ioc[.]one - OSINT Cyber Threat Intelligence Database

정상 인증서에 숨은 섀도 포스, 7년간의 행적 드러나

Tags

Show in Graph

Common Information

Type	Value
UUID	6d8cd628-e164-46e0-aae8-0a3fd595831d
Fingerprint	dfff6fc26b9c4459
Analysis status	DONE
Considered CTI value	2
Text language
Published	April 6, 2020, midnight
Added to db	Sept. 26, 2022, 9:33 a.m.
Last updated	Oct. 25, 2024, 6:42 a.m.
Headline	정상 인증서에 숨은 섀도 포스, 7년간의 행적 드러나
Title	정상 인증서에 숨은 섀도 포스, 7년간의 행적 드러나
Detected Hints/Tags/Attributes	13/0/19

Source URLs

	Redirection	Url
Details	Source	https://www.ahnlab.com/kr/site/securityinfo/secunews/secuNewsView.do?curPage=1&menu_dist=2&seq=29129

URL Provider

Details	Provider	Source level domain
Details	ahnlab.com	www.ahnlab.com

Attributes

Details	Type	#Events	CTI	Value
Details	File	21		sqlserver.exe
Details	File	3		iatinfect.exe
Details	File	4		aio.exe
Details	File	119		sqlservr.exe
Details	md5	1		6f0e62b15efd2b2468ef37c138eb189a
Details	md5	1		483f0bf7a6d84c6cf429d4eb4988e686
Details	md5	1		fcd695fa1cd04b23697b2e4fdd2d557b
Details	md5	1		a952b2cd5661c94ed7f13a88f8c41ee7
Details	md5	1		73e78017a7bf71b6762a603dc41fb6b5
Details	md5	1		f23bf5c35273927979ea47413a141a05
Details	md5	1		a3440c605ceecfba560e33f167530d9b
Details	md5	1		706ac96953034b9d9926d4cc1d3248b3
Details	md5	1		954122ca75a556f3059b14fe11002f71
Details	md5	1		106ec8522b99ca3988ce28d7bfaa0be9
Details	md5	1		456e967a815aa5cbb99fb86aca8f7f69
Details	md5	1		9552c356950daf907f30da1ca2dcb755
Details	md5	1		f5eb4f51f0e8a96d39ba2ab3e4890b4f
Details	md5	1		b070f96f08e4947dbf725b80f5c51af3
Details	Threat Actor Identifier - APT	66		APT17