Distribution of Malicious LNK File Disguised as Producing Corporate Promotional Materials - ASEC BLOG
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Software - T1592.002 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID d7c8b50c-a2cf-42a8-acc6-9a65f804ad2e
Fingerprint 8467b86b0df7cb0d
Analysis status DONE
Considered CTI value 2
Text language
Published Nov. 20, 2023, 4:55 p.m.
Added to db Nov. 20, 2023, 9:25 a.m.
Last updated Nov. 12, 2024, 3:53 p.m.
Headline Distribution of Malicious LNK File Disguised as Producing Corporate Promotional Materials
Title Distribution of Malicious LNK File Disguised as Producing Corporate Promotional Materials - ASEC BLOG
Detected Hints/Tags/Attributes 31/2/42
Source URLs
Redirection Url
Details Source https://asec.ahnlab.com/en/59057/
URL Provider
Details Provider Source level domain
Details ahnlab.com asec.ahnlab.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 17 ASEC https://asec.ahnlab.com/en/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 1 
production.zip
Details Domain 2 
file.lgclouds001.com
Details Domain 2 
file.ssdrive001.com
Details Domain 2 
qdlgna.cab
Details Domain 2 
accwebcloud.com
Details File 1 
production.zip
Details File 2 
제작.zip
Details File 1 
_form.docx
Details File 2 
%public%\qdlgna.cab
Details File 22 
start.vbs
Details File 2 
66022014.bat
Details File 2 
07915735.bat
Details File 2 
73505966.bat
Details File 64 
list.php
Details File 13 
%computername%.txt
Details File 9 
temprun.bat
Details File 67 
get.php
Details File 61 
1.bat
Details File 2 
05210957.bat
Details File 97 
upload.php
Details File 2 
88730413.bat
Details File 4 
form.docx
Details File 2 
98543203.bat
Details md5 2 
a95bd06ea44ca87c6ace0ad00fccdebb
Details md5 2 
df243512be8f0eafd7ba7ad77f05e8f3
Details md5 2 
a6e811d205a9189ea0f82ac33a307cec
Details md5 2 
79b0289faf6f82118f2e8cdfa3f6be53
Details md5 2 
f8ebdb67fa4e7ba5f2723f6de6c389c8
Details md5 2 
49caa5d4cbb8655ec8f349f0d4238344
Details md5 2 
feb594bbb8c0c853ab3c23049f374441
Details md5 2 
51dbeea3d0d003115365a01481c9115b
Details Url 1 
https://file.lgclouds001.com/read/?[이메일
Details Url 1 
https://file.lgclouds001.com/read/?[email
Details Url 1 
https://file.ssdrive001.com/read/?[이메일
Details Url 1 
https://file.ssdrive001.com/read/?[email
Details Url 2 
http://accwebcloud.com/list.php?f=%computername%.txt
Details Url 2 
http://accwebcloud.com/upload.php
Details Url 2 
https://file.ssdrive001.com/read
Details Url 2 
https://file.lgclouds001.com/read
Details Url 2 
https://file.lgclouds001.com/read/get.php
Details Url 2 
http://accwebcloud.com/list.php
Details Windows Registry Key 188 
HKCU\Software\Microsoft\Windows\CurrentVersion\Run