北 연계 탈륨조직, '블루 에스티메이트(Blue Estimate)' APT 캠페인 지속
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Firmware - T1592.003 |
Common Information
| Type | Value |
|---|---|
| UUID | 861ad395-adf4-4711-8720-520b092fe207 |
| Fingerprint | d2eebc1015b2ac23 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Nov. 12, 2020, 1:48 a.m. |
| Added to db | Sept. 26, 2022, 9:33 a.m. |
| Last updated | Nov. 17, 2024, 11:36 p.m. |
| Headline | |
| Title | 北 연계 탈륨조직, '블루 에스티메이트(Blue Estimate)' APT 캠페인 지속 |
| Detected Hints/Tags/Attributes | 15/2/90 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://blog.alyac.co.kr/3368 |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | kaist-ac.xyz |
|
| Details | Domain | 1 | kaist.r-naver.com |
|
| Details | Domain | 1 | kaist.krfa.ml |
|
| Details | Domain | 1 | www.kaist-ac.xyz |
|
| Details | Domain | 1 | mail.kaist-ac.xyz |
|
| Details | Domain | 1 | vpn.karist.cf |
|
| Details | Domain | 3 | app.veryton.ml |
|
| Details | Domain | 3 | porkbun.com |
|
| Details | Domain | 97 | virustotal.com |
|
| Details | Domain | 5 | eastsea.or.kr |
|
| Details | Domain | 1 | appmedicine.whoint.cf |
|
| Details | Domain | 1 | assembly-check-loader.pe.hu |
|
| Details | Domain | 1 | bigfile.hol.es |
|
| Details | Domain | 2 | bigfile.pe.hu |
|
| Details | Domain | 3 | check.sejong-downloader.pe.hu |
|
| Details | Domain | 1 | ck.daum-vip.pe.hu |
|
| Details | Domain | 1 | daum-do.pe.hu |
|
| Details | Domain | 2 | daurn.pe.hu |
|
| Details | Domain | 1 | gabia.pe.hu |
|
| Details | Domain | 1 | mail.astrozeneca.ml |
|
| Details | Domain | 1 | members.daurn.hol.es |
|
| Details | Domain | 1 | who.miniodaum.ml |
|
| Details | Domain | 1 | nagoya.datastore.pe.hu |
|
| Details | Domain | 2 | naver.hol.es |
|
| Details | Domain | 1 | snu.ac-kr.esy.es |
|
| Details | Domain | 4 | suzuki.datastore.pe.hu |
|
| Details | Domain | 1 | toyota.datastore.pe.hu |
|
| Details | Domain | 3 | upload.bigfile-nate.pe.hu |
|
| Details | Domain | 1 | kasse.hdactech.info |
|
| Details | Domain | 1 | firmware.kasse-tech.club |
|
| Details | Domain | 3 | updown.kasse-tech.club |
|
| Details | Domain | 1 | hi-hardwallet.esy.es |
|
| Details | Domain | 1 | wallet-info.esy.es |
|
| Details | Domain | 1 | upd.hdac-tech.buzz |
|
| Details | Domain | 1 | hdac.wallet-info.esy.es |
|
| Details | Domain | 1 | orbit.wallet-info.esy.es |
|
| Details | Domain | 3 | bmail-or-kr.esy.es |
|
| Details | Domain | 5 | my-homework.890m.com |
|
| Details | Domain | 2 | kimm.r-naver.com |
|
| Details | Domain | 1 | renk-ag.member-info.net |
|
| Details | Domain | 1 | genexine.member-info.net |
|
| Details | Domain | 1 | shinpoong.r-naver.com |
|
| Details | Domain | 1 | shinpoong.accountcheck.net |
|
| Details | Domain | 1 | jnj.accountcheck.net |
|
| Details | Domain | 1 | bidmc.accountcheck.net |
|
| Details | Domain | 1 | vdaum.net |
|
| Details | Domain | 1 | outlook.accountcheck.net |
|
| Details | Domain | 1 | pusan.accountcheck.net |
|
| Details | Domain | 1 | binance.member-info.net |
|
| Details | Domain | 1 | yahoocenter.member-info.net |
|
| Details | Domain | 1 | yonsei.member-info.net |
|
| Details | Domain | 1 | shkj.hol.es |
|
| Details | Domain | 1 | logenv.rrnaver.com |
|
| Details | Domain | 1 | nidlogin.c-naver.com |
|
| Details | Domain | 1 | ukroboronprom.udaum.net |
|
| Details | Domain | 1 | mail.otokar.esy.es |
|
| Details | Domain | 1 | mail.malyshevplant.hol.es |
|
| Details | Domain | 1 | logins.udaum.net |
|
| Details | Domain | 1 | email-hanwha.pe.hu |
|
| Details | Domain | 1 | ahnlab-vac.hol.es |
|
| Details | Domain | 1175 | gmail.com |
|
| Details | Domain | 272 | outlook.com |
|
| Details | Domain | 1 | accountcheck.net |
|
| Details | Domain | 4 | member-authorize.com |
|
| Details | Domain | 1 | udaum.net |
|
| Details | Domain | 2 | rrnaver.com |
|
| Details | Domain | 1 | daum-center.net |
|
| Details | Domain | 1 | duaum.net |
|
| Details | Domain | 2 | pro-navor.com |
|
| Details | Domain | 1 | member-info.net |
|
| Details | Domain | 3 | webuserinfo.com |
|
| Details | Domain | 1 | snt.member-info.com |
|
| Details | Domain | 1 | naver.member-info.net |
|
| Details | Domain | 1 | nhn.webuserinfo.com |
|
| Details | Domain | 16 | rebrand.ly |
|
| Details | 1 | nextstep.php@gmail.com |
||
| Details | 1 | parksonghui1910@gmail.com |
||
| Details | 1 | yourtest111@outlook.com |
||
| Details | File | 1 | nagoya.dat |
|
| Details | File | 3 | suzuki.dat |
|
| Details | File | 1 | toyota.dat |
|
| Details | File | 1 | hdac.wallet |
|
| Details | File | 1 | orbit.wallet |
|
| Details | File | 1 | 'nextstep.php |
|
| Details | IPv4 | 2 | 185.224.137.164 |
|
| Details | IPv4 | 4 | 185.224.138.29 |
|
| Details | IPv4 | 1 | 143.248.155.65 |
|
| Details | IPv4 | 1 | 216.189.159.36 |
|
| Details | IPv4 | 1 | 45.13.135.103 |
|
| Details | Url | 1 | https://porkbun.com |