Rewterz Threat Alert – COVID themed targeting from North Korean Kimsuky - Rewterz
Tags
country: | North Korea |
attack-pattern: | Trap - T1546.005 Trap - T1154 |
Common Information
Type | Value |
---|---|
UUID | 89c42031-8f91-4e93-9835-c1195f9ee737 |
Fingerprint | 8abe90510ea7abee |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | March 20, 2020, 11:43 a.m. |
Added to db | Dec. 19, 2024, 10:37 a.m. |
Last updated | Dec. 19, 2024, 3:06 p.m. |
Headline | Rewterz Threat Alert – COVID themed targeting from North Korean Kimsuky |
Title | Rewterz Threat Alert – COVID themed targeting from North Korean Kimsuky - Rewterz |
Detected Hints/Tags/Attributes | 19/2/13 |
Source URLs
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 1 | crphone.mireene.commybobo.mygamesonline.org |
|
Details | Domain | 2 | controls.do |
|
Details | Domain | 5 | crphone.mireene.com |
|
Details | Domain | 3 | mybobo.mygamesonline.org |
|
Details | md5 | 5 | a4388c4d0588cd3d8a607594347663e0 |
|
Details | sha1 | 2 | b066369bbd48b7858f2c1eed1e78d85c8ae4cdb6 |
|
Details | sha256 | 2 | 7d2b9f391588cc07d9ba78d652819d32d3d79e5a74086b527c32126ad88b5015 |
|
Details | Url | 1 | http://crphone.mireene.com/plugin/editor/templates/normal.php?name=webhttp://crphone.mireene.com/plugin/editor/templates/http://crphone.mireene.com/plugin/editor/http://mybobo.mygamesonline.org/flower01/post.phphttp://mybobo.mygamesonline.org/flower01/flower01.down |
|
Details | Url | 2 | http://crphone.mireene.com/plugin/editor/templates/normal.php?name=web |
|
Details | Url | 2 | http://crphone.mireene.com/plugin/editor/templates |
|
Details | Url | 2 | http://crphone.mireene.com/plugin/editor |
|
Details | Url | 2 | http://mybobo.mygamesonline.org/flower01/post.php |
|
Details | Url | 2 | http://mybobo.mygamesonline.org/flower01/flower01.down |