Lazarus Threat Group Exploiting Vulnerability of Korean Finance Security Solution - ASEC BLOG
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 0ae33759-dbda-4c27-bcbd-655c86f0784e |
| Fingerprint | c4211dc8cd73ac8d |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | June 15, 2023, 8 a.m. |
| Added to db | June 15, 2023, 2:30 a.m. |
| Last updated | Oct. 22, 2024, 1:01 a.m. |
| Headline | Lazarus Threat Group Exploiting Vulnerability of Korean Finance Security Solution |
| Title | Lazarus Threat Group Exploiting Vulnerability of Korean Finance Security Solution - ASEC BLOG |
| Detected Hints/Tags/Attributes | 46/2/48 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://asec.ahnlab.com/en/54195/ |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 17 | ✔ | ASEC | https://asec.ahnlab.com/en/feed/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 8 | knvd.krcert.or.kr |
|
| Details | Domain | 8 | detailsecno.do |
|
| Details | Domain | 2 | www.gongsilbox.com |
|
| Details | Domain | 2 | www.sinae.or.kr |
|
| Details | Domain | 3 | www.bcdm.or.kr |
|
| Details | Domain | 2 | www.hmedical.co.kr |
|
| Details | Domain | 2 | www.coupontreezero.com |
|
| Details | Domain | 2 | ksmarathon.com |
|
| Details | Domain | 2 | www.daehang.com |
|
| Details | Domain | 5 | swt-keystonevalve.com |
|
| Details | Domain | 4 | www.materic.or.kr |
|
| Details | File | 5 | winsync.dll |
|
| Details | File | 2 | microsoftvsa.bin |
|
| Details | File | 2 | wincert.bin |
|
| Details | File | 2 | mseng.bin |
|
| Details | File | 2 | loadconf.exe |
|
| Details | File | 3 | bbs.asp |
|
| Details | File | 35 | index.asp |
|
| Details | File | 3 | edit.asp |
|
| Details | File | 12 | edit.php |
|
| Details | File | 3 | bottom.asp |
|
| Details | File | 2 | excel2.asp |
|
| Details | File | 6 | www.dae |
|
| Details | File | 3 | logout.asp |
|
| Details | File | 6 | cache.php |
|
| Details | File | 2 | equip_ok.asp |
|
| Details | md5 | 4 | E73EAB80B75887D4E8DD6DF33718E3A5 |
|
| Details | md5 | 4 | BA741FA4C7B4BB97165644C799E29C99 |
|
| Details | md5 | 4 | 064D696A93A3790BD3A1B8B76BAAEEF3 |
|
| Details | md5 | 2 | 8ADEEB291B48C97DB1816777432D97FD |
|
| Details | md5 | 4 | 67D306C163B38A06E98DA5711E14C5A7 |
|
| Details | md5 | 4 | C09B062841E2C4D46C2E5270182D4272 |
|
| Details | md5 | 4 | 747177AAD5AEF020B82C6AEABE5B174F |
|
| Details | md5 | 2 | E7C9BF8BF075487A2D91E0561B86D6F5 |
|
| Details | md5 | 2 | 55F0225D58585D60D486A3CC7EB93DE5 |
|
| Details | sha1 | 2 | ec5d5941522d947abd6c9e82e615b46628a2155f |
|
| Details | sha1 | 2 | 3ca6abf845f3528edf58418e5e42a9c1788efe7a |
|
| Details | IPv4 | 4 | 8.0.23.215 |
|
| Details | Url | 6 | https://knvd.krcert.or.kr/detailsecno.do?idx=5881 |
|
| Details | Url | 2 | https://www.gongsilbox.com/board/bbs.asp |
|
| Details | Url | 2 | http://www.sinae.or.kr/sub01/index.asp |
|
| Details | Url | 2 | https://www.bcdm.or.kr/board/type3_d/edit.asp |
|
| Details | Url | 2 | https://www.hmedical.co.kr/include/edit.php |
|
| Details | Url | 2 | https://www.coupontreezero.com/include/bottom.asp |
|
| Details | Url | 2 | http://ksmarathon.com/admin/excel2.asp |
|
| Details | Url | 2 | https://www.daehang.com/member/logout.asp |
|
| Details | Url | 2 | https://swt-keystonevalve.com/data/content/cache/cache.php?mode=read |
|
| Details | Url | 2 | https://www.materic.or.kr/files/board/equip/equip_ok.asp |