.NET 외형의 FormBook 악성코드 유포 중 - ASEC BLOG
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Malware - T1587.001 Malware - T1588.001
Show in Graph
Common Information
Type Value
UUID 8fced447-07ce-474f-9aa3-eadbc838631b
Fingerprint 27d05d4168537bd8
Analysis status DONE
Considered CTI value 0
Text language
Published Oct. 19, 2022, 9:07 a.m.
Added to db Jan. 16, 2023, 3:52 p.m.
Last updated Nov. 17, 2024, 6:53 p.m.
Headline .NET 외형의 FormBook 악성코드 유포 중
Title .NET 외형의 FormBook 악성코드 유포 중 - ASEC BLOG
Detected Hints/Tags/Attributes 7/2/10
Source URLs
Redirection Url
Details Source https://asec.ahnlab.com/ko/40167/
URL Provider
Details Provider Source level domain
Details ahnlab.com asec.ahnlab.com
Attributes
Details Type #Events CTI Value
Details Domain 45 
paste.ee
Details Domain 4 
www.gastries.info
Details File 1260 
explorer.exe
Details File 13 
addinprocess32.exe
Details File 533 
ntdll.dll
Details File 1 
%windir%\system32 폴더 내 임의의 정상 파일을 explorer.exe
Details File 2 
gastries.inf
Details md5 2 
45ab0352a69644eb2305982585fa53f8
Details Url 2 
http://paste.ee/8iodo/0
Details Url 2 
http://www.gastries.info/keb5