Show in Graph
Common Information
Type Value
Value 
http://5645780.c1.biz//index.php?user_id=trap&auth=trap&pw=trap下载文件,并保存到%temp%\fxsaaenpilogfile.txt(md5:1ae5b24456d9751dbd15c5c4fccef261),最后利用expand对下载文件进行解压并执行其中的check.bat
Category
Type Url
Misp Type
Description
Details Published Attributes CTI Title
Details Website 2022-02-21 59 APT-C-28(ScarCruft)组织对韩国地区攻击活动分析