ioc[.]one - OSINT Cyber Threat Intelligence Database

South Korea Incident - New Malware samples

Tags

country:	South Korea
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Tool - T1588.002

Show in Graph

Common Information

Type	Value
UUID	22720d78-c4f5-450f-8c7d-e7307ae28712
Fingerprint	2ed62b4a4dadcae1
Analysis status	DONE
Considered CTI value	2
Text language
Published	April 24, 2013, midnight
Added to db	Sept. 26, 2022, 9:30 a.m.
Last updated	Oct. 1, 2024, 2:41 p.m.
Headline	Malware Reversing
Title	South Korea Incident - New Malware samples
Detected Hints/Tags/Attributes	32/3/138

Source URLs

	Redirection	Url
Details	Source	http://www.malware-reversing.com/2013/04/5-south-korea-incident-new-malware.html

URL Provider

Details	Provider	Source level domain
Details	malware-reversing.com	www.malware-reversing.com

Attributes

Details	Type	#Events	Value
Details	Domain	67	www.dropbox.com
Details	Domain	1	dr0pper.zip
Details	Domain	1	troy.zip
Details	Domain	6	exploit.zip
Details	Domain	1	tdrop.zip
Details	Domain	1	parts.zip
Details	Domain	1	traveler.foxlink.com
Details	Domain	1	babcom-h1.bluethunder.co
Details	Domain	1	www.gcglobal.com
Details	Domain	1	solarshade.co.kr
Details	Domain	1	lawbookcenter.co.kr
Details	Domain	1	nowq.net
Details	Domain	1	qitaegyo.com
Details	Domain	1	www.hanja-edu.com
Details	Domain	1	www.theumin.net
Details	Domain	1	delmundo.kr
Details	Domain	1	dong-a.jp
Details	Domain	1	www.toneharbor.com
Details	Domain	1	sujewha.com
Details	Domain	1	www.pnpdent.com
Details	Domain	1	yaryar.ivyro.net
Details	File	1	dr0pper.zip
Details	File	1	troy.zip
Details	File	6	exploit.zip
Details	File	1	tdrop.zip
Details	File	1	parts.zip
Details	File	1	challengemember.php
Details	File	1	goods_list_ok.php
Details	File	1	goods_list.php
Details	File	1	mb_join.php
Details	File	1	login_ok.php
Details	File	1	send_message_cancel.php
Details	md5	1	3456f42bba032cff5518a5e5256cc433
Details	md5	1	ebc7741e6e0115c2cf992860a7c7eae7
Details	md5	1	ec887c65ed4b57ebcd535a3d065ec9eb
Details	md5	1	DA6422053C1FF233C897E0E17FA80A16
Details	md5	1	c9b65b764985dfd7a11d3faf599c56b8
Details	md5	1	D177A29C3D19A9E7DFA9E5FD66C0B8CB
Details	md5	1	0c6663ea04ea2940d6d43e650a877a23
Details	md5	1	6f375123f7d8df0f7460845528d9e0a1
Details	md5	1	152B264288BCF5DC02222CEE49587B8E
Details	md5	1	a03ae3a480dd17134b04dbc5e62bf57b
Details	md5	1	8FBC1F3048263AA0D4F56D119198ED04
Details	md5	1	F0306EF42E300D36C6A331203E67EDF3
Details	md5	1	F0C4892E5A7EBB7107E906CC3DEEE1D5
Details	md5	2	50E03200C3A0BECBF33B3788DAC8CD46
Details	md5	1	7fdcae6d4b26be8ba730647dbaf60123
Details	md5	1	42B175E68D3C2D1D8AFE7A4719EC9804
Details	md5	1	8f75f32c667c62ebeffa6907efcba3f8
Details	md5	1	FA32CFA9A10F78DC0F790E577BEDFDD5
Details	md5	1	6A4895F0B647674CB19D31A38EBEC7F4
Details	md5	1	D6B59967C8E75CF8F85F9FFF9A71EE55
Details	md5	1	EC2FB1C71E58CC1B5C6287C3D1A87463
Details	md5	1	028693C655BE9CED65A5FDD419F870C1
Details	md5	1	E5CA80611B44971242CE86A5E93E0BB1
Details	md5	1	7EF56A024343BACA47051E3C217BEDBF
Details	md5	1	E280ED273E3C8E56A82171E51422DA65
Details	md5	1	9E26CEFEC658E519376FF8F25280B8B6
Details	md5	1	E088A1B4F0384BEAA802280D2F11605A
Details	md5	1	A68C7116CF1CC7A1810B1B9555889F5E
Details	md5	1	C28F73737E5105ECDC98A73427088C7C
Details	md5	1	0629E207BB9669359C867000EC3A4D9E
Details	md5	1	AB456ACE1530658397DC9A60279D9450
Details	md5	1	F172BB194BAC17A3991D63E130406661
Details	md5	1	539251E10A1366246514A4E9D96F5750
Details	md5	1	861DEF06A85F2439A8C80F760D599AAF
Details	md5	1	813D061ABE874C1EEDF907FED6022343
Details	md5	1	DFABBE5D1F9514D0B7E3CBD1533B9698
Details	md5	1	1C91B0E3CF2E908F8BA10E7A4C741EB4
Details	md5	1	91373B901CA888EC00FD5E0EB44641A2
Details	md5	1	C95CFEC9D538250F94E696138ECD6AB2
Details	md5	1	9B9A0EDD4E8403B14BADD659394AB491
Details	md5	1	FBFB61F214B89A7FE01C7FC9321FE51A
Details	md5	1	0812115B49786BCE91D67556F2413003
Details	md5	1	3504EEAAFBDBFB7867A24065BF5C8CD0
Details	md5	1	854C800489E0F6CFC1E26F4A3BDB1C9B
Details	md5	1	C1FB527D87280B128CAC84E61AD107E7
Details	md5	1	65D3483E47A196AF7E00BD1C7DF28367
Details	md5	1	B1947B493AAC4055F4CB3E793882A07E
Details	md5	1	B881C797AF30CAF2519136475F8E9995
Details	md5	1	67C341676A795013BE3D8237D1491C23
Details	md5	1	8EBA82BE94E87EEA3F456A8908EC287B
Details	md5	1	B8B96FB1C0B1360FDB3BE2D3ECFF6DA7
Details	md5	1	417583CB8687C41F336F7D7013B89EC8
Details	md5	1	2BDD0194B499D694D75FFF5514D53C40
Details	md5	1	4687A05ABBC463B092A136BAB2B0B8C1
Details	md5	1	D7E8F73493534BF40CC6DB4D309951AC
Details	md5	1	5FA4DC5D15DF823187FBF1AC8EB64776
Details	md5	1	97166E20B921219020CF9B590804AFEA
Details	md5	1	9674D77DAA86BF4736623F4F4191BFA7
Details	md5	1	912C43B9671155F239F6652B879025E8
Details	md5	1	8192CC6512076C16DC35840C9E283C91
Details	md5	1	61FDACF830D5B51AA22E3F5B40E86763
Details	md5	1	F3A4EC6EB26FDF2104F11A23B32684D3
Details	md5	1	43771061FF9BA8734B35E8E6C73BCCBA
Details	md5	1	1265957A6C44A23DA14622675C26CE7A
Details	md5	1	ACE6354688262926F3694EBA0E856F93
Details	md5	1	158FD0A1D1AE027B1569ADBEBB2D3E66
Details	md5	1	AAF3BF7F33CDF71661F367A931626DD6
Details	md5	1	41CFFD9DA299AB3C6AD8C04303558303
Details	md5	1	758589DF298CD282E904148520C88E98
Details	md5	1	3B0068227DD0833125956AC62C44E713
Details	md5	1	D1782106B81464CE0866772D4F494A87
Details	md5	1	4249502D550B88D5722DFDDED024756F
Details	md5	1	FBB1F08C540997C1C4D817A8269C900A
Details	Pdb	1	bd_installer.pdb
Details	Pdb	1	c:\test\bd_installer_2010\x64\release\bd_installer_2010.pdb
Details	Pdb	2	concealment_troy.pdb
Details	Pdb	1	f:\working\win7elevatev2_source\x64\release\win7elevatedll.pdb
Details	Pdb	2	3payloaddll.pdb
Details	Pdb	1	httpsecurityprovider.pdb
Details	Pdb	1	f:\working\win7elevatev2_source\win32\release\win7elevatedll32.pdb
Details	Pdb	1	f:\working\win7elevatev2_source\x64\release\win7elevatedll64.pdb
Details	Pdb	1	z:\source\1\httptroy\bsdll-up\release\bsdll.pdb
Details	Pdb	1	pdf_exe.pdb
Details	Pdb	1	payloadll32.pdb
Details	Pdb	1	payloadll64.pdb
Details	Url	1	https://www.dropbox.com/s/w1892v0hzjgtikw/concealment
Details	Url	1	https://www.dropbox.com/s/fzk9bkn6fk5klab/http
Details	Url	1	https://www.dropbox.com/s/n6h6vgnoihy59a6/http
Details	Url	1	https://www.dropbox.com/s/lvzj14261bbajkg/pdf
Details	Url	1	https://www.dropbox.com/s/wn5a1jruatpq3x5/tdrop.zip
Details	Url	1	https://www.dropbox.com/s/mqp1bvhuacoakcq/parts.zip
Details	Url	1	http://traveler.foxlink.com/challenge/inc/challengemember.php
Details	Url	1	http://babcom-h1.bluethunder.co/challenge/inc/challengemember.php
Details	Url	1	http://www.gcglobal.com/challenge/inc/challengemember.php
Details	Url	1	http://solarshade.co.kr/eml/goods_list_ok.php
Details	Url	1	http://lawbookcenter.co.kr/shop/temp/goods_list.php
Details	Url	1	http://nowq.net/rgboard/addon/mb_join.php
Details	Url	1	http://qitaegyo.com/rgboard/data/mb_join.php
Details	Url	1	http://www.hanja-edu.com/bbs/login_ok.php
Details	Url	1	http://www.theumin.net/bbs/login_ok.php
Details	Url	1	http://delmundo.kr/bbs/login_ok.php
Details	Url	1	http://dong-a.jp/upload/csv/login_ok.php
Details	Url	1	http://www.toneharbor.com/allplanpg/login_ok.php
Details	Url	1	http://sujewha.com/sms/login_ok.php
Details	Url	1	http://www.pnpdent.com/bbs/send_message_cancel.php
Details	Url	1	http://yaryar.ivyro.net/bbs/send_message_cancel.php