ioc[.]one - OSINT Cyber Threat Intelligence Database

김수키(Kimsuky) 조직, 실제 주민등록등본 파일로 둔갑한 '블루 에스티메이트 Part3' APT 공격 주의

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Model

Show in Graph

Common Information

Type	Value
UUID	127f1439-ad68-473e-8f3a-0508522edd39
Fingerprint	23a87d8d39c56715
Analysis status	DONE
Considered CTI value	2
Text language
Published	Feb. 6, 2020, 11:38 p.m.
Added to db	Jan. 30, 2023, 4:32 p.m.
Last updated	Oct. 6, 2024, 5:05 p.m.
Headline
Title	김수키(Kimsuky) 조직, 실제 주민등록등본 파일로 둔갑한 '블루 에스티메이트 Part3' APT 공격 주의
Detected Hints/Tags/Attributes	7/2/13

Source URLs

	Redirection	Url
Details	Source	https://blog.alyac.co.kr/2737

URL Provider

Details	Provider	Source level domain
Details	alyac.co.kr	blog.alyac.co.kr

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	1		www.threatinside.com
Details	Domain	2		mernberinfo.tech
Details	File	3		model_수정.pdf
Details	File	2		주민등록등본.pdf
Details	File	1		'주민등록등본.tif
Details	File	1		'주민등록등본.pdf
Details	File	1		'hero.dll
Details	md5	4		35d60d2723c649c97b414b3cb701df1c
Details	md5	2		da799d16aed24cf4f8ec62d5048afd1a
Details	md5	2		20add5eb5fbe527a8b6090a08e7636a6
Details	md5	2		cf87475a87cb2172e73ee6afa7eb6384
Details	IPv4	1		213.190.6.159
Details	Url	1		https://www.threatinside.com