2006ǯ05·î20Æü
Áí̳¾Ê ¡ØÄÌ¿®¤ÎÈëÌ©¡Ù ¿¯³²¤Ï¥À¥á¡£
Winny¤Ï»È¤Ã¤¿¤³¤È¤¬¤¢¤ê¤Þ¤»¤ó¤¬¡£¤Þ¤¡¡¢¿§¡¹ÏÃÂê¤Ç¤¹¤Î¤Ç
¤Þ¤¿¾Ð¤¨¤ë¥¦¥¤¥ë¥¹¤¬Åо줷¤¿¤ß¤¿¤¤¤Ç¤¹¡£
°¡Î®¤¬¤Ç¤Æ¤¯¤ë¤È¤Ï»×¤¤¤Þ¤¹¤¬º£¤Î½ê¡¢¾®ÁÒÍ¥»Ò¤Î²èÁü¤À¤±¤Ê¤ó¤Ç¤¹¤Í
¾¯¤·ÏäÏÊѤï¤Ã¤Æ¡£
¤Þ¤¡¡¢»ä¤Ï2000ǯ¤ÎÅìµþ¤á¤¿¤ê¤Ã¤¯ÄÌ¿®°ÊÍè¡¢²óÀþ¶È¼Ô¤Ï¤«¤ï¤ê¤Þ¤·¤¿¤¬¡¦¡¦
£Á£Ä£Ó£Ì¤ò»È¤Ã¤Æ¤¤¤Þ¤¹¡£º£¤Î½ê¡¢¸÷¤ËÊѤ¨¤ëµ¤¤Ï¤¢¤ê¤Þ¤»¤ó¤¬
¸÷²óÀþ¤Ë¤·¤¿¿Í¤ÎÌÜŪ¤Ï¤Û¤È¤ó¤É¡¢¥Õ¥¡¥¤¥ë¸ò´¹¥½¥Õ¥ÈÍøÍѤΰ١£
¤³¤ì¤¬¡¢¤Á¤ç¤Ã¤ÈÁ°¤Þ¤Ç¤Î¾ï¼±¤À¤È»×¤¤¤Þ¤·¤¿¤¬¡¦¡¦¡¦
²¼¤ê/¾å¤ê®Å٤ȤâºÇÂç100Mbps¤ÈĶ¹â®¡¡¤È¤«¸À¤Ã¤Æ¤â¡¢
£Ð2£Ð¤Ç¤Ï Â礷¤¿Â®Å٤ϸµ¡¹½Ð¤Þ¤»¤ó¤Ç¤·¤¿¤¬¡¦¡¦¡¦¡¦
ºÇ¶á¤Ï¡¢¹¹¤ËÀ©¸Â¤ò¤«¤±¤ë¥×¥í¥Ð¥¤¥À¡¼¤¬Â¿¤¯¤Æ¤Ê¤Ã¤¿¤½¤¦¤Ç¤¹¤¬¡¦¡¦¡¦¡£
¤½¤ó¤ÊÃæ¡¢¤³¤ó¤Ê¥Ë¥å¡¼¥¹¤¬¡¦¡¦¡¦¡£
¥¦¥£¥Ë¡¼ÍøÍѼԤÎÄÌ¿®¼×ÃÇ¡¢ÄÌ¿®¤ÎÈëÌ©¿¯³²¤ÈÁí̳¾Ê
¾ðÊóή½Ð¤Ê¤É¤¬ÌäÂê¤È¤Ê¤Ã¤Æ¤¤¤ë¥Õ¥¡¥¤¥ë¸ò´¹¥½¥Õ¥È¡Ö¥¦¥£¥Ë¡¼¡×ÍøÍѼԤËÂФ·¡¢
£Î£Ô£Ô·Ï¤Î¥¤¥ó¥¿¡¼¥Í¥Ã¥ÈÀܳ»ö¶È¡Ê¥×¥í¥Ð¥¤¥À¡¼¡Ë¤Î
¡Ö¤×¤é¤é¥Í¥Ã¥È¥ï¡¼¥¯¥¹¡×¡ÊÅìµþÅÔËÅç¶è¡Ë¤¬ÄÌ¿®¤ò¼×ÃǤ¹¤ë´°Á´µ¬À©¤ò·×²è¤·¤¿¤È¤³¤í¡¢
Áí̳¾Ê¤«¤é¡Ö¥¦¥£¥Ë¡¼¤Î»ÈÍѤò¸¡ÃΤ·¤Æ»È¤¨¤Ê¤¯¤¹¤ë¤Î¤Ï
·ûË¡¤ÎÄê¤á¤ë¡ØÄÌ¿®¤ÎÈëÌ©¡Ù¤ËÄñ¿¨¤¹¤ë¶²¤ì¤¬¤¢¤ë¡×¤È»ØƳ¤ò¼õ¤±¡¢
µ¬À©¤ò»ö¼Â¾åÃÇÇ°¤·¤¿¤³¤È¤¬¤ï¤«¤Ã¤¿¡£
¡Ê2006ǯ5·î18Æü14»þ33ʬ ÆÉÇ俷ʹ¡Ë (cache)
¤Ç¤â¡¢Æ±¤¸µ»ö¤ÎÃæ¤Ç
Áí̳¾Ê¤Ï¡¢¥Ë¥Õ¥Æ¥£¤Ë¤è¤ë¥Õ¥¡¥¤¥ë¸ò´¹¥½¥Õ¥ÈÍøÍѸ¡ÃΤ⡢
¡ÖÄÌ¿®¤ÎÈëÌ©¡×¤ËÄñ¿¨¤¹¤ë¶²¤ì¤¬¤¢¤ë¤È¤·¤Æ¤¤¤ë¤¬¡¢
¥Ë¥Õ¥Æ¥£¤Ç¤Ï¥Õ¥¡¥¤¥ë¸ò´¹¥½¥Õ¥ÈÍøÍѼԤ˲óÀþ¤¬ÆÈÀꤵ¤ì¡¢
°ìÈÌÍøÍѼԤ¬¤Ä¤Ê¤¬¤ê¤Ë¤¯¤¯¤Ê¤ë¤Ê¤É°±Æ¶Á¤¬½Ð¤Æ¤¤¤ë¤³¤È¤Ê¤É¤«¤é¡¢
Ʊ¾Ê¤Ç¤Ï¡¢¡Ö¥Ë¥Õ¥Æ¥£¤Îµ¬À©¤ÏµöÍƤǤ¤ë¡×¤È¤·¤Æ¤¤¤ë¡£
¤À¤½¤¦¤Ç¤¹¤¬¡¦¡¦¡¦¡£
¡ÖÀ©¸Â¡×¤Ï¤¤¤¤¤±¤É¡Ö¼×ÃǡפϥÀ¥á¡£¤È¸À¤¦¤³¤È¤Ê¤ó¤Ç¤·¤ç¤¦¤«¡©
¤É¤ó¤ÊÊýË¡¤ÇÀ©¸Â¤ò¤«¤±¤Æ¤¤¤ë¤Î¤Ç¤·¤ç¤¦¤«¡©
¡ÊIP¥¢¥É¥ì¥¹¡£¥Ý¡¼¥Èñ°Ì¡£²ñ°÷£É£Ä¡£¡Ë
¤½¤ì¤Ë¤·¤Æ¤â¡¦¡¦¤É¤³¤Þ¤Ç¡¡ÄÌ¿®ÆâÍƤòÇÄ°®¤·¤Æ¤¤¤ë¤Î¤Ç¤·¤ç¤¦¤«¡©
¥×¥é¥¤¥Ð¥·¡¼¤Î¿¯³²¤È¤Ï¤Á¤ç¤Ã¤È¤Á¤¬¤¦¤Ë¤»¤è¡¢¤Á¤ç¤Ã¤ÈÉݤ¤¤Ç¤¹¤¬¡¦¡¦¡¦
¤Þ¤¿¾Ð¤¨¤ë¥¦¥¤¥ë¥¹¤¬Åо줷¤¿¤ß¤¿¤¤¤Ç¤¹¡£
°¡Î®¤¬¤Ç¤Æ¤¯¤ë¤È¤Ï»×¤¤¤Þ¤¹¤¬º£¤Î½ê¡¢¾®ÁÒÍ¥»Ò¤Î²èÁü¤À¤±¤Ê¤ó¤Ç¤¹¤Í
It is reported that the Trojan is found on the Winny file-sharing network with a file name that claims to be a picture of Yuko Ogura.
¥È¥í¥¤¤ÎÌÚÇϤ¬¾®ÁÒÍ¥»Ò¤Î³¨¤Ç¤¢¤ë¤È¼çÄ¥¤¹¤ë¥Õ¥¡¥¤¥ë̾¤Ç¥¦¥£¥Ë¡¼¥Õ¥¡¥¤¥ë¶¦Í¥Í¥Ã¥È¥ï¡¼¥¯¤Ç¸«¤Ä¤«¤ë¤ÈÊó¹ð¤µ¤ì¤Þ¤¹¡£
¥á¥â¡§ %CurrentFolder% is a variable that refers to the folder where the risk was originally
executed.
%CurrentFolder%¤Ï¡¢´í¸±¤¬Åö½é¼Â¹Ô¤µ¤ì¤¿¥Õ¥©¥ë¥À¤Ë¸ÀµÚ¤¹¤ëÊÑ¿ô¤Ç¤¹¡£
The image is a picture of Yuko Ogura.
¥¤¥á¡¼¥¸¤Ï¡¢¾®ÁÒÍ¥»Ò¤Î³¨¤Ç¤¹¡£
¥¦¥¤¥ë¥¹¾ðÊó (ÊÆSymantec)
Symantec Security Response - Trojan.Exponny.B¡¡
¾¯¤·ÏäÏÊѤï¤Ã¤Æ¡£
¤Þ¤¡¡¢»ä¤Ï2000ǯ¤ÎÅìµþ¤á¤¿¤ê¤Ã¤¯ÄÌ¿®°ÊÍè¡¢²óÀþ¶È¼Ô¤Ï¤«¤ï¤ê¤Þ¤·¤¿¤¬¡¦¡¦
£Á£Ä£Ó£Ì¤ò»È¤Ã¤Æ¤¤¤Þ¤¹¡£º£¤Î½ê¡¢¸÷¤ËÊѤ¨¤ëµ¤¤Ï¤¢¤ê¤Þ¤»¤ó¤¬
¸÷²óÀþ¤Ë¤·¤¿¿Í¤ÎÌÜŪ¤Ï¤Û¤È¤ó¤É¡¢¥Õ¥¡¥¤¥ë¸ò´¹¥½¥Õ¥ÈÍøÍѤΰ١£
¤³¤ì¤¬¡¢¤Á¤ç¤Ã¤ÈÁ°¤Þ¤Ç¤Î¾ï¼±¤À¤È»×¤¤¤Þ¤·¤¿¤¬¡¦¡¦¡¦
²¼¤ê/¾å¤ê®Å٤ȤâºÇÂç100Mbps¤ÈĶ¹â®¡¡¤È¤«¸À¤Ã¤Æ¤â¡¢
£Ð2£Ð¤Ç¤Ï Â礷¤¿Â®Å٤ϸµ¡¹½Ð¤Þ¤»¤ó¤Ç¤·¤¿¤¬¡¦¡¦¡¦¡¦
ºÇ¶á¤Ï¡¢¹¹¤ËÀ©¸Â¤ò¤«¤±¤ë¥×¥í¥Ð¥¤¥À¡¼¤¬Â¿¤¯¤Æ¤Ê¤Ã¤¿¤½¤¦¤Ç¤¹¤¬¡¦¡¦¡¦¡£
¤½¤ó¤ÊÃæ¡¢¤³¤ó¤Ê¥Ë¥å¡¼¥¹¤¬¡¦¡¦¡¦¡£
¥¦¥£¥Ë¡¼ÍøÍѼԤÎÄÌ¿®¼×ÃÇ¡¢ÄÌ¿®¤ÎÈëÌ©¿¯³²¤ÈÁí̳¾Ê
¾ðÊóή½Ð¤Ê¤É¤¬ÌäÂê¤È¤Ê¤Ã¤Æ¤¤¤ë¥Õ¥¡¥¤¥ë¸ò´¹¥½¥Õ¥È¡Ö¥¦¥£¥Ë¡¼¡×ÍøÍѼԤËÂФ·¡¢
£Î£Ô£Ô·Ï¤Î¥¤¥ó¥¿¡¼¥Í¥Ã¥ÈÀܳ»ö¶È¡Ê¥×¥í¥Ð¥¤¥À¡¼¡Ë¤Î
¡Ö¤×¤é¤é¥Í¥Ã¥È¥ï¡¼¥¯¥¹¡×¡ÊÅìµþÅÔËÅç¶è¡Ë¤¬ÄÌ¿®¤ò¼×ÃǤ¹¤ë´°Á´µ¬À©¤ò·×²è¤·¤¿¤È¤³¤í¡¢
Áí̳¾Ê¤«¤é¡Ö¥¦¥£¥Ë¡¼¤Î»ÈÍѤò¸¡ÃΤ·¤Æ»È¤¨¤Ê¤¯¤¹¤ë¤Î¤Ï
·ûË¡¤ÎÄê¤á¤ë¡ØÄÌ¿®¤ÎÈëÌ©¡Ù¤ËÄñ¿¨¤¹¤ë¶²¤ì¤¬¤¢¤ë¡×¤È»ØƳ¤ò¼õ¤±¡¢
µ¬À©¤ò»ö¼Â¾åÃÇÇ°¤·¤¿¤³¤È¤¬¤ï¤«¤Ã¤¿¡£
¡Ê2006ǯ5·î18Æü14»þ33ʬ ÆÉÇ俷ʹ¡Ë (cache)
¤Ç¤â¡¢Æ±¤¸µ»ö¤ÎÃæ¤Ç
Áí̳¾Ê¤Ï¡¢¥Ë¥Õ¥Æ¥£¤Ë¤è¤ë¥Õ¥¡¥¤¥ë¸ò´¹¥½¥Õ¥ÈÍøÍѸ¡ÃΤ⡢
¡ÖÄÌ¿®¤ÎÈëÌ©¡×¤ËÄñ¿¨¤¹¤ë¶²¤ì¤¬¤¢¤ë¤È¤·¤Æ¤¤¤ë¤¬¡¢
¥Ë¥Õ¥Æ¥£¤Ç¤Ï¥Õ¥¡¥¤¥ë¸ò´¹¥½¥Õ¥ÈÍøÍѼԤ˲óÀþ¤¬ÆÈÀꤵ¤ì¡¢
°ìÈÌÍøÍѼԤ¬¤Ä¤Ê¤¬¤ê¤Ë¤¯¤¯¤Ê¤ë¤Ê¤É°±Æ¶Á¤¬½Ð¤Æ¤¤¤ë¤³¤È¤Ê¤É¤«¤é¡¢
Ʊ¾Ê¤Ç¤Ï¡¢¡Ö¥Ë¥Õ¥Æ¥£¤Îµ¬À©¤ÏµöÍƤǤ¤ë¡×¤È¤·¤Æ¤¤¤ë¡£
¤À¤½¤¦¤Ç¤¹¤¬¡¦¡¦¡¦¡£
¡ÖÀ©¸Â¡×¤Ï¤¤¤¤¤±¤É¡Ö¼×ÃǡפϥÀ¥á¡£¤È¸À¤¦¤³¤È¤Ê¤ó¤Ç¤·¤ç¤¦¤«¡©
¤É¤ó¤ÊÊýË¡¤ÇÀ©¸Â¤ò¤«¤±¤Æ¤¤¤ë¤Î¤Ç¤·¤ç¤¦¤«¡©
¡ÊIP¥¢¥É¥ì¥¹¡£¥Ý¡¼¥Èñ°Ì¡£²ñ°÷£É£Ä¡£¡Ë
¤½¤ì¤Ë¤·¤Æ¤â¡¦¡¦¤É¤³¤Þ¤Ç¡¡ÄÌ¿®ÆâÍƤòÇÄ°®¤·¤Æ¤¤¤ë¤Î¤Ç¤·¤ç¤¦¤«¡©
¥×¥é¥¤¥Ð¥·¡¼¤Î¿¯³²¤È¤Ï¤Á¤ç¤Ã¤È¤Á¤¬¤¦¤Ë¤»¤è¡¢¤Á¤ç¤Ã¤ÈÉݤ¤¤Ç¤¹¤¬¡¦¡¦¡¦
¡¡»²¾È¥ê¥ó¥¯¤Î̵¤¤TB¤Ï¤´±óθ²¼¤µ¤¤¡£¥³¥á¥ó¥ÈTB¤Ï¡¢³Îǧ¸åɽ¼¨¤¹¤ëÀßÄê¤Ç¤¹¡£
¡¡
¡¡¸ø³«¤µ¤ì¤¿¤¯¤Ê¤¤¤´°Õ¸«¤´´¶ÁۤϤ½¤Î»Ý¤òź¤¨¤ÆÁ÷¿®¤ò¤ª´ê¤¤¤·¤Þ¤¹¡£