Malicious Help File Disguised as COVID-19 Infectee Notice Being Distributed in Korea - ASEC BLOG
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 |
Common Information
| Type | Value |
|---|---|
| UUID | 27e17d8a-22a3-4378-8a9c-780c9ef6c67f |
| Fingerprint | 268bc99193c4739 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | April 5, 2022, 9:49 a.m. |
| Added to db | Sept. 11, 2022, 4:59 p.m. |
| Last updated | Nov. 17, 2024, 6:54 p.m. |
| Headline | Malicious Help File Disguised as COVID-19 Infectee Notice Being Distributed in Korea |
| Title | Malicious Help File Disguised as COVID-19 Infectee Notice Being Distributed in Korea - ASEC BLOG |
| Detected Hints/Tags/Attributes | 19/2/9 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://asec.ahnlab.com/en/33486/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 28 | dl.dropboxusercontent.com |
|
| Details | File | 34 | hh.exe |
|
| Details | File | 8 | chmext.exe |
|
| Details | File | 6 | intelrst.exe |
|
| Details | File | 5 | zs_url.txt |
|
| Details | md5 | 6 | 210db61d1b11c1d233fd8a0645946074 |
|
| Details | md5 | 4 | 619649ce3fc1682c702d9159e778f8fd |
|
| Details | md5 | 4 | bb71af5c5a113a050ff5928535d3465e |
|
| Details | Url | 4 | https://dl.dropboxusercontent.com/s/k288s9tu2o53v41/zs_url.txt?dl=0 |