오퍼레이션 김수키(Kimsuky)의 은밀한 활동, 한국 맞춤형 APT 공격은 현재 진행형
Tags
| attack-pattern: | Data Process Hollowing - T1055.012 Process Hollowing - T1093 |
Common Information
| Type | Value |
|---|---|
| UUID | 39f1bf16-05d2-4949-8889-c799d1586763 |
| Fingerprint | 12cd3ed75fdf6ff9 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Feb. 12, 2018, 8:47 p.m. |
| Added to db | Jan. 30, 2023, 4:36 p.m. |
| Last updated | Oct. 16, 2024, 1:06 a.m. |
| Headline | |
| Title | 오퍼레이션 김수키(Kimsuky)의 은밀한 활동, 한국 맞춤형 APT 공격은 현재 진행형 |
| Detected Hints/Tags/Attributes | 17/1/11 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | http://blog.alyac.co.kr/1536 |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 92 | cve-2018-4878 |
|
| Details | Domain | 1 | maii-daum-net.atwebpages.com |
|
| Details | Domain | 2 | ink.inkboom.co.kr |
|
| Details | Domain | 1 | mail.daum.net |
|
| Details | Domain | 3 | www.golddragon.com |
|
| Details | Domain | 1 | www.braveprince.com |
|
| Details | Domain | 1 | nate-on.bugs3.com |
|
| Details | Domain | 1 | www.nate-on.bugs3.com |
|
| Details | Domain | 2 | followgho.byethost7.com |
|
| Details | Domain | 1 | trojan.ransom.hermes |
|
| Details | File | 3 | 'userinit.exe |