MAR-10265965-3.v1 – North Korean Trojan: CROWDEDFLOUNDER | CISA
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vulnerabilities - T1588.006 Connection Proxy - T1090 |
Common Information
| Type | Value |
|---|---|
| UUID | b22835b0-8155-4e8b-8125-4d896475c941 |
| Fingerprint | c61b8ddb6d72afcb |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Feb. 14, 2020, midnight |
| Added to db | Sept. 26, 2022, 9:30 a.m. |
| Last updated | Dec. 21, 2024, 3:26 a.m. |
| Headline | Malware Analysis Report (AR20-045C) |
| Title | MAR-10265965-3.v1 – North Korean Trojan: CROWDEDFLOUNDER | CISA |
| Detected Hints/Tags/Attributes | 48/2/16 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://www.us-cert.gov/ncas/analysis-reports/ar20-045c |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 154 | www.us-cert.gov |
|
| Details | Domain | 26 | us-cert.gov |
|
| Details | Domain | 18 | dhs.sgov.gov |
|
| Details | Domain | 18 | dhs.ic.gov |
|
| Details | Domain | 84 | malware.us-cert.gov |
|
| Details | Domain | 84 | ftp.malware.us-cert.gov |
|
| Details | 17 | ncciccustomerservice@us-cert.gov |
||
| Details | 18 | us-cert@dhs.sgov.gov |
||
| Details | 18 | us-cert@dhs.ic.gov |
||
| Details | 16 | soc@us-cert.gov |
||
| Details | 84 | submit@malware.us-cert.gov |
||
| Details | sha256 | 2 | a2a77cefd2faa17e18843d74a8ad155a061a13da9bd548ded6437ef855c14442 |
|
| Details | Url | 42 | http://www.us-cert.gov/tlp. |
|
| Details | Url | 21 | https://www.us-cert.gov/hiddencobra. |
|
| Details | Url | 17 | https://us-cert.gov/forms/feedback |
|
| Details | Url | 84 | https://malware.us-cert.gov |