ioc[.]one - OSINT Cyber Threat Intelligence Database

국내 금융 기업 및 보험사를 사칭한 CHM 악성코드 - ASEC BLOG

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Powershell - T1086 Scripting - T1064 Scripting

Show in Graph

Common Information

Type	Value
UUID	b1e1ccc9-06f9-4dc9-bfa1-8a9cb42c4010
Fingerprint	d9090a66adb52879
Analysis status	DONE
Considered CTI value	2
Text language
Published	July 20, 2023, 11:17 a.m.
Added to db	Aug. 13, 2023, 3:40 p.m.
Last updated	Oct. 6, 2024, 9:15 p.m.
Headline	국내 금융 기업 및 보험사를 사칭한 CHM 악성코드
Title	국내 금융 기업 및 보험사를 사칭한 CHM 악성코드 - ASEC BLOG
Detected Hints/Tags/Attributes	11/2/15

Source URLs

	Redirection	Url
Details	Source	https://asec.ahnlab.com/ko/55351/

URL Provider

Details	Provider	Source level domain
Details	ahnlab.com	asec.ahnlab.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	18	✔	ASEC	https://asec.ahnlab.com/ko/feed/	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	4		ppangz.mom
Details	Domain	7		atusay.lat
Details	Domain	4		labimy.ink
Details	Domain	4		crilts.cfd
Details	File	4		docs.js
Details	File	2		c:\users\public\libraries\docs.js
Details	File	50		alg.exe
Details	md5	5		aaeb059d62c448cbea4cf96f1bbf9efa
Details	md5	4		59a924bb5cb286420edebf8d30ee424b
Details	md5	4		0f27c6e760c2a530ee59d955c566f6da
Details	md5	4		bfe2a0504f7fb1326128763644c88d37
Details	Url	4		https://ppangz.mom/mjifi
Details	Url	7		https://atusay.lat/kxydo
Details	Url	4		https://labimy.ink/rskme
Details	Url	4		https://crilts.cfd/cdeeb