HWP and PostScript Abused Via Malicious Attachments
Tags
country: South Korea
attack-pattern: Malware - T1587.001 Malware - T1588.001 Vulnerabilities - T1588.006
Show in Graph
Common Information
Type Value
UUID 12d97886-f3ff-43a5-ad28-f0cac7c3c80a
Fingerprint b0602a4905376b80
Analysis status DONE
Considered CTI value 0
Text language
Published Sept. 14, 2017, midnight
Added to db Oct. 15, 2024, 5:12 p.m.
Last updated Dec. 21, 2024, 3:59 a.m.
Headline HWP and PostScript Abused Via Malicious Attachments
Title HWP and PostScript Abused Via Malicious Attachments
Detected Hints/Tags/Attributes 17/2/2
Source URLs
Redirection Url
Details Source https://www.trendmicro.com/en_ca/research/17/i/hangul-word-processor-postscript-abused-malicious-attachments.html
URL Provider
Details Provider Source level domain
Details trendmicro.com www.trendmicro.com
Attributes
Details Type #Events CTI Value
Details File 4 
gswin32c.exe
Details File 331 
calc.exe