APT 김수키(Kimsuky)에서 만든 악성코드-pay.bat(2024.11,27)
Tags
maec-delivery-vectors: | Watering Hole |
attack-pattern: | Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Powershell - T1086 |
Common Information
Type | Value |
---|---|
UUID | 0bb37dca-27a3-471b-8946-b85615d2b723 |
Fingerprint | 7e7cb6e7c4a35438 |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Dec. 5, 2024, midnight |
Added to db | Dec. 6, 2024, 12:03 p.m. |
Last updated | Dec. 24, 2024, 5:56 a.m. |
Headline | 꿈을꾸는 파랑새 |
Title | APT 김수키(Kimsuky)에서 만든 악성코드-pay.bat(2024.11,27) |
Detected Hints/Tags/Attributes | 17/2/16 |
Source URLs
Redirection | Url | |
---|---|---|
Details | Source | http://wezard4u.tistory.com/429348 |
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 478 | ✔ | 꿈을꾸는 파랑새 | https://wezard4u.tistory.com/feed | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | File | 14 | 악성코드-pay.bat |
|
Details | File | 4 | pay.bat |
|
Details | File | 5 | chrome.ps1 |
|
Details | File | 11 | temp.ps1 |
|
Details | File | 2 | santa2-f.txt |
|
Details | File | 1357 | powershell.exe |
|
Details | File | 2 | ystem_first.ps1 |
|
Details | File | 6 | system_first.ps1 |
|
Details | File | 51 | trojan.bat |
|
Details | File | 14 | 악성코드-system_first.ps1 |
|
Details | File | 13 | apt-telegram.txt |
|
Details | md5 | 2 | b262ac518c0114f414aaedbb4ef7c728 |
|
Details | sha1 | 2 | fd02470c6cc4ceb5fad3589d02e5148a8c738b83 |
|
Details | sha256 | 2 | 8e0eb0d36bfd4e28ec6a10acccf899740df7048451229b84715e475e3c91347b |
|
Details | Microsoft Patch Numbers | 16 | KB5046740 |
|
Details | Url | 4 | https://dl.dropboxusercontent |