북한 해킹 단체 김수키(Kimsuky)에서 만든 악성코드-강연의뢰서_엄구호 교수님.docx.lnk(2024.6.4)
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Powershell - T1086 |
Common Information
| Type | Value |
|---|---|
| UUID | a023ffb1-878e-4b9a-9605-f53874dd5ed4 |
| Fingerprint | 7433174f8b00f7ec |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | June 28, 2024, midnight |
| Added to db | Aug. 31, 2024, 4:45 a.m. |
| Last updated | Nov. 16, 2024, 11:18 a.m. |
| Headline | 꿈을꾸는 파랑새 |
| Title | 북한 해킹 단체 김수키(Kimsuky)에서 만든 악성코드-강연의뢰서_엄구호 교수님.docx.lnk(2024.6.4) |
| Detected Hints/Tags/Attributes | 26/2/15 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://wezard4u.tistory.com/6843 |
| Details | Source | http://wezard4u.tistory.com/6843 |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 478 | ✔ | 꿈을꾸는 파랑새 | https://wezard4u.tistory.com/feed | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 228 | system.io |
|
| Details | Domain | 1 | lnkpath.su |
|
| Details | Domain | 339 | system.net |
|
| Details | Domain | 1 | memorystream.cl |
|
| Details | Domain | 10 | item.name |
|
| Details | Domain | 6 | inputstream.read |
|
| Details | Domain | 12 | trojan.link |
|
| Details | File | 5 | 교수님.docx |
|
| Details | File | 3 | 123.docx |
|
| Details | md5 | 2 | 52d073c181531c7f0b8b3aa764c6551d |
|
| Details | sha1 | 1 | a64e0a2e0a9b213966e6325efecc5e0b187f95f9 |
|
| Details | sha256 | 1 | 3065b8e4bb91b4229d1cea671e8959da8be2e7482067e1dd03519c882738045e |
|
| Details | IPv6 | 3 | ::d |
|
| Details | Url | 1 | https://api.dropboxa |
|
| Details | Url | 1 | https://content.dropboxapi |