가짜 CAPTCHA(캡차)을 이용한 Lumma Stealer를 통해 유포 되는 악성코드(2025.1.4)
Tags
attack-pattern: | Data Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Mshta - T1218.005 Powershell - T1059.001 Ssh - T1021.004 Mshta - T1170 Powershell - T1086 |
Common Information
Type | Value |
---|---|
UUID | bc6014be-1a6b-4507-8037-d7159dc5f722 |
Fingerprint | c0db45b2df1b2fe3 |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Jan. 10, 2025, midnight |
Added to db | Jan. 9, 2025, 4:16 p.m. |
Last updated | Jan. 17, 2025, 4:02 p.m. |
Headline | 꿈을꾸는 파랑새 |
Title | 가짜 CAPTCHA(캡차)을 이용한 Lumma Stealer를 통해 유포 되는 악성코드(2025.1.4) |
Detected Hints/Tags/Attributes | 16/1/11 |
Source URLs
Redirection | Url | |
---|---|---|
Details | Source | http://wezard4u.tistory.com/429377 |
Details | Source | https://wezard4u.tistory.com/429377 |
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 478 | ✔ | 꿈을꾸는 파랑새 | https://wezard4u.tistory.com/feed | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | CVE | 14 | cve-2024-53375 |
|
Details | Domain | 14 | event.data |
|
Details | Domain | 1 | verelement.style |
|
Details | File | 30 | event.dat |
|
Details | File | 567 | mshta.exe |
|
Details | File | 13 | 악성코드-11.js |
|
Details | File | 12 | 악성코드-log_processlist.ps1 |
|
Details | md5 | 1 | 55cc925d87797284145dbc82486769d0 |
|
Details | sha1 | 1 | fa843b0c5b3409e1f77ee10a2ec573d1fbd3d2e5 |
|
Details | sha256 | 1 | d41a963135b51adcdd95f5f00a92cebe99b3506a58a9e3947028a73f8f915690 |
|
Details | Microsoft Patch Numbers | 30 | KB5048685 |