포스트스크립트를 이용한 HWP 한글 문서 악성코드 주의 - ASEC BLOG
Tags
| attack-pattern: | Data Regsvr32 - T1218.010 Regsvr32 - T1117 |
Common Information
| Type | Value |
|---|---|
| UUID | c75d2006-b75f-42a1-bf8e-0e140fea0600 |
| Fingerprint | 7487abd6ef95a4e9 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | April 28, 2020, midnight |
| Added to db | Jan. 30, 2023, 4:36 p.m. |
| Last updated | Nov. 17, 2024, 6:55 p.m. |
| Headline | 포스트스크립트를 이용한 HWP 한글 문서 악성코드 주의 |
| Title | 포스트스크립트를 이용한 HWP 한글 문서 악성코드 주의 - ASEC BLOG |
| Detected Hints/Tags/Attributes | 6/1/13 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://asec.ahnlab.com/1315 |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 22 | cve-2017-8291 |
|
| Details | Domain | 1 | teslacontrols.ir |
|
| Details | File | 2 | detail31.jpg |
|
| Details | File | 1 | skype.jpg |
|
| Details | File | 459 | regsvr32.exe |
|
| Details | File | 2 | detail32.jpg |
|
| Details | File | 11 | photo.jpg |
|
| Details | File | 14 | category.php |
|
| Details | File | 1122 | svchost.exe |
|
| Details | md5 | 1 | cbedf01fa62a94219e70dae13d3dc984 |
|
| Details | Url | 1 | http://teslacontrols.ir/wp-includes/images/detail31.jpg |
|
| Details | Url | 1 | http://teslacontrols.ir/wp-includes/images/detail32.jpg |
|
| Details | Url | 1 | https://matteoragazzini.it/wp-content/uploads/2017/06/category.php?uid=1&udx=cbedf01fa62a94219e70dae13d3dc984 |