Gold Dragon Widens Olympics Malware Attacks, Gains Permanent Presence on Victims' Systems
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 30d95573-a34d-4803-8cce-f1a14ef44d00 |
| Fingerprint | 353ebd8529fb8f81 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Feb. 2, 2018, 6:51 p.m. |
| Added to db | Sept. 26, 2022, 9:32 a.m. |
| Last updated | Nov. 18, 2024, 1:38 a.m. |
| Headline | Gold Dragon Widens Olympics Malware Attacks, Gains Permanent Presence on Victims’ Systems |
| Title | Gold Dragon Widens Olympics Malware Attacks, Gains Permanent Presence on Victims' Systems |
| Detected Hints/Tags/Attributes | 72/3/55 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 3 | www.golddragon.com |
|
| Details | Domain | 2 | ink.inkboom.co.kr |
|
| Details | Domain | 1 | nid-help-pchange.atwebpages.com |
|
| Details | Domain | 1 | inkboom.co.kr |
|
| Details | Domain | 1 | braveprince.com |
|
| Details | Domain | 1 | trydai.000webhostapp.com |
|
| Details | Domain | 7 | 000webhostapp.com |
|
| Details | Domain | 1 | eodo1.000webhostapp.com |
|
| Details | Domain | 2 | followgho.byethost7.com |
|
| Details | Domain | 1 | minibodegaslock.cl |
|
| Details | File | 2 | 한글추출.exe |
|
| Details | File | 15 | hwp.exe |
|
| Details | File | 1 | viso.exe |
|
| Details | File | 2127 | cmd.exe |
|
| Details | File | 1 | ixe000.bin |
|
| Details | File | 59 | post.php |
|
| Details | File | 98 | download.php |
|
| Details | File | 1 | pi_00.dat |
|
| Details | File | 3 | daumcleaner.exe |
|
| Details | File | 1 | c:\utils\c2ae_uiproxy.exe |
|
| Details | File | 2 | dx.bat |
|
| Details | File | 1 | default_tags.php |
|
| Details | sha1 | 1 | fef671c13039df24e1606d5fdc65c92fbc1578d9 |
|
| Details | sha1 | 1 | 06948ab527ae415f32ed4b0f0d70be4a86b364a5 |
|
| Details | sha1 | 1 | 96a2fda8f26018724c86b275fe9396e24b26ec9e |
|
| Details | sha1 | 1 | ad08a60dc511d9b69e584c1310dbd6039acffa0d |
|
| Details | sha1 | 1 | c2f01355880cd9dfeef75cff189f4a8af421e0d3 |
|
| Details | sha1 | 1 | 615447f458463dc77f7ae3b0a4ad20ca2303027a |
|
| Details | sha1 | 1 | bf21667e4b48b8857020ba455531c9c4f2560740 |
|
| Details | sha1 | 2 | bc6cb78e20cb20285149d55563f6fdcf4aaafa58 |
|
| Details | sha1 | 1 | 465d48ae849bbd6505263f3323e818ccb501ba88 |
|
| Details | sha1 | 1 | a9eb9a1734bb84bbc60df38d4a1e02a870962857 |
|
| Details | sha1 | 2 | 539acd9145befd7e670fe826c248766f46f0d041 |
|
| Details | sha1 | 1 | d63c7d7305a8b2184fff3b0941e596f09287aa66 |
|
| Details | sha1 | 1 | 35e5310b6183469f4995b7cd4f795da8459087a4 |
|
| Details | sha1 | 1 | 11a38a9d23193d9582d02ab0eae767c3933066ec |
|
| Details | sha1 | 1 | e68f43ecb03330ff0420047b61933583b4144585 |
|
| Details | sha1 | 1 | 83706ddaa5ea5ee2cfff54b7c809458a39163a7a |
|
| Details | sha1 | 1 | 3a0c617d17e7f819775e48f7edefe9af84a1446b |
|
| Details | sha1 | 1 | 761b0690cd86fb472738b6dc32661ace5cf18893 |
|
| Details | sha1 | 1 | 7e74f034d8aa4570bd1b7dcfcdfaa52c9a139361 |
|
| Details | sha1 | 1 | 5e1326dd7122e2e2aed04ca4de180d16686853a7 |
|
| Details | sha1 | 1 | 6e13875449beb00884e07a38d0dd2a73afe38283 |
|
| Details | sha1 | 1 | 4f58e6a7a04be2b2ecbcdcbae6f281778fdbd9f9 |
|
| Details | sha1 | 1 | 389db34c3a37fd288e92463302629aa48be06e35 |
|
| Details | sha1 | 1 | 71f337dc65459027f4ab26198270368f68d7ae77 |
|
| Details | sha1 | 1 | 5a7fdfa88addb88680c2f0d5f7095220b4bbffc1 |
|
| Details | sha1 | 1 | 7ae731d666e547b4f3442fe5675c8e8719d8d862 |
|
| Details | IPv4 | 1 | 200.200.200.13 |
|
| Details | IPv4 | 1 | 223.194.70.136 |
|
| Details | Url | 1 | http://ink[dot]inkboom.co.kr/host/img/jpg/post.php |
|
| Details | Url | 1 | http://ink[dot]inkboom.co.kr/host/img/jpg/download.php?filename= |
|
| Details | Url | 1 | https://minibodegaslock.cl:443/components/com_tags/controllers/default_tags.php |
|
| Details | Url | 1 | https://minibodegaslock.cl/components/com_tags/controllers/access_log |
|
| Details | Windows Registry Key | 47 | HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |