김수키(Kimsuky) 에서 만든 악성코드-Terms and conditions(이용 약관).msc(2024.9.6)
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Direct Powershell - T1059.001 Tool - T1588.002 Powershell - T1086 |
Common Information
| Type | Value |
|---|---|
| UUID | 86f335e8-db3a-4195-ab19-2e869264acbf |
| Fingerprint | 5a552c62e1f00964 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Sept. 10, 2024, 11:03 p.m. |
| Added to db | Sept. 10, 2024, 4:51 p.m. |
| Last updated | Nov. 17, 2024, 6:54 p.m. |
| Headline | 꿈을꾸는 파랑새 |
| Title | 김수키(Kimsuky) 에서 만든 악성코드-Terms and conditions(이용 약관).msc(2024.9.6) |
| Detected Hints/Tags/Attributes | 23/2/12 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://wezard4u.tistory.com/429275 |
| Details | Source | http://wezard4u.tistory.com/429275 |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 478 | ✔ | 꿈을꾸는 파랑새 | https://wezard4u.tistory.com/feed | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 228 | system.io |
|
| Details | Domain | 1 | trojandownloader.agent.ad |
|
| Details | File | 1208 | powershell.exe |
|
| Details | File | 1 | 'vbqz.mp3 |
|
| Details | File | 2 | vbqz.mp3 |
|
| Details | File | 2 | vbqz.exe |
|
| Details | File | 2 | trojan-downloader.xml |
|
| Details | File | 10 | 송장.bmp |
|
| Details | File | 11 | 악성코드-integration.pdf |
|
| Details | md5 | 2 | 81d224649328a61c899be9403d1de92d |
|
| Details | sha1 | 2 | f4895809cb38fa1f225340e99c05e477a5017111 |
|
| Details | sha256 | 2 | cea22277e0d7fe38a3755bdb8baa9fe203bd54ad4d79c7068116f15a50711b09 |