APT43: North Korean Group Uses Cybercrime to Fund Espionage Operations
Common Information
| Type | Value |
|---|---|
| UUID | 4052a1c2-98d3-4023-9c0a-91bb64162c72 |
| Fingerprint | 9fc16130ee32ff6fc554e2ab9ac8d7a23913c9eb8fd46d3952864eee4b6d9286 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | March 29, 2023, 10:57 a.m. |
| Added to db | Oct. 31, 2024, 10:54 a.m. |
| Last updated | Oct. 31, 2024, 10:55 a.m. |
| Headline | APT43: North Korean Group Uses Cybercrime to Fund Espionage Operations |
| Title | APT43: North Korean Group Uses Cybercrime to Fund Espionage Operations |
| Detected Hints/Tags/Attributes | 0/0/16 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://services.google.com/fh/files/misc/apt43-report-en.pdf |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 3 | sesorin.lol |
|
| Details | Domain | 1 | pencildown.android |
|
| Details | Domain | 1 | landmark.net |
|
| Details | Domain | 17 | mandiant.com |
|
| Details | Domain | 182 | www.mandiant.com |
|
| Details | 6 | info@mandiant.com |
||
| Details | File | 1 | cointoss.xlm |
|
| Details | File | 456 | mshta.exe |
|
| Details | File | 1018 | rundll32.exe |
|
| Details | Mandiant Temporary Group Assumption | 44 | TEMP.HERMIT |
|
| Details | Mandiant Uncategorized Groups | 1 | UNC1758 |
|
| Details | Mandiant Uncategorized Groups | 7 | UNC1069 |
|
| Details | Mandiant Uncategorized Groups | 1 | UNC786 |
|
| Details | Mandiant Uncategorized Groups | 2 | UNC2226 |
|
| Details | Mandiant Uncategorized Groups | 1 | UNC1873 |
|
| Details | Mandiant Uncategorized Groups | 1 | UNC785 |