ioc[.]one - OSINT Cyber Threat Intelligence Database

North Korea is the Threat

Tags

cmtmf-attack-pattern:	Masquerading
country:	Bangladesh North Korea India South Korea Ukraine United States Of America
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Email Accounts - T1585.002 Email Accounts - T1586.002 Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Mshta - T1218.005 Phishing - T1660 Phishing - T1566 Private Keys - T1552.004 Scheduled Task - T1053.005 Server - T1583.004 Server - T1584.004 Social Media - T1593.001 Vulnerabilities - T1588.006 Masquerading - T1036 Mshta - T1170 Private Keys - T1145 Scheduled Task - T1053 Masquerading

Show in Graph

Common Information

Type	Value
UUID	b3379de5-122d-4310-ac3a-f6192eb0aca1
Fingerprint	72218998727beea
Analysis status	DONE
Considered CTI value	2
Text language
Published	Aug. 30, 2022, midnight
Added to db	Jan. 16, 2023, 3:55 p.m.
Last updated	Nov. 17, 2024, 10:40 p.m.
Headline	North Korea is the Threat
Title	North Korea is the Threat
Detected Hints/Tags/Attributes	161/4/146

Source URLs

	Redirection	Url
Details	Source	https://www.avertium.com/resources/threat-reports/north-korea-is-the-threat

URL Provider

Details	Provider	Source level domain
Details	avertium.com	www.avertium.com

Attributes

Details	Type	#Events	Value
Details	sha256	1	0ec2cfae9709b12236052e43356e37df2bf8601d76b48937cb14cc4c237c4ca7
Details	sha256	2	2fc71184be22ed1b504b75d7bde6e46caac0bf63a913e7a74c3b65157f9bf1df
Details	sha256	2	352d1850f2f6030fa4481728df2575448e88f28169b2f3702465d32b0e61476b
Details	sha256	2	4e9ba92b357dcfa79f64f2ca829d31935b5a93059022414ca894a070b625da66
Details	sha256	2	76a87057cb72139ed2a2c6776949aabd15134ba887b05bf1e56d46f3e97cda87
Details	sha256	2	94fb3a34ecbde3435934f4cb44d86ff8ea37fda32b2b2ee17881c65654d91e8d
Details	sha256	2	a7c17e5fa55bcc60d4cff64dd37d0a1f0cc93f4f44b3cebd5633ca5af413e5cc
Details	sha256	2	ae7275988753fffb29bdb254babdf46773daf935b2721006fe66a1747af3d1d4
Details	sha256	2	b2a3d4261b0a6845d9ee4f395261946842964591804dfa474355b8e8bd1ad00f
Details	sha256	1	b63335a46a5096de1783da08b8709ce7b77c13073a2c6f87f7b392e95ae0d616
Details	sha256	2	c17234de3a14deadf84c7acc614345484d10c43a72cccb748de6357b0066c48a
Details	sha256	1	c4b29c58d2b2173a184c857d494f72a96ef5b7950261dc93a755d435e818a941
Details	IPv4	1441	127.0.0.1
Details	IPv4	2	193.56.29.123
Details	Deprecated Microsoft Threat Actor Naming Taxonomy (Groups in development)	11	DEV-0530
Details	Threat Actor Identifier - APT	144	APT38
Details	Url	1	http://djvu.sh
Details	Url	2	http://matmq3z3hiovia3voe2tix2x54sghc3tszj74xgdy4tqtypoycszqzqd.onion
Details	Url	3	https://blog.talosintelligence.com/2017/05/konni-malware-under-radar-for-years.html
Details	Url	1	https://www.malwarebytes.com/blog/threat-intelligence/2022/01/konni-evolves-into-stealthier-rat
Details	CVE	10	cve-2022-26352
Details	CVE	21	cve-2022-1096
Details	Domain	369	microsoft.com
Details	Domain	403	securelist.com
Details	Domain	1	onedriver.epizy.com
Details	Domain	4	rf.gd
Details	Domain	54	mail2tor.com
Details	Domain	6	djvu.sh
Details	Domain	2	matmq3z3hiovia3voe2tix2x54sghc3tszj74xgdy4tqtypoycszqzqd.onion
Details	Domain	1	cloud-ex42.usaupload.com
Details	Domain	26	mitre.org
Details	Domain	24	duo.com
Details	Domain	162	bleepingcomputer.com
Details	Domain	20	avertium.com
Details	Domain	21	foreignpolicy.com
Details	Domain	261	blog.talosintelligence.com
Details	Domain	66	www.malwarebytes.com
Details	Domain	10	picussecurity.com
Details	File	2	holylock.exe
Details	File	2	btlc_c.exe
Details	File	2	holyrs.exe
Details	File	2	bltc.exe
Details	File	456	mshta.exe
Details	File	1	onedriver.ep
Details	File	2	btlc.exe
Details	File	3	konni-malware-under-radar-for-years.html
Details	md5	2	07b2457f6e71d0b75693b6fecf9c88e7
Details	md5	2	157e31eb70e2f28059f100f85317fcce
Details	md5	3	238e6952a990fd3f6b75569feceb26a2
Details	md5	2	23b5811baa6cc9e562185571579ce5bc
Details	md5	2	2c73cf2356a9005850fb2d07d024b2f2
Details	md5	3	3265b2d5e61971c43a076347fb405c4b
Details	md5	2	32dda97cab8876215d771e398dd10f84
Details	md5	2	3361fa242eb7e6162fd4682471f4e952
Details	md5	3	3fa45dcacf2193759086319c0d264341
Details	md5	3	40de99fb06e52e3364f2cd70f100ff71
Details	md5	2	4433edb19f368e56d903a4ed0aa25a2e
Details	md5	3	490b2496434e6a20dae758d0b6fc6e00
Details	md5	3	56b5fec59e118ba324ccee8a336f7f12
Details	md5	3	56df55ef50e9b9c891437c7148a0764a
Details	md5	3	596251e844abdaa77eeca905f0cb7677
Details	md5	2	5b5247ee7b43f51092ab07a1d1a31936
Details	md5	2	62b0fa29bcc317c59c5f5e7fd3a867bc
Details	md5	2	71def16f01ce0f57afe7b19c104a24e5
Details	md5	3	75ae786fe89491dc57509801c212fa8b
Details	md5	2	7953f5b1ed7b0b0ac778a2d47f44195c
Details	md5	3	7a3e966d30fe5d52cfe97d998e8c49cb
Details	md5	3	7fb868e6baf93a86d7a6a17ac00f4827
Details	md5	2	809f60589ee8be7daf075446c2180eaa
Details	md5	3	8289771e7eeffd28fb8a9e1bdeb3e86c
Details	md5	3	85f24b0f10b77b033e6e66ae8b7d55fc
Details	md5	2	86b523d2f19e1628e8c74602a51ebff9
Details	md5	2	8735788b2422c7ab910953178af57376
Details	md5	2	8b6d472fa9ec0023d7a35bdd7b8b2d4f
Details	md5	2	8bb7c8e8b723b02ffdcf6ff52444a810
Details	md5	2	8d28e28c1ee6f133441b6d71f7f8bcba
Details	md5	3	96f5ef3d58a750a6db60f2e0566dc6e6
Details	md5	2	a871511ef8abae9f103a3dfe77b12b6d
Details	md5	2	a87614a2c7c66c7f13f0b170e4837ede
Details	md5	2	b18d2d4e77fc567306d406c75b75dc53
Details	md5	3	b237b484c5c0fb020952e99b1134a527
Details	md5	3	b6ba7e07b4867e4bd36dc9713744aedc
Details	md5	3	b80d15cbb729e6ca86e3b41924407c30
Details	md5	2	bb6662ed3f058a737674be6749c7e6f2
Details	md5	2	bd0f789ace4def9196ce26588c3f41f8
Details	md5	2	beb6601397e208d2793aaa7be297b0f4
Details	md5	3	c0097cfa2e05ab1d18cf3dad93d98050
Details	md5	3	c4a69dab3f8369d2f823c538590de345
Details	md5	2	c5ad15506ab05f054d547587111d6393
Details	md5	2	c791d7fc5216d4035825f4efb714ba0e
Details	md5	3	d9f2acfed7ede76f110334e2c572b74e
Details	md5	2	ddf966990bc4bdb40b67b8eda0ae1fd7
Details	md5	3	dfb8d00ce89172bfc7ee7b73b37129a9
Details	md5	2	e36cee3e23f3ab5557e547ce02b5bf3d
Details	md5	2	e4df8b86d669e1eb36add172972bcb27
Details	md5	3	edde6a385c86f60342831f24c3651925
Details	md5	2	0c2dde41d508941cf215fe8f1f7e03a7
Details	md5	2	114f22f3dd6928bed5c779fa918a8f11
Details	md5	2	1a536709554860fcc2c147374556205d
Details	md5	2	1fd8fef169bf48cfdcf506151264128c
Details	md5	6	210db61d1b11c1d233fd8a0645946074
Details	md5	2	2677f9871cb340750e582cb677d40e81
Details	md5	3	37505b6ff02a679e70885ccd60c13f3b
Details	md5	2	4382384feb5ad6b574f68e431006905e
Details	md5	2	44be20c67a80af8066f9401c5bee43cb
Details	md5	2	4548c7f157d300ec39b1821db4daa970
Details	md5	2	556abc167348fe96abfbf5079c3ad488
Details	md5	3	6df608342938f0d30a058c48bb9d8d4d
Details	md5	2	728b908e90930c73edeb1bf58b6a3a64
Details	md5	2	7b07cd6bb6b5d4ed6a2892a738fe892b
Details	md5	2	90f2b7845c203035f0d7096aa28dda83
Details	md5	2	96d86472ff283f6959b7a779f004dfba
Details	md5	2	a225b7aff737dea737cd969fb307df23
Details	md5	2	bb9ee3a6504fbf6a5486af04dbbb5da5
Details	md5	2	bd416ea51f94d815b5b5b66861cbdcc5
Details	md5	2	bdfb5071f5374f5c0a3714464b1fa5e6
Details	md5	2	c32f40f304777df7cfab428a54bb818b
Details	md5	2	d19dd02cf375d0d03f557556d5207061
Details	md5	2	d7f6b09775b8d90d79404eda715461b7
Details	md5	2	db0483aced77a7db130a6100aef67967
Details	md5	2	e2e5644e77e75e422bde075f409d882e
Details	md5	2	e732bc87033a935bd2d3d56c7772641b
Details	sha1	1	364801240ed176e73a257ee86f573a2264027ecd
Details	sha1	1	4b77fa3e1fe5a5d880467418f13ae6cb84366cca
Details	sha1	1	8e6d7d7385eb2867bda605e5e3ac4e59dc7ae9c2
Details	sha1	1	de87429f36935c6610b3e338211dc388cbb290cf
Details	sha1	1	0b97f9e91e374aa7d27823f9648b253b7c851b22
Details	sha1	1	33e00fcd263ee84688c6aab238373efeeb536616
Details	sha1	1	51c9d5a26c0924a74bdc6879335878eb60a9dcc2
Details	sha1	1	5f593020255279aa5eb654a695e88cf53942f461
Details	sha1	1	6402fafa0864460fea18a83ec4885bfe179734b2
Details	sha1	1	a132b3f3a88565cde7435dfe921bca17e5026ffd
Details	sha1	1	a2f513d27c18a885490e0e824c48d6cdb162af28
Details	sha1	1	b4d1a0a6aaa52d30ca7082a070cd33ef81a60962
Details	sha1	1	bb3a0dc01309162971ad6a11c5cb159fe93fedee
Details	sha1	1	c5ae757463b2015ef2d472fa26aec0f6aac1fa3f
Details	sha1	1	cf4ad12ef7de85a4a2d468082c510665d41abc12
Details	sha1	1	e206db4ddad984fe67bb44748f3ea6c38665ae8a
Details	sha1	1	e220659c6eee4c051d670bde48a4aa1d79eb4c65
Details	sha1	1	feab39a0e08849ef1c748931943dfb6de0ca922b
Details	sha256	1	2450961c630bc9a047a8b529323c55898c4a29ad5697154ac75d6828e85cfccd
Details	sha256	2	5498c3eb2fb335aadcaf6c5d60560c5d2525997ba6af39b191f6092cb70a3aa6
Details	sha256	2	99fc54786a72f32fd44c7391c2171ca31e72ca52725c68e2dde94d04c286fccd
Details	sha256	2	f8fc2445a9814ca8cf48a979bff7f182d6538f4d1ff438cf259268e8b4b76f86
Details	sha256	2	bea866b327a2dc2aa104b7ad7307008919c06620771ec3715a059e675d9f40af
Details	sha256	2	06d29b5f1611303a792bb335ecafdd228cf0a1ffd55629f8cc1b9ce25d7fb378