Trusted Design

Regin

概要

Regin is a multi-purpose data collection tool which dates back several years. Symantec first began looking into this threat in the fall of 2013. Multiple versions of Regin were found in the wild, targeting several corporations, institutions, academics, and individuals. Regin has a wide range of standard capabilities, particularly around monitoring targets and stealing data. It also has the ability to load custom features tailored to individual targets. Some of Regin’s custom payloads point to a high level of specialist knowledge in particular sectors, such as telecoms infrastructure software, on the part of the developers.

Created: 2026-02-23

Indicators

• FileHash-MD5 - d446b1ed24dad48311f287f3c65aeb80 -
• FileHash-SHA1 - e0895336617e0b45b312383814ec6783556d7635 -
• FileHash-SHA1 - 773d7fab06807b5b1bc2d74fa80343e83593caf2 -
• YARA - 480f70c4858995bb55566eb6cff3ffb51b09b568 -
• FileHash-MD5 - 47d0e8f9d7a6429920329207a32ecc2e -
• FileHash-MD5 - db405ad775ac887a337b02ea8b07fddc -
• FileHash-MD5 - b269894f434657db2b15949641a67532 -
• FileHash-SHA1 - 8487a961c8244004c9276979bb4b0c14392fc3b8 -
• FileHash-MD5 - 187044596bc1328efa0ed636d8aa4a5c -
• FileHash-MD5 - 6662c390b2bbbd291ec7987388fc75d7 -
• FileHash-SHA1 - a7b285d4b896b66fce0ebfcd15db53b3a74a0400 -
• YARA - db3319416a238aafe28fb3ac1a7028df7b08ff93 -
• FileHash-MD5 - 885dcd517faf9fac655b8da66315462d -
• FileHash-MD5 - da03648948475b2d0e3e2345d7a9bbbb -
• FileHash-MD5 - bfbe8c3ee78750c3a520480700e440f8 -
• FileHash-SHA256 - fe1419e9dde6d479bd7cda27edd39fafdab2668d498931931a2769b370727129 -
• FileHash-SHA1 - 5164edc1d54f10b7cb00a266a1b52c623ab005e2 -
• FileHash-SHA256 - e420d0cf7a7983f78f5a15e6cb460e93c7603683ae6c41b27bf7f2fa34b2d935 -
• FileHash-MD5 - ba7bb65634ce1e30c1e5415be3d1db1d -
• FileHash-MD5 - 8486ec3112e322f9f468bdea3005d7b5 -
• FileHash-SHA256 - 4139149552b0322f2c5c993abccc0f0d1b38db4476189a9f9901ac0d57a656be -
• FileHash-MD5 - ffb0b9b5b610191051a7bdf0806e1e47 -
• YARA - 990a4596724ed6939af90d209c20ead40d7c91a7 -
• FileHash-MD5 - 26297dc3cd0b688de3b846983c5385e5 -
• YARA - 3a12a0db67ed295e5331558b7fa84f1f4eee13ee -
• FileHash-MD5 - b29ca4f22ae7b7b25f79c1d4a421139d -
• FileHash-MD5 - b505d65721bb2453d5039a389113b566 -
• YARA - faf4eb87e9e4ecb2a924ce3aa31f486995fe01da -
• YARA - 302760187ee77952c6f14f1e98f9bfdf8948adc6 -
• YARA - ef0c4afdcd17f4150b8bdc92e524cfae7905ba78 -
• FileHash-MD5 - 18d4898d82fcb290dfed2a9f70d66833 -
• FileHash-SHA1 - bcf3461d67b39a427c83f9e39b9833cfec977c61 -
• FileHash-MD5 - 29105f46e4d33f66fee346cfd099d1cc -
• FileHash-MD5 - 1c024e599ac055312a4ab75b3950040a -
• YARA - 883499249de4259a30453113a09dbd0b7ffd63c8 -
• FileHash-MD5 - 4b6b86c7fec1c574706cecedf44abded -
• YARA - 56cf5ea6f79923b021acdae40bd4eeb80df9d8c2 -
• YARA - 314650529c9fbde8d9c215054ff2d02fa8b6d35a -
• FileHash-MD5 - e63422e458afdfe111bd0b87c1e9772c -
• FileHash-MD5 - 01c2f321b6bfdb9473c079b0797567ba -
• YARA - 6d3a7566ce588d9e231c835486875aee9f121b4e -
• FileHash-MD5 - c053a0a3f1edcbbfc9b51bc640e808ce -
• FileHash-MD5 - 1e4076caa08e41a5befc52efd74819ea -
• FileHash-MD5 - bddf5afbea2d0eed77f2ad4e9a4f044d -
• FileHash-MD5 - b9e4f9d32ce59e7c4daf6b237c330e25 -
• FileHash-MD5 - d240f06e98c8d3e647cbf4d442d79475 -
• FileHash-MD5 - 6c34031d7a5fc2b091b623981a8ae61c -
• FileHash-MD5 - 744c07e886497f7b68f6f7fe57b7ab54 -
• FileHash-MD5 - 6cf5dc32e1f6959e7354e85101ec219a -
• YARA - 4ee233f27137086de33814d1fce4e0b8fb94ec80 -
• YARA - 353ae6a4252465295bee8a0efdc77f733cc9abbf -
• YARA - 00f636808f97e6788191754bcb1c3f1ea5be23ca -
• FileHash-MD5 - de3547375fbf5f4cb4b14d53f413c503 -
• FileHash-MD5 - 2c8b9d2885543d7ade3cae98225e263b -
• FileHash-MD5 - a1d727340158ec0af81a845abd3963c1 -
• YARA - 21f6dbfce85d8e903560d19c56caf6ca20eac435 -
• FileHash-SHA1 - 732298fa025ed48179a3a2555b45be96f7079712 -
• FileHash-MD5 - 68297fde98e9c0c29cecc0ebf38bde95 -
• FileHash-MD5 - 06665b96e293b23acc80451abb413e50 -
• YARA - 19c97f98c315c68782d980c76a944a0260f61a92 -

類似Pulses

• Regin - Further Investigations by Symantec Aug 2015 (score: 0.78)
• Black Vine: Formidable cyberespionage group (score: 0.46)
• Stegoloader: A Stealthy Information Stealer (score: 0.45)
• Regrun malware on Metadefender.com (score: 0.44)
• T9000: Advanced Modular Backdoor Uses Complex Anti-Analysis (score: 0.44)

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

---

← Pulse一覧に戻る