ioc[.]one - OSINT Cyber Threat Intelligence Database

From The DPRK With Love

Tags

attack-pattern:

Electron Applications - T1218.015 Javascript - T1059.007 Launch Agent - T1543.001 Malware - T1587.001 Malware - T1588.001 Private Keys - T1552.004 Server - T1583.004 Server - T1584.004 Software - T1592.002 Launch Agent - T1159 Private Keys - T1145

Show in Graph

Common Information

Type	Value
UUID	ca91d746-54b3-4e3e-bd77-35336207d878
Fingerprint	a5081d990db71e9b
Analysis status	DONE
Considered CTI value	2
Text language
Published	May 9, 2022, midnight
Added to db	Aug. 31, 2024, 1:02 a.m.
Last updated	Nov. 17, 2024, 5:57 p.m.
Headline	UNKNOWN
Title	From The DPRK With Love
Detected Hints/Tags/Attributes	76/1/37

Source URLs

	Redirection	Url
Details	Source	http://objective-see.org/blog/blog_0x6E.html
Details	Source	https://objective-see.org/blog/blog_0x6E.html
Details	Redirection	https://objective-see.com/blog/blog_0x6E.html

URL Provider

Details	Provider	Source level domain
Details	objective-see.com	objective-see.com
Details	objective-see.org	objective-see.org

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	186	✔	Objective-See's Blog	https://objective-see.org/rss.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	3	tokenais.app.zip
Details	Domain	1	esilet.app
Details	Domain	2	renderer.prod
Details	Domain	3	www.esilet.com
Details	Domain	111	www.apple.com
Details	Domain	1	applex.services
Details	Domain	5	sche-eg.org
Details	Domain	5	www.vinoymas.ch
Details	Domain	5	infodigitalnew.com
Details	Domain	21	filemonitor.app
Details	Domain	2	com.applex.services
Details	File	5	0.dmg
Details	File	17	app.zip
Details	File	1	cryptais.dmg
Details	File	4	esilet.dmg
Details	File	3	darwin64.bin
Details	File	22	update.js
Details	File	2	prod.js
Details	File	174	index.js
Details	File	364	console.log
Details	File	17	agent.pl
Details	File	7	top.php
Details	sha1	4	0000000000000000000000000000000000000000
Details	sha256	3	60b3cfe2ec3100caf4afde734cfd5147f78acf58ab17d4480196831db4aa5f18
Details	sha256	3	5b40b73934c1583144f41d8463e227529fa7157e26e6012babd062e3fd7e0b03
Details	sha256	3	f0e8c29e3349d030a97f4a8673387c2e21858cccd1fb9ebbf9009b27743b2e5b
Details	sha256	4	9ba02f8a985ec1a99ab7b78fa678f26c0273d91ae7cbe45b814e6775ec477598
Details	sha256	3	9d9dda39af17a37d92b429b68f4a8fc0a76e93ff1bd03f06258c51b73eb40efa
Details	sha256	5	dced1acbbe11db2b9e7ae44a617f3c12d6613a8188f6a1ece0451e4cd4205156
Details	sha256	3	89b5e248c222ebf2cb3b525d3650259e01cf7d8fff5e4aa15ccd7512b1e63957
Details	IPv4	3	46.16.62.238
Details	Threat Actor Identifier - APT	144	APT38
Details	Url	2	https://www.esilet.com/update
Details	Url	73	http://www.apple.com/dtds/propertylist-1.0.dtd
Details	Url	4	https://sche-eg.org/plugins/top.php
Details	Url	4	https://www.vinoymas.ch/wp-content/plugins/top.php
Details	Url	4	https://infodigitalnew.com/wp-content/plugins/top.php