북한 김수키(Kimsuky) 세종연구소 한반도전략센터장 을 사칭 하는 악성코드-CHEONG ??? Chang Essay FINAL.msc(2024.9.25)
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 |
Common Information
| Type | Value |
|---|---|
| UUID | 58f43ca0-0ca8-40e1-9780-b312c229bbe5 |
| Fingerprint | 3af86f41c1c11ebd |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Oct. 30, 2024, midnight |
| Added to db | Oct. 29, 2024, 4:29 p.m. |
| Last updated | Nov. 17, 2024, 10:40 p.m. |
| Headline | 꿈을꾸는 파랑새 |
| Title | 북한 김수키(Kimsuky) 세종연구소 한반도전략센터장 을 사칭 하는 악성코드-CHEONG ??? Chang Essay FINAL.msc(2024.9.25) |
| Detected Hints/Tags/Attributes | 42/2/31 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://wezard4u.tistory.com/429312 |
| Details | Source | http://wezard4u.tistory.com/429312 |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 478 | ✔ | 꿈을꾸는 파랑새 | https://wezard4u.tistory.com/feed | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 20 | cve-2024-44068 |
|
| Details | Domain | 1 | cab.7z.zip |
|
| Details | Domain | 1 | odb.stream |
|
| Details | Domain | 11 | ws.run |
|
| Details | Domain | 1 | post0.se |
|
| Details | Domain | 1 | main.dkwis.kro.kr |
|
| Details | Domain | 1 | kimsuky.az |
|
| Details | File | 2126 | cmd.exe |
|
| Details | File | 1 | +essay+final.docx |
|
| Details | File | 1 | %appdata%\sch_0918.xml |
|
| Details | File | 1 | sch_0918.xml |
|
| Details | File | 1 | %appdata%\sim.exe |
|
| Details | File | 1 | sim.exe |
|
| Details | File | 1 | dksleks.html |
|
| Details | File | 1 | dksleks-1.html |
|
| Details | File | 1 | cab.7z |
|
| Details | File | 1 | dksleks-2.html |
|
| Details | File | 1 | dksleks-3.html |
|
| Details | File | 2 | fs.mov |
|
| Details | File | 1 | agent.xml |
|
| Details | File | 2 | trojan-downloader.xml |
|
| Details | File | 8 | 붙임.chm |
|
| Details | File | 9 | 악성코드-pnx01.apk |
|
| Details | File | 11 | 원리.pdf |
|
| Details | md5 | 1 | 90a7f83dd9cf5e58044cdf56e8ed7079 |
|
| Details | sha1 | 1 | 1080b6fb2060cda252145548d1624a2fd86bd728 |
|
| Details | sha256 | 1 | fd65c7a42458d05219cd6dad15b8ba28712a2d52e2f10a2060341aa03aedbab8 |
|
| Details | IPv4 | 1 | 121.66.72.110 |
|
| Details | Url | 1 | http://main.dkwis.kro.kr:8000/0918_uri_skle/dksleks?na=myapp |
|
| Details | Url | 1 | http://main.dkwis.kro.kr:8000/0918_uri_skle/dksleks?na=myappfest |
|
| Details | Url | 1 | http://121.66.72.110/0918_uri_skle/dksdlf?na=comline |