ioc[.]one - OSINT Cyber Threat Intelligence Database

하계학술대회 약력 서식파일로 위장한 워드 악성코드 유포 중 - ASEC BLOG

Tags

attack-pattern:

Software - T1592.002

Show in Graph

Common Information

Type	Value
UUID	a9478af8-e9f5-4ad2-a812-1b886f1dfc10
Fingerprint	5a9ee3cfcafa3afd
Analysis status	DONE
Considered CTI value	0
Text language
Published	June 30, 2021, 10:35 a.m.
Added to db	Jan. 30, 2023, 4:33 p.m.
Last updated	Nov. 17, 2024, 5:57 p.m.
Headline	하계학술대회 약력 서식파일로 위장한 워드 악성코드 유포 중
Title	하계학술대회 약력 서식파일로 위장한 워드 악성코드 유포 중 - ASEC BLOG
Detected Hints/Tags/Attributes	8/1/18

Source URLs

	Redirection	Url
Details	Source	https://asec.ahnlab.com/ko/24649/

URL Provider

Details	Provider	Source level domain
Details	ahnlab.com	asec.ahnlab.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	189		asec.ahnlab.com
Details	Domain	1		daewon3765.cafe24.com
Details	Domain	1		kaisjovrnal.blogspot.com
Details	Domain	5		smyun0272.blogspot.com
Details	Domain	1		taesan109.myartsonline.com
Details	File	3		_양력.doc
Details	File	9		%appdata%\desktop.ini
Details	File	98		download.php
Details	File	3		excelapp.exe
Details	File	196		desktop.ini
Details	File	49		info.php
Details	Url	2		https://asec.ahnlab.com/ko/24220
Details	Url	1		http://daewon3765.cafe24.com/about/down/download.php?filename=[사용자명]
Details	Url	1		https://kaisjovrnal.blogspot.com
Details	Url	5		https://smyun0272.blogspot.com/2021/06/dootakim.html
Details	Url	1		http://daewon3765.cafe24.com/about/post/info.php
Details	Url	1		http://taesan109.myartsonline.com/about/post/info.php
Details	Windows Registry Key	18		HKCU\Software\Microsoft\Office