5b67317b083e87c0e94bfb78333d4841f24d3d95ecb992700542b87f<br \/>\n794b32f5d08cf7f7e9faff39707c0652f35a5cf1992135e8930863d9bcac4f0f<br \/>\n464e8d4903536ea7f99c7bf8ddabf3ffe568e11e490dbd773c4fae5e552fd311<br \/>\n3d4c955e9a5d2aafbb359b5ebefa8173f73862600809204a969bc4b1b30fe27d<br \/>\n05cc2952f76d3d273ed3eb97dcd537c82cc1afdec44817712cd088a40bbe7003<br \/>\n6400a149d316df356f9d1ad490e69f3d6eacadfa4b835ea180b50b5a9023a267<br \/>\n58b50c39b70c9b55aa6ac34a548f9c076034e75ff08885e2cb44cc1a1a7187de<br \/>\n416c5e3cc4771a78317249eb8745dcf16081d9126c5f6b7a4ebf750f512c64b7<br \/>\n100049de5895a7f96204f86aaae14d5f271d8e4c3cd918a51efe30103f33e7b2<br \/>\n0a1f05a1aa720ad600aedc0cbc0c19f662159075447c188c2642f5b64f63da7f<br \/>\n79cb69fef2f0ef73f26e4cfcbb3f959f0f85f6a1de52d2c3202cbe00aea75d41<br \/>\n500a371e28cc97fa29e649a082c8eae7a64cedee8b17505a088977dbf9dce68e<br \/>\n3c573e5994285957e8d12376b7187173945a6395b2bc59197492c70a2e3382e2<br \/>\n61ee0172985612fb1e85c6707671cda79dacb982cf4a15851b6c655f5799b884<br \/>\n783e77cca5a20da0285c472d334b3da47995c2c838f67eacb220491e6459b0cd<br \/>\n1d975e692a7596e37ce5ef812b420fd6915f2461fec7f460413e018e4cd3a03c<br \/>\n37b154bb5dc1aeda58972fef4380da2f0d63c8c358cb4e2b36f9f177dc0afc4f<br \/>\n620be6db60593855d9a190b3a05e6d4d3103879b0d3eee75056dfec1d169ddbf<br \/>\n34275d0fb73575447c5016a519ccf0bed9ca292ab4a2f1908226521d0594a139<br \/>\n69b7b58065ea977e66c9adf161a7c70d35533d97e9d8c6ea5957e01869077402<br \/>\n5e03297fea99d6d397a1298724e49aa0390e3c0686be5028ca5c923a66d12b20<br \/>\n415e27f3b6e4cd02a77d656a852c8de9a1dc911f5b1c51e0c2d50c356832838f<br \/>\n6f90dd4223c979615f55b7a6a6c88370052b96cc4309cde2048a00d8fab60b17<br \/>\n50978d98135917773ba1117bff918ac66a30a4dce742c645dbd68c1b8f02a281<br \/>\n001261336f0190c366f05cc20a5c01062d5f25cddf98019e0674c28b86c4227e<br \/>\n357a241a37ee9578174872084a3a3a25ca03074878986d55617ae9ba216e2a39<br \/>\n3a892a2b223e90cc9017c5245e0a7b32c902056ab5f1ffc1ac5fc18f788a35cd<br \/>\n68fd79b623b1dec65ad10691ac8cb4877c000faa022de809c48f5a419d1eff6e<br \/>\n0255f33108708f136034ca2fce1496cf37b3d9ebf4bda9a7c00ceb44a6c1955f<br \/>\n4aca6fa3401813f88d9111079a0d81af128093c12b8519e3fd4def47a81d4710<br \/>\n77ce4ba2a605e22b8699eef874d075fb585d259ed6cade2e503e6dbf58020aa0<br \/>\n65a92ba86259e051cbb721ff5b13cd89cc9b76845f531180afe2feb416635cd1<br \/>\n4ba6b18edc0099936dbfc444fd2b089271a398bf03d78372456ac7f631ccee36<br \/>\n6d4be5072e052e4c4aa1b59da379a8e4e01fe166d5ce6084cf86448bfe2370d0<br \/>\n2a9e9e279b6bae67efe101614cbf7ca00b10cd2ad1f713c07b393861bdb9a3f1<br \/>\n3f2eb88bc86235f47470cf741f0adef5016492e99956ec87b5ab2896e0dd5ca2<br \/>\n4132ab07b9273a1ed5d4ca979500e7cb541c33029775f7be795f94f43980e5ea<br \/>\n78741b5bbe94903ce22a9db5fb578fd3af4f2cad48142480a1354d156943a4fd<br \/>\n0ed6bbbb6f372723be1ed38e2bacd8f7d81a96b71d11ba0f46071c14e628016b<br \/>\n4630cb47542259b71e006560ce9a88244b1be6256ee1f2f4767e1e1e47618430<br \/>\n5dd1c647b4cbe9700809bfd35ae4537573659324c8f1ace006b4fac481e16148<br \/>\n213661084774b4352fcd644617462bf7c0ccf21838e15dd081b3cf0cfbb11144<br \/>\n0914e974e20c187a43807e91b95621e5ad0c14c54f6958546a60d84c0c777d29<\/p>\n<p>\u3000\u79c1\u305f\u3061\u306f\u3053\u306e\u624b\u6cd5\u3092\u793a\u3059Andromeda\u3092\u76e3\u8996\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<p style=\"padding-left: 40px;\">9b84c2ef77b3c645bb643ee79de02a8a77eb81d79874cd6606edccd56314235b<br \/>\na87c12714badd54395e075d3c695397044a8a4aee740dd4f9657df524803b1ed<br \/>\nb193f37721919e75e617173962e47153c05e303598e637764c837b3ac0a710d8<br \/>\nc9a81f89d566683e540914df1cb1541ae69ed734f3d0c7e7ba81c0ad9de947f6<br \/>\n88e661f55cbd241fce827df7de9c6eb5bd36bfb6dfe25a49dc0c88de167c0c8e<br \/>\ncfd76af3f5df83b3b94bced9644f85b8496a6dd58227c4af24632e184cd814d2<br \/>\ne2b36fc0e35c27723fdf623916368101af37543d63c6bcf0de737cec24d1e2e6<br \/>\nb855a01cfce787a505cdd5785c4f511ea7fbc1fb6a9e27d60677cc033e505de3<br \/>\ndb5db710abf26674254383cdb7c4fc7c1308418b667341bf4a439541db71b427<br \/>\nd5dfc305cf41d744d21aeb8432d286aa9288a26563f358306602cf809863d92c<br \/>\n8ba8132621d462feb6f649a8f24506570c604acb5f5d607b7f6a675475db4f06<br \/>\nbebc5dd62e0680b1f56a6b4e41231857da2842ace224bf88cc1c5365538a8fa9<br \/>\n14f805e9f8ebd2b81ee4ee3c6a2e4b960039d8d99d13cf87d0da692947a02c91<br \/>\n20928d79dccb0338a113529cc1652892e79f560b98b52909ec2037a6088a7fdf<br \/>\n3fc9253bb1deac49b9889fb9cd1a90238239bd4e2db4d693ab99f29d08f029d3<br \/>\n678f2a8b9bfa585f42429ed452f2a9c39266fc10f5bdc4decd0bdc2613601c8f<br \/>\n78deed3fc6ccfa8bc6116c02d763a22a76e80bbfdce263158c366945d73af1c2<br \/>\n5392b97ef98462d31e1c07bc064dafac254f246ebb7131e364a9ec82b5b48b20<br \/>\n0594deb0b33ebb816fb27d4f0bf4d3ee7fce2146489cc152bd0894226840ef0c<br \/>\n2bec223894f14670c737b1f7ab766790cc9bf7490354d1e17ffb7e9defcaeb3a<br \/>\n33669080a8e8ae2ba43fd13887d3ee5cd9d686187c7d3ba82eb1da2b538fd63f<br \/>\n7a82a933650600bab70a85ff329a52329f5fadf64c05a86d1122298e1aaa9081<br \/>\n74bbceabb3ec583f7b92d55d0556aa1d0c0f302485649045bd2667b4959f62cc<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u6982\u8981 Palo Alto Networks\u306e\u8105\u5a01\u30a4\u30f3\u30c6\u30ea\u30b8\u30a7\u30f3\u30b9\u30c1\u30fc\u30e0Unit 42\u306f\u672c\u65e5\u3001Locky\u306b\u95a2\u9023\u3059\u308b\u4e00\u9023\u306e\u30e9\u30f3\u30b5\u30e0\u30a6\u30a7\u30a2\u304c\u3001\u65b0\u305f\u306a\u624b\u6cd5\u3092\u4f7f\u3063\u3066\u80fd\u52d5\u7684\u306b\u691c\u51fa\u3092\u56de\u907f\u3057\u3001\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u3078\u306e\u611f\u67d3\u3092\u8a66\u307f\u3066\u3044\u308b\u3053\u3068\u3092\u7a81\u304d<\/p>\n","protected":false},"author":135,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[4321,3057,4428],"tags":[7197,7193,7700],"product_categories":[],"coauthors":[422,463,498],"class_list":["post-106168","post","type-post","status-publish","format-standard","hentry","category-threat-research","category-ransomware-ja","category-threat-research-ja","tag-andromeda-ja","tag-locky-ja","tag-teslacrypt"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.0 (Yoast SEO v27.0) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>\u30e9\u30f3\u30b5\u30e0\u30a6\u30a7\u30a2: Locky\u3001TeslaCrypt\u306a\u3069\u306e\u30de\u30eb\u30a6\u30a7\u30a2 \u30d5\u30a1\u30df\u30ea\u304c\u65b0\u305f\u306a\u30c4\u30fc\u30eb\u3092\u4f7f\u3063\u3066\u691c\u51fa\u3092\u56de\u907f<\/title>\n<meta name=\"description\" content=\"\u6982\u8981 Palo Alto Networks\u306e\u8105\u5a01\u30a4\u30f3\u30c6\u30ea\u30b8\u30a7\u30f3\u30b9\u30c1\u30fc\u30e0Unit\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/unit42-ransomware-locky-teslacrypt-other-malware-families-use-new-tool-to-evade-detection\/\" \/>\n<meta property=\"og:locale\" content=\"ja_JP\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u30e9\u30f3\u30b5\u30e0\u30a6\u30a7\u30a2: Locky\u3001TeslaCrypt\u306a\u3069\u306e\u30de\u30eb\u30a6\u30a7\u30a2 \u30d5\u30a1\u30df\u30ea\u304c\u65b0\u305f\u306a\u30c4\u30fc\u30eb\u3092\u4f7f\u3063\u3066\u691c\u51fa\u3092\u56de\u907f\" \/>\n<meta property=\"og:description\" content=\"\u6982\u8981 Palo Alto Networks\u306e\u8105\u5a01\u30a4\u30f3\u30c6\u30ea\u30b8\u30a7\u30f3\u30b9\u30c1\u30fc\u30e0Unit\" \/>\n<meta property=\"og:url\" content=\"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/unit42-ransomware-locky-teslacrypt-other-malware-families-use-new-tool-to-evade-detection\/\" \/>\n<meta property=\"og:site_name\" content=\"Unit 42\" \/>\n<meta property=\"article:published_time\" content=\"2016-04-08T16:50:16+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-04-09T02:56:39+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.paloaltonetworks.jp\/content\/dam\/paloaltonetworks-com\/ja_JP\/Images\/blog\/0411-0.png\" \/>\n<meta name=\"author\" content=\"Jeff White, Micah Yates, Chris Astacio\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"\u30e9\u30f3\u30b5\u30e0\u30a6\u30a7\u30a2: Locky\u3001TeslaCrypt\u306a\u3069\u306e\u30de\u30eb\u30a6\u30a7\u30a2 \u30d5\u30a1\u30df\u30ea\u304c\u65b0\u305f\u306a\u30c4\u30fc\u30eb\u3092\u4f7f\u3063\u3066\u691c\u51fa\u3092\u56de\u907f","description":"\u6982\u8981 Palo Alto Networks\u306e\u8105\u5a01\u30a4\u30f3\u30c6\u30ea\u30b8\u30a7\u30f3\u30b9\u30c1\u30fc\u30e0Unit","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/unit42-ransomware-locky-teslacrypt-other-malware-families-use-new-tool-to-evade-detection\/","og_locale":"ja_JP","og_type":"article","og_title":"\u30e9\u30f3\u30b5\u30e0\u30a6\u30a7\u30a2: Locky\u3001TeslaCrypt\u306a\u3069\u306e\u30de\u30eb\u30a6\u30a7\u30a2 \u30d5\u30a1\u30df\u30ea\u304c\u65b0\u305f\u306a\u30c4\u30fc\u30eb\u3092\u4f7f\u3063\u3066\u691c\u51fa\u3092\u56de\u907f","og_description":"\u6982\u8981 Palo Alto Networks\u306e\u8105\u5a01\u30a4\u30f3\u30c6\u30ea\u30b8\u30a7\u30f3\u30b9\u30c1\u30fc\u30e0Unit","og_url":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/unit42-ransomware-locky-teslacrypt-other-malware-families-use-new-tool-to-evade-detection\/","og_site_name":"Unit 42","article_published_time":"2016-04-08T16:50:16+00:00","article_modified_time":"2020-04-09T02:56:39+00:00","og_image":[{"url":"https:\/\/www.paloaltonetworks.jp\/content\/dam\/paloaltonetworks-com\/ja_JP\/Images\/blog\/0411-0.png","type":"","width":"","height":""}],"author":"Jeff White, Micah Yates, Chris Astacio","twitter_card":"summary_large_image","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/unit42-ransomware-locky-teslacrypt-other-malware-families-use-new-tool-to-evade-detection\/#article","isPartOf":{"@id":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/unit42-ransomware-locky-teslacrypt-other-malware-families-use-new-tool-to-evade-detection\/"},"author":{"name":"Jeff White","@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/32ecb81b6d2fc5ba9e630880df6a8184"},"headline":"\u30e9\u30f3\u30b5\u30e0\u30a6\u30a7\u30a2: Locky\u3001TeslaCrypt\u306a\u3069\u306e\u30de\u30eb\u30a6\u30a7\u30a2 \u30d5\u30a1\u30df\u30ea\u304c\u65b0\u305f\u306a\u30c4\u30fc\u30eb\u3092\u4f7f\u3063\u3066\u691c\u51fa\u3092\u56de\u907f","datePublished":"2016-04-08T16:50:16+00:00","dateModified":"2020-04-09T02:56:39+00:00","mainEntityOfPage":{"@id":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/unit42-ransomware-locky-teslacrypt-other-malware-families-use-new-tool-to-evade-detection\/"},"wordCount":2410,"commentCount":0,"image":{"@id":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/unit42-ransomware-locky-teslacrypt-other-malware-families-use-new-tool-to-evade-detection\/#primaryimage"},"thumbnailUrl":"https:\/\/www.paloaltonetworks.jp\/content\/dam\/paloaltonetworks-com\/ja_JP\/Images\/blog\/0411-0.png","keywords":["Andromeda","Locky","TeslaCrypt"],"articleSection":["Threat Research","\u30e9\u30f3\u30b5\u30e0\u30a6\u30a7\u30a2","\u8105\u5a01\u30ea\u30b5\u30fc\u30c1"],"inLanguage":"ja","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/origin-unit42.paloaltonetworks.com\/ja\/unit42-ransomware-locky-teslacrypt-other-malware-families-use-new-tool-to-evade-detection\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/unit42-ransomware-locky-teslacrypt-other-malware-families-use-new-tool-to-evade-detection\/","url":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/unit42-ransomware-locky-teslacrypt-other-malware-families-use-new-tool-to-evade-detection\/","name":"\u30e9\u30f3\u30b5\u30e0\u30a6\u30a7\u30a2: Locky\u3001TeslaCrypt\u306a\u3069\u306e\u30de\u30eb\u30a6\u30a7\u30a2 \u30d5\u30a1\u30df\u30ea\u304c\u65b0\u305f\u306a\u30c4\u30fc\u30eb\u3092\u4f7f\u3063\u3066\u691c\u51fa\u3092\u56de\u907f","isPartOf":{"@id":"https:\/\/unit42.paloaltonetworks.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/unit42-ransomware-locky-teslacrypt-other-malware-families-use-new-tool-to-evade-detection\/#primaryimage"},"image":{"@id":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/unit42-ransomware-locky-teslacrypt-other-malware-families-use-new-tool-to-evade-detection\/#primaryimage"},"thumbnailUrl":"https:\/\/www.paloaltonetworks.jp\/content\/dam\/paloaltonetworks-com\/ja_JP\/Images\/blog\/0411-0.png","datePublished":"2016-04-08T16:50:16+00:00","dateModified":"2020-04-09T02:56:39+00:00","author":{"@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/32ecb81b6d2fc5ba9e630880df6a8184"},"description":"\u6982\u8981 Palo Alto Networks\u306e\u8105\u5a01\u30a4\u30f3\u30c6\u30ea\u30b8\u30a7\u30f3\u30b9\u30c1\u30fc\u30e0Unit","breadcrumb":{"@id":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/unit42-ransomware-locky-teslacrypt-other-malware-families-use-new-tool-to-evade-detection\/#breadcrumb"},"inLanguage":"ja","potentialAction":[{"@type":"ReadAction","target":["https:\/\/origin-unit42.paloaltonetworks.com\/ja\/unit42-ransomware-locky-teslacrypt-other-malware-families-use-new-tool-to-evade-detection\/"]}]},{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/unit42-ransomware-locky-teslacrypt-other-malware-families-use-new-tool-to-evade-detection\/#primaryimage","url":"https:\/\/www.paloaltonetworks.jp\/content\/dam\/paloaltonetworks-com\/ja_JP\/Images\/blog\/0411-0.png","contentUrl":"https:\/\/www.paloaltonetworks.jp\/content\/dam\/paloaltonetworks-com\/ja_JP\/Images\/blog\/0411-0.png"},{"@type":"BreadcrumbList","@id":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/unit42-ransomware-locky-teslacrypt-other-malware-families-use-new-tool-to-evade-detection\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/unit42.paloaltonetworks.com\/ja\/"},{"@type":"ListItem","position":2,"name":"\u30e9\u30f3\u30b5\u30e0\u30a6\u30a7\u30a2: Locky\u3001TeslaCrypt\u306a\u3069\u306e\u30de\u30eb\u30a6\u30a7\u30a2 \u30d5\u30a1\u30df\u30ea\u304c\u65b0\u305f\u306a\u30c4\u30fc\u30eb\u3092\u4f7f\u3063\u3066\u691c\u51fa\u3092\u56de\u907f"}]},{"@type":"WebSite","@id":"https:\/\/unit42.paloaltonetworks.com\/#website","url":"https:\/\/unit42.paloaltonetworks.com\/","name":"Unit 42","description":"Palo Alto Networks","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/unit42.paloaltonetworks.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"ja"},{"@type":"Person","@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/32ecb81b6d2fc5ba9e630880df6a8184","name":"Jeff White","image":{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/image\/4ffb3c2d260a0150fb91b3715442f8b3","url":"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2018\/11\/unit-news-meta.svg","contentUrl":"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2018\/11\/unit-news-meta.svg","caption":"Jeff White"},"description":"Principal threat researcher, enterprise R&amp;D, FWaaP, Palo Alto Networks","url":"https:\/\/unit42.paloaltonetworks.com\/ja\/author\/jeff-white\/"}]}},"_links":{"self":[{"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts\/106168","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/users\/135"}],"replies":[{"embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/comments?post=106168"}],"version-history":[{"count":3,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts\/106168\/revisions"}],"predecessor-version":[{"id":106171,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts\/106168\/revisions\/106171"}],"wp:attachment":[{"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/media?parent=106168"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/categories?post=106168"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/tags?post=106168"},{"taxonomy":"product_categories","embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/product_categories?post=106168"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/coauthors?post=106168"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}