Kimsuky 그룹에서 사용하는 VNC 악성코드 (TinyNuke, TightVNC) - ASEC BLOG
Tags
| attack-pattern: | Vnc - T1021.005 Connection Proxy - T1090 Graphical User Interface - T1061 Graphical User Interface |
Common Information
| Type | Value |
|---|---|
| UUID | dc5801ad-b799-4d41-9a73-4f03c24fdf44 |
| Fingerprint | bd781395eeb9dedd |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Sept. 27, 2021, 9:25 a.m. |
| Added to db | Jan. 30, 2023, 4:33 p.m. |
| Last updated | Nov. 17, 2024, 6:49 p.m. |
| Headline | Kimsuky 그룹에서 사용하는 VNC 악성코드 (TinyNuke, TightVNC) |
| Title | Kimsuky 그룹에서 사용하는 VNC 악성코드 (TinyNuke, TightVNC) - ASEC BLOG |
| Detected Hints/Tags/Attributes | 16/1/32 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://asec.ahnlab.com/ko/27166/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | File | 1260 | explorer.exe |
|
| Details | File | 8 | tvnserver.exe |
|
| Details | File | 7 | tvnviewer.exe |
|
| Details | md5 | 4 | 00ced88950283d32300eb32a5018dada |
|
| Details | md5 | 4 | 535827d41b144614e582167813fbbc4c |
|
| Details | md5 | 4 | 67aa7ddecc758dddfa8afc9d4c208af1 |
|
| Details | md5 | 4 | 93efab6654a67af99bbc7f0e8fcf970f |
|
| Details | md5 | 4 | f7839eeb778ff17cf3c3518089f9bbec |
|
| Details | md5 | 4 | dd90cb5dcd7bd748baa54da870df606c |
|
| Details | md5 | 4 | 5bd6cb6747f782c0a712b8e1b1f0c735 |
|
| Details | md5 | 4 | 16c0e70e63fcb6e60d6595eacbd8eeba |
|
| Details | md5 | 4 | 26eaff22da15256f210762a817e6dec9 |
|
| Details | md5 | 4 | 088cb0d0628a82e896857de9013075f3 |
|
| Details | md5 | 4 | 9a71e7e57213290a372dd5277106b65a |
|
| Details | md5 | 4 | db4ff347151c7aa1400a6b239f336375 |
|
| Details | md5 | 4 | 4301a75d1fcd9752bd3006e6520f7e73 |
|
| Details | md5 | 4 | a07ddce072d7df55abdc3d05ad05fde1 |
|
| Details | md5 | 4 | 5b6da21f7feb7e44d1f06fbd957fd4e7 |
|
| Details | md5 | 4 | be14ced87e2203ad5896754273511a14 |
|
| Details | md5 | 4 | 4fdba5a94e52191ce9152a0fe1a16099 |
|
| Details | md5 | 4 | bb761c2ac19a15db657005e7bc01b822 |
|
| Details | IPv4 | 4 | 27.102.102.70 |
|
| Details | IPv4 | 4 | 27.102.112.58 |
|
| Details | IPv4 | 6 | 31.172.80.104 |
|
| Details | IPv4 | 4 | 27.255.81.109 |
|
| Details | IPv4 | 4 | 27.255.81.71 |
|
| Details | IPv4 | 6 | 79.133.41.237 |
|
| Details | IPv4 | 4 | 27.102.114.79 |
|
| Details | IPv4 | 7 | 27.102.127.240 |
|
| Details | IPv4 | 4 | 27.102.114.89 |
|
| Details | IPv4 | 4 | 27.102.128.169 |
|
| Details | IPv4 | 4 | 61.14.211.175 |