ioc[.]one - OSINT Cyber Threat Intelligence Database

김수키(Kimsuky) 조직, 스텔스 파워(Operation Stealth Power) 침묵 작전

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Mshta - T1218.005 Powershell - T1059.001 Mshta - T1170 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	5deeb387-9a5b-49e0-a50b-0c654d7ed194
Fingerprint	2bbefc262db866fc
Analysis status	DONE
Considered CTI value	0
Text language
Published	April 3, 2019, 11:37 a.m.
Added to db	Sept. 26, 2022, 9:32 a.m.
Last updated	Nov. 18, 2024, 1:38 a.m.
Headline
Title	김수키(Kimsuky) 조직, 스텔스 파워(Operation Stealth Power) 침묵 작전
Detected Hints/Tags/Attributes	19/2/13

Source URLs

	Redirection	Url
Details	Source	https://blog.alyac.co.kr/2234

URL Provider

Details	Provider	Source level domain
Details	alyac.co.kr	blog.alyac.co.kr

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	372		wscript.shell
Details	Domain	13		wshell.run
Details	Domain	1		enindi25-142.godo.co.kr
Details	Domain	1		tcjst.com
Details	File	6		'bin0001.ep
Details	File	9		'mshta.exe
Details	File	5		'expres.php
Details	File	4		'cow.php
Details	File	1209		powershell.exe
Details	File	456		mshta.exe
Details	File	1		'driving.ps1
Details	File	4		'upload.php
Details	IPv4	1		106.249.25.142