ioc[.]one - OSINT Cyber Threat Intelligence Database

Threat Advisory

Show in Graph

Common Information

Type	Value
UUID	09ff0549-c554-4e69-8a99-259895777b7c
Fingerprint	1130f4837e695297454626210fe38173a02e1d62a243fef322dfcdf56fefec4e
Analysis status	DONE
Considered CTI value	2
Text language
Published	Nov. 24, 2023, 7:12 p.m.
Added to db	Feb. 7, 2024, 7:32 p.m.
Last updated	Aug. 31, 2024, 2:24 a.m.
Headline	Threat Advisory
Title	Threat Advisory
Detected Hints/Tags/Attributes	104/4/50

Source URLs

	Redirection	Url
Details	Source	https://www.hivepro.com/wp-content/uploads/2023/11/Lazarus-Group-Orchestrates-Supply-Chain-Attack-on-CyberLink-Corp_TA2023475.pdf

URL Provider

Details	Provider	Source level domain
Details	hivepro.com	www.hivepro.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	update.cyberlink.com
Details	Domain	1	cldownloader.github.io
Details	Domain	1	stack.imgur.com
Details	Domain	1	www.webville.net
Details	Domain	1	mantis.jancom.pl
Details	Domain	1	zeduzeventos.busqueabuse.com
Details	Domain	397	www.microsoft.com
Details	Domain	435	www.hivepro.com
Details	File	1	omeo_downloader.exe
Details	File	1	erlink_promeo_downloader.exe
Details	File	44	logo.png
Details	File	1	ndtum.png
Details	File	1	cl202966126.png
Details	File	1	addin.php
Details	File	1	ds.php
Details	md5	1	0a08d3601636378f0a7d64fd09e4a13b
Details	sha1	1	8aa3877ab68ba56dabc2f2802e813dc36678aef4
Details	IBM X-Force - Threat Group Enumeration	6	ITG03
Details	Mandiant Uncategorized Groups	9	UNC577
Details	Mandiant Uncategorized Groups	44	UNC2970
Details	Mandiant Uncategorized Groups	16	UNC4034
Details	Mandiant Uncategorized Groups	59	UNC4736
Details	Mandiant Uncategorized Groups	21	UNC4899
Details	MITRE ATT&CK Techniques	422	T1041
Details	MITRE ATT&CK Techniques	33	T1588.003
Details	MITRE ATT&CK Techniques	145	T1588
Details	MITRE ATT&CK Techniques	67	T1505
Details	MITRE ATT&CK Techniques	534	T1005
Details	MITRE ATT&CK Techniques	19	T1530
Details	MITRE ATT&CK Techniques	504	T1140
Details	MITRE ATT&CK Techniques	627	T1027
Details	MITRE ATT&CK Techniques	289	T1003
Details	MITRE ATT&CK Techniques	36	T1195.002
Details	MITRE ATT&CK Techniques	52	T1195
Details	MITRE ATT&CK Techniques	348	T1036
Details	MITRE ATT&CK Techniques	365	T1204.002
Details	MITRE ATT&CK Techniques	420	T1204
Details	Deprecated Microsoft Threat Actor Naming Taxonomy (Groups in development)	24	DEV-0139
Details	Threat Actor Identifier - APT-C	30	APT-C-26
Details	Threat Actor Identifier by Red Alert	39	SectorA01
Details	Threat Actor Identifier by Thales	7	ATK 3
Details	Url	1	https://update.cyberlink.com/retail/promeo/rdzcmsfy1ely/cyberl
Details	Url	1	https://update.cyberlink.com/retail/patch/promeo/dl/rdzcmsfy1e
Details	Url	1	https://cldownloader.github.io/logo.png
Details	Url	1	https://i.stack.imgur.com/ndtum.png
Details	Url	1	https://www.webville.net/images/cl202966126.png
Details	Url	1	https://mantis.jancom.pl/bluemantis/image/addon/addin.php
Details	Url	1	https://zeduzeventos.busqueabuse.com/wpadmin/js/widgets/sub/wi
Details	Url	2	https://www.microsoft.com/en-us/security/blog/2023/11/22/diamond-sleet-supply-chain-
Details	Url	2	https://www.hivepro.com/threat-advisory/north-korean-actors-behind-active-exploitation-of-