Distribution of Malware Disguised as '2021 Ministry of National Defense Work Report Revised' - ASEC BLOG
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Malware - T1587.001 Malware - T1588.001 Regsvr32 - T1218.010 Regsvr32 - T1117
Show in Graph
Common Information
Type Value
UUID b82f446f-1cfb-4310-9253-24f5e41a3ea0
Fingerprint 822499efbcfb46e2
Analysis status DONE
Considered CTI value 0
Text language
Published Feb. 18, 2021, 9:14 a.m.
Added to db Sept. 11, 2022, 4:59 p.m.
Last updated Nov. 17, 2024, 6:54 p.m.
Headline Distribution of Malware Disguised as ‘2021 Ministry of National Defense Work Report Revised’
Title Distribution of Malware Disguised as '2021 Ministry of National Defense Work Report Revised' - ASEC BLOG
Detected Hints/Tags/Attributes 13/2/11
Source URLs
Redirection Url
Details Source https://asec.ahnlab.com/en/20175/
URL Provider
Details Provider Source level domain
Details ahnlab.com asec.ahnlab.com
Attributes
Details Type #Events CTI Value
Details Domain 3 
exchange.amikbvx.cf
Details Domain 3 
imap.pamik.cf
Details File 2 
revised.pdf
Details File 1 
c:\programdata\intel\driver\driver.cfg
Details File 459 
regsvr32.exe
Details File 27 
agent.c4
Details File 3 
imap.pam
Details md5 3 
7e041b101e1e574fb81f3f0cdf1c72b8
Details md5 3 
447163d776b62bf0b1c652c996cc0586
Details Url 1 
http://exchange.amikbvx.cf
Details Url 3 
http://imap.pamik.cf