고려 대학교 하고 관련이 있을것 같은 김수키(Kimsuky) 만든 악성코드(2024.9.1)
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Powershell - T1086 Scripting - T1064 Scripting |
Common Information
| Type | Value |
|---|---|
| UUID | a4c8cad8-81bb-464a-ae34-b01a5116ed35 |
| Fingerprint | f8da5a510b69e0ec |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Sept. 5, 2024, midnight |
| Added to db | Sept. 4, 2024, 6:22 p.m. |
| Last updated | Nov. 13, 2024, 6:19 p.m. |
| Headline | 꿈을꾸는 파랑새 |
| Title | 고려 대학교 하고 관련이 있을것 같은 김수키(Kimsuky) 만든 악성코드(2024.9.1) |
| Detected Hints/Tags/Attributes | 26/2/12 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://wezard4u.tistory.com/429269 |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 478 | ✔ | 꿈을꾸는 파랑새 | https://wezard4u.tistory.com/feed | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 10 | mx.open |
|
| Details | Domain | 2 | mx.re |
|
| Details | File | 33 | c:\windows\system32\notepad.exe |
|
| Details | File | 380 | notepad.exe |
|
| Details | File | 2 | c:\users\admin\appdata\local\temp\tmp760856830.vbs |
|
| Details | File | 2 | tmp760856830.vbs |
|
| Details | File | 2 | lnk.ps |
|
| Details | File | 10 | 송장.bmp |
|
| Details | File | 11 | 악성코드-integration.pdf |
|
| Details | md5 | 2 | 9110aeca8e78ede7b913ac54b4332b00 |
|
| Details | sha1 | 2 | 50f580199250c5b9ca7e9a3b4ccea5d8603eab28 |
|
| Details | sha256 | 2 | bd017c642fcd0b46fb1201f22d395edbf16221ebbcb660f7329fb76067164d07 |