국내 기업을 대상으로 공격 중인 하쿠나 마타타(Hakuna matata) 랜섬웨어 - ASEC BLOG
Tags
attack-pattern: Data Rundll32 - T1218.011 Rundll32 - T1085
Show in Graph
Common Information
Type Value
UUID 1201b48e-8070-42a7-ab50-4d375f6bf8ef
Fingerprint 5dc4ee27362a167c
Analysis status DONE
Considered CTI value 0
Text language
Published Aug. 7, 2023, 1:20 p.m.
Added to db Aug. 7, 2023, 8:26 a.m.
Last updated Nov. 17, 2024, 6:49 p.m.
Headline 국내 기업을 대상으로 공격 중인 하쿠나 마타타(Hakuna matata) 랜섬웨어
Title 국내 기업을 대상으로 공격 중인 하쿠나 마타타(Hakuna matata) 랜섬웨어 - ASEC BLOG
Detected Hints/Tags/Attributes 56/1/32
Source URLs
Redirection Url
Details Source https://asec.ahnlab.com/ko/55907/
URL Provider
Details Provider Source level domain
Details ahnlab.com asec.ahnlab.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 18 ASEC https://asec.ahnlab.com/ko/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 23 
techmail.info
Details Domain 74 
proton.me
Details Email 2 
keylan@techmail.info
Details Email 2 
gerb666@proton.me
Details File 2 
rch.exe
Details File 2 
ver7.exe
Details File 5 
bulletspassview64.exe
Details File 3 
dialupass.exe
Details File 7 
mailpv.exe
Details File 5 
mspass.exe
Details File 6 
netpass64.exe
Details File 2 
netrouteview.exe
Details File 5 
rdpv.exe
Details File 5 
routerpassview.exe
Details File 5 
vncpassview.exe
Details File 10 
webbrowserpassview.exe
Details File 5 
wirelesskeyview64.exe
Details File 56 
processhacker.exe
Details File 2 
-id-readme.txt
Details File 351 
recycle.bin
Details File 101 
iconcache.db
Details File 243 
autorun.inf
Details File 143 
thumbs.db
Details File 120 
boot.ini
Details File 90 
bootfont.bin
Details File 66 
ntuser.ini
Details File 196 
desktop.ini
Details File 193 
ntuser.dat
Details File 2 
%localappdata%\rundll32.exe
Details File 131 
tar.gz
Details File 19 
tar.xz
Details md5 2 
1a5dd79047766bd09c27f0336dd22142