Rewterz Threat Alert – Kimsuky APT Group – Active IOCs - Rewterz
Tags
attack-pattern: Software - T1592.002
Common Information
Type Value
UUID 5a7b074e-161d-42c4-bfb4-8fb64587f126
Fingerprint 85ae00454e969f0f
Analysis status DONE
Considered CTI value 2
Text language
Published July 16, 2021, 10:02 a.m.
Added to db Dec. 19, 2024, 1:13 a.m.
Last updated Dec. 19, 2024, 9:47 a.m.
Headline Rewterz Threat Alert – Kimsuky APT Group – Active IOCs
Title Rewterz Threat Alert – Kimsuky APT Group – Active IOCs - Rewterz
Detected Hints/Tags/Attributes 23/1/56
Attributes
Details Type #Events CTI Value
Details CVE 3
cve-2021-1422
Details Domain 3
tbear.mypressonline.com
Details Domain 3
btige.myartsonline.com
Details Domain 3
stair.myartsonline.com
Details Domain 3
ccav.myartsonline.com
Details Domain 3
visul.myartsonline.com
Details Domain 3
modri.myartsonline.com
Details Domain 3
ranso.myartsonline.com
Details Domain 3
lieon.mypressonline.com
Details Domain 5
chels.mypressonline.com
Details Domain 3
warcr.onlinewebshop.net
Details Domain 3
jupit.getenjoyment.net
Details Domain 5
ripzi.getenjoyment.net
Details Domain 3
lovels.myartsonline.com
Details Domain 3
lovel.myartsonline.com
Details Domain 3
vbqwer.mypressonline.com
Details Domain 3
obser.mygamesonline.org
Details Domain 3
stair.atwebpages.com
Details Domain 3
giruz.atwebpages.com
Details Domain 3
benze.atwebpages.com
Details Domain 3
rster.atwebpages.com
Details Domain 3
mantc.getenjoyment.net
Details md5 1
8a7686430d9ad2832e8a4c3992186b36
Details md5 1
3a0d0f6141bedffca45843ef81c73d10
Details md5 1
e98252b09d1eeee99ed087a3ea8668cd
Details sha1 1
e930fe7c15aaa7c1f1a9fa0898b1d9549eacb217
Details sha1 1
7b8a2bcd2c987b92719c89ed45964a12ccb69531
Details sha1 1
53936f10f4ca6e9450f0ac72d5dc9ca4db414a87
Details sha256 1
567d0baa21036ee79b9380e4aa53917f1f816676ebcd060bfdd4959e2b40300a
Details sha256 1
991d4f92e3ceb5c34154cde4f417ab17ff43719769a5485570f9090d0600bcdd
Details sha256 1
41186d953408b7df43226258359f517d5cb7b00c026804a2222bc481fd36113c
Details Url 3
http://tbear.mypressonline.com/officedocument/2006/relationships/bio.dotm
Details Url 3
http://btige.myartsonline.com/officedocument/2006/relationships/bio.dotm
Details Url 3
http://stair.myartsonline.com/officedocument/2006/relationships/bio.dotm
Details Url 3
http://ccav.myartsonline.com/officedocument/2006/relationships/bio.dotm
Details Url 3
http://visul.myartsonline.com/officedocument/2006/relationships/bio.dotm
Details Url 3
http://modri.myartsonline.com/officedocument/2006/relationships/bio.dotm
Details Url 3
http://ranso.myartsonline.com/package/2006/relationships/interkoreansummit.dotm
Details Url 3
http://lieon.mypressonline.com/package/2006/relationships/interkoreansummit.dotm
Details Url 5
http://chels.mypressonline.com/package/2006/relationships/interkoreansummit.dotm
Details Url 3
http://warcr.onlinewebshop.net/package/2006/relationships/interkoreansummit.dotm
Details Url 3
http://jupit.getenjoyment.net/package/2006/relationships/interkoreansummit.dotm
Details Url 3
http://ripzi.getenjoyment.net/package/2006/relationships/interkoreansummit.dotm
Details Url 3
http://lovels.myartsonline.com/ys/ha.txt
Details Url 3
http://lovel.myartsonline.com/le/ej.txt
Details Url 3
http://visul.myartsonline.com/yk/yo.txt
Details Url 3
http://vbqwer.mypressonline.com/test.log
Details Url 3
http://tbear.mypressonline.com/test.txt
Details Url 3
http://obser.mygamesonline.org/nw.txt
Details Url 3
http://modri.myartsonline.com/gu/nw.txt
Details Url 3
http://warcr.onlinewebshop.net/le/eh.txt
Details Url 3
http://stair.atwebpages.com/ne/la.txt
Details Url 3
http://giruz.atwebpages.com/sw/cu.txt
Details Url 3
http://benze.atwebpages.com/ki/mc.txt
Details Url 3
http://rster.atwebpages.com/an/ce.txt
Details Url 3
http://mantc.getenjoyment.net/ya/ng.txt