Lazarus APT IOCs - Part 16 - SEC-1275-1
Tags
| attack-pattern: | Data |
Common Information
| Type | Value |
|---|---|
| UUID | 98d1553e-1837-43af-9963-99575916ce83 |
| Fingerprint | 409cda1b439e7a5c |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Oct. 30, 2023, midnight |
| Added to db | Oct. 30, 2023, 6:56 a.m. |
| Last updated | Nov. 17, 2024, 12:58 p.m. |
| Headline | Lazarus APT IOCs - Part 16 |
| Title | Lazarus APT IOCs - Part 16 - SEC-1275-1 |
| Detected Hints/Tags/Attributes | 18/1/115 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://1275.ru/ioc/2778/lazarus-apt-iocs-part-16/?from=rss |
URL Provider
| Details | Provider | Source level domain |
|---|---|---|
| Details | 1275.ru | 1275.ru |
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 8 | ✔ | Архивы IOC - SEC-1275-1 | https://1275.ru/ioc/feed | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 2 | ictm.or.kr |
|
| Details | Domain | 2 | samwoosystem.co.kr |
|
| Details | Domain | 2 | theorigin.co.kr |
|
| Details | Domain | 2 | ucware.net |
|
| Details | Domain | 2 | www.friendmc.com |
|
| Details | Domain | 3 | www.hankooktop.com |
|
| Details | Domain | 2 | www.khmcpharm.com |
|
| Details | Domain | 2 | www.vietjetairkorea.com |
|
| Details | Domain | 3 | yoohannet.kr |
|
| Details | Domain | 2 | admin.esangedu.kr |
|
| Details | Domain | 2 | api.shw.kr |
|
| Details | Domain | 3 | hicar.kalo.kr |
|
| Details | Domain | 2 | hspje.com |
|
| Details | Domain | 2 | kscmfs.or.kr |
|
| Details | Domain | 2 | kstr.radiology.or.kr |
|
| Details | Domain | 2 | little-pet.com |
|
| Details | Domain | 3 | mainbiz.or.kr |
|
| Details | Domain | 2 | new-q-cells.com |
|
| Details | Domain | 2 | pediatrics.or.kr |
|
| Details | Domain | 3 | pms.nninc.co.kr |
|
| Details | Domain | 3 | safemotors.co.kr |
|
| Details | Domain | 5 | swt-keystonevalve.com |
|
| Details | Domain | 2 | vnfmal2022.com |
|
| Details | Domain | 4 | warevalley.com |
|
| Details | Domain | 2 | www.blastedlevels.com |
|
| Details | Domain | 3 | www.droof.kr |
|
| Details | Domain | 3 | www.hanlasangjo.com |
|
| Details | Domain | 3 | www.happinesscc.com |
|
| Details | Domain | 2 | www.healthpro.or.kr |
|
| Details | Domain | 2 | view.inc |
|
| Details | Domain | 3 | www.medric.or.kr |
|
| Details | Domain | 3 | www.muijae.com |
|
| Details | Domain | 2 | www.nonstopexpress.com |
|
| Details | Domain | 2 | www.seoulanesthesia.or.kr |
|
| Details | Domain | 2 | www.seouldementia.or.kr |
|
| Details | Domain | 3 | www.siriuskorea.co.kr |
|
| Details | File | 1204 | index.php |
|
| Details | File | 1 | write.asp |
|
| Details | File | 1 | asp20062107.asp |
|
| Details | File | 4 | info.asp |
|
| Details | File | 1 | read.cer |
|
| Details | File | 4 | proc.php |
|
| Details | File | 44 | submit.php |
|
| Details | File | 1 | login_fail.php |
|
| Details | File | 1 | inc.asp |
|
| Details | File | 1 | teacher_qna.asp |
|
| Details | File | 1 | log_proc.php |
|
| Details | File | 1 | 29431_1687715624.inc |
|
| Details | File | 12 | read.php |
|
| Details | File | 3 | common.asp |
|
| Details | File | 3 | edit.asp |
|
| Details | File | 4 | frame.php |
|
| Details | File | 1 | build_css.php |
|
| Details | File | 1 | inc_list.asp |
|
| Details | File | 3 | template.asp |
|
| Details | File | 1 | page_tab.asp |
|
| Details | File | 1 | measure.asp |
|
| Details | File | 1 | editor.asp |
|
| Details | File | 4 | page.asp |
|
| Details | File | 2 | func.asp |
|
| Details | File | 1 | view.inc |
|
| Details | File | 2 | certificate.cer |
|
| Details | File | 1 | simple.asp |
|
| Details | File | 35 | index.asp |
|
| Details | File | 1 | mail_211230.html |
|
| Details | File | 1 | jiyeuk1_ok.asp |
|
| Details | File | 1 | bbs_read.asp |
|
| Details | md5 | 2 | 31af3e7fff79bc48a99b8679ea74b589 |
|
| Details | md5 | 2 | 3a77b5054c36e6812f07366fb70b007d |
|
| Details | md5 | 2 | 54df2984e833ba2854de670cce43b823 |
|
| Details | md5 | 2 | 88a96f8730b35c7406d57f23bbba734d |
|
| Details | md5 | 2 | 9b62352851c9f82157d1d7fcafeb49d3 |
|
| Details | md5 | 2 | 9cd90dff2d9d56654dbecdcd409e1ef3 |
|
| Details | md5 | 2 | Ae00b0f490b122ebab614d98bb2361f7 |
|
| Details | md5 | 2 | e6fa116ef2705ecf9677021e5e2f691e |
|
| Details | md5 | 2 | E89fa6345d06da32f9c8786b65111928 |
|
| Details | Url | 2 | http://ictm.or.kr/upload_file/board/free/edit/index.php |
|
| Details | Url | 2 | http://samwoosystem.co.kr/board/list/write.asp |
|
| Details | Url | 2 | http://theorigin.co.kr:443/admin/management/index.php |
|
| Details | Url | 2 | http://ucware.net/skins/phpmailer-master/index.php |
|
| Details | Url | 2 | http://www.friendmc.com/upload/board/asp20062107.asp |
|
| Details | Url | 3 | http://www.hankooktop.com/ko/company/info.asp |
|
| Details | Url | 2 | http://www.khmcpharm.com/lib/modules/htmleditor/util/read.cer |
|
| Details | Url | 2 | http://www.vietjetairkorea.com/info/info.asp |
|
| Details | Url | 3 | http://yoohannet.kr/min/tmp/process/proc.php |
|
| Details | Url | 2 | https://admin.esangedu.kr/xpaysample/submit.php |
|
| Details | Url | 2 | https://api.shw.kr/login_admin/member/login_fail.php |
|
| Details | Url | 2 | https://hicar.kalo.kr/data/rental/coupon/include/inc.asp |
|
| Details | Url | 2 | https://hspje.com:80/menu6/teacher_qna.asp |
|
| Details | Url | 2 | https://kscmfs.or.kr/member/handle/log_proc.php |
|
| Details | Url | 2 | https://kstr.radiology.or.kr/upload/schedule/29431_1687715624.inc |
|
| Details | Url | 2 | https://little-pet.com/web/board/skin/default/read.php |
|
| Details | Url | 2 | https://mainbiz.or.kr/include/common.asp |
|
| Details | Url | 2 | https://mainbiz.or.kr/smarteditor2/photo_uploader/popup/edit.asp |
|
| Details | Url | 2 | https://new-q-cells.com/upload/newsletter/cn/frame.php |
|
| Details | Url | 2 | https://pediatrics.or.kr/pubreader/build_css.php |
|
| Details | Url | 2 | https://pms.nninc.co.kr/app/content/board/inc_list.asp |
|
| Details | Url | 2 | https://safemotors.co.kr/daumeditor/pages/template/template.asp |
|
| Details | Url | 2 | https://swt-keystonevalve.com/data/editor/index.php |
|
| Details | Url | 2 | https://vnfmal2022.com/niabbs5/upload/gongji/index.php |
|
| Details | Url | 2 | https://warevalley.com/en/common/include/page_tab.asp |
|
| Details | Url | 2 | https://www.blastedlevels.com/levels4sqr8/measure.asp |
|
| Details | Url | 2 | https://www.droof.kr/board/htmledit/popupwin/editor.asp |
|
| Details | Url | 2 | https://www.friendmc.com:80/upload/board/asp20062107.asp |
|
| Details | Url | 2 | https://www.hanlasangjo.com/editor/pages/page.asp |
|
| Details | Url | 3 | https://www.happinesscc.com/mobile/include/func.asp |
|
| Details | Url | 2 | https://www.healthpro.or.kr/upload/naver_editor/subview/view.inc |
|
| Details | Url | 2 | https://www.medric.or.kr/controls/board/certificate.cer |
|
| Details | Url | 2 | https://www.muijae.com/daumeditor/pages/template/simple.asp |
|
| Details | Url | 2 | https://www.muijae.com/daumeditor/pages/template/template.asp |
|
| Details | Url | 2 | https://www.nonstopexpress.com/community/include/index.asp |
|
| Details | Url | 2 | https://www.seoulanesthesia.or.kr/mail/mail_211230.html |
|
| Details | Url | 2 | https://www.seouldementia.or.kr/_manage/inc/bbs/jiyeuk1_ok.asp |
|
| Details | Url | 2 | https://www.siriuskorea.co.kr/mall/community/bbs_read.asp |
|
| Details | Url | 2 | https://yoohannet.kr/min/tmp/process/proc.php |