North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware - RedPacket Security
Tags
attack-pattern: Data Cloud Services - T1021.007 Exploits - T1587.004 Exploits - T1588.005 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vulnerabilities - T1588.006 Scripting - T1064 Scripting
Show in Graph
Common Information
Type Value
UUID 989395ad-f293-45ce-ae51-ff7af48ae997
Fingerprint 14ca5d1b8e2e37c5
Analysis status DONE
Considered CTI value 2
Text language
Published Oct. 16, 2024, 12:02 p.m.
Added to db Oct. 16, 2024, 1:11 p.m.
Last updated Nov. 12, 2024, 11:52 a.m.
Headline North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware
Title North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware - RedPacket Security
Detected Hints/Tags/Attributes 43/1/5
Source URLs
Redirection Url
Details Source https://www.redpacketsecurity.com/north-korean-scarcruft-exploits-windows-zero-day-to-spread-rokrat-malware/
URL Provider
Details Provider Source level domain
Details redpacketsecurity.com www.redpacketsecurity.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 361 RedPacket Security https://www.redpacketsecurity.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 44 
cve-2024-38178
Details CVE 22 
cve-2020-1380
Details CVE 29 
cve-2022-41128
Details File 29 
jscript9.dll
Details Threat Actor Identifier - APT 277 
APT37