2024년 Webinar 안내장 사칭 APT 공격 포착
Common Information
Type Value
UUID 7a9d3a60-be19-437d-8c29-b4350a3d8dbc
Fingerprint c95433de69285364
Analysis status DONE
Considered CTI value 2
Text language
Published Jan. 16, 2024, midnight
Added to db Aug. 31, 2024, 11:04 a.m.
Last updated Dec. 23, 2024, 11:18 a.m.
Headline 2024년 Webinar 안내장 사칭 APT 공격 포착
Title 2024년 Webinar 안내장 사칭 APT 공격 포착
Detected Hints/Tags/Attributes 20/1/30
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 446 위협분석보고서-genians https://www.genians.co.kr/blog/threat_intelligence/rss.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 11
forms.gle
Details Domain 251
system.io
Details Domain 4
lnkfile.seek
Details Domain 4
lnkfile.read
Details Domain 1
hybrid.zip
Details Domain 1293
gmail.com
Details Email 1
nanhaii815@gmail.com
Details File 1
안내장.zip
Details File 2335
cmd.exe
Details File 5
rshell.exe
Details File 8
'user32.dll
Details File 39
'cmd.exe
Details File 9
'.pdf
Details File 1
'+'public.dat
Details File 1
'+'241223.bat
Details File 3
'public.dat
Details File 1
'241223.bat
Details File 136
msedge.exe
Details File 1355
powershell.exe
Details File 1
c:\users\public\public.dat
Details File 1
'hybrid.zip
Details File 1
'my32.jpg
Details File 1
'other32.jpg
Details File 2
'360tray.exe
Details File 36
360tray.exe
Details md5 1
485AF6EA63BBEC8AE02F8A6184CAE96F
Details md5 1
300FB8E4294E902EFE736E42EA262266
Details md5 1
2304183C6738E42BA89FC29F881B0684
Details md5 1
4825FC554F9565AD356501293363C901
Details Threat Actor Identifier - APT 322
APT37