Fake Cisco Job Posting Targets Korean Candidates
Tags
| attack-pattern: | Data Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Network Security Appliances - T1590.006 Server - T1583.004 Server - T1584.004 |
Common Information
| Type | Value |
|---|---|
| UUID | 60770c2b-b803-460e-b322-7d763f6b3b64 |
| Fingerprint | 200e093158bccfc1 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Jan. 30, 2019, 2:19 p.m. |
| Added to db | Sept. 26, 2022, 9:30 a.m. |
| Last updated | Nov. 19, 2024, 10:50 p.m. |
| Headline | Vulnerability Information |
| Title | Fake Cisco Job Posting Targets Korean Candidates |
| Detected Hints/Tags/Attributes | 49/1/16 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://blog.talosintelligence.com/2019/01/fake-korean-job-posting.html |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | www.secuvision.co.kr |
|
| Details | Domain | 2 | www.syadplus.com |
|
| Details | Domain | 3 | ilovesvc.com |
|
| Details | Domain | 904 | snort.org |
|
| Details | File | 2 | descriptions.doc |
|
| Details | File | 750 | kernel32.dll |
|
| Details | File | 1 | 리스트.zip |
|
| Details | File | 29 | jusched.exe |
|
| Details | File | 2 | 이력서_자기소개서.xls |
|
| Details | sha256 | 1 | 809b1201b17a77732be3a9f96a25d64c8eb0f7e7a826c6d86bb2b26e12da7b58 |
|
| Details | sha256 | 1 | adfb60104a6399c0b1a6b4e0544cca34df6ecee5339f08f42b52cdfe51e75dc3 |
|
| Details | sha256 | 1 | bf27c1631ef64c1e75676375a85d48f8ae97e1ea9a5f67c2beefc02c609fc18b |
|
| Details | sha256 | 1 | 1497ab6ddccf91ef7f2cd75ce020bb3bf39979210351deaa6e0025997ddfda5a |
|
| Details | sha256 | 1 | 7af59922d4c1b4f2d589cb2853afb543b37a1f23da0cf0180a693f9748e05906 |
|
| Details | sha256 | 1 | e259aa1de48fd10b7601c4486b841428fbd6cd1a4752cf0d3bbe1799116ae6e6 |
|
| Details | sha256 | 1 | cd2e8957a2e980ffb82c04e428fed699865542767b257eb888b6732811814a97 |