Distribution of Malicious Word File Related to North Korea's April 25th Military Parade - ASEC BLOG
Tags
| country: | North Korea |
| attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 |
Common Information
| Type | Value |
|---|---|
| UUID | a82c2ab9-0eb6-4191-ab53-d95983e68649 |
| Fingerprint | 8ea3594fdde63b2b |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | May 3, 2022, 12:51 p.m. |
| Added to db | Sept. 11, 2022, 4:59 p.m. |
| Last updated | Nov. 17, 2024, 6:54 p.m. |
| Headline | Distribution of Malicious Word File Related to North Korea’s April 25th Military Parade |
| Title | Distribution of Malicious Word File Related to North Korea's April 25th Military Parade - ASEC BLOG |
| Detected Hints/Tags/Attributes | 21/2/7 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://asec.ahnlab.com/en/33936/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 21 | data.zip |
|
| Details | File | 1 | parade.docm |
|
| Details | File | 18 | data.zip |
|
| Details | File | 376 | wscript.exe |
|
| Details | File | 38 | ajax.php |
|
| Details | md5 | 2 | 6cc09bc6e605b59d7eb48eb266f798f8 |
|
| Details | Url | 1 | http://www.namastte.kr/sources/util/ajax.php?fpath=/home/namastte/html/sources/util/temp/data&rename=[analysis].zip |