ioc[.]one - OSINT Cyber Threat Intelligence Database

비정상적 인증서를 가진 정보탈취 악성코드 유포 중 - ASEC BLOG

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Seo Poisoning - T1608.006

Show in Graph

Common Information

Type	Value
UUID	dcf4b6fd-019b-49e8-b810-ea73f27a21e6
Fingerprint	de5a5a34ef05cb5f
Analysis status	DONE
Considered CTI value	2
Text language
Published	Sept. 26, 2023, 4:39 p.m.
Added to db	Oct. 22, 2023, 9:15 p.m.
Last updated	Oct. 18, 2024, 4:58 p.m.
Headline	비정상적 인증서를 가진 정보탈취 악성코드 유포 중
Title	비정상적 인증서를 가진 정보탈취 악성코드 유포 중 - ASEC BLOG
Detected Hints/Tags/Attributes	12/2/114

Source URLs

	Redirection	Url
Details	Source	https://asec.ahnlab.com/ko/57276/

URL Provider

Details	Provider	Source level domain
Details	ahnlab.com	asec.ahnlab.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	18	✔	ASEC	https://asec.ahnlab.com/ko/feed/	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	2	blockigro.xyz
Details	Domain	2	programmbox.xyz
Details	Domain	3	cvadrobox.xyz
Details	Domain	2	stormwumen.xyz
Details	Domain	2	fullppc.xyz
Details	Domain	2	holdbox.xyz
Details	Domain	2	scoollovers.xyz
Details	Domain	2	beerword.xyz
Details	Domain	3	fisholl.xyz
Details	Domain	3	survviv.xyz
Details	Domain	3	checkgoods.xyz
Details	Domain	3	singlesfree.xyz
Details	Domain	3	acexoss.xyz
Details	Domain	3	freeace.xyz
Details	Domain	2	glowesbrons.xyz
Details	Domain	2	usdseancer.xyz
Details	Domain	2	phonevronlene.xyz
Details	Domain	2	seobrokerstv.xyz
Details	Domain	2	reconphotocolor.xyz
Details	Domain	2	sonyabest.xyz
Details	Domain	2	seobrokerstv.fun
Details	Domain	2	welcometv.fun
Details	Domain	2	equestrianjumpingfrog.fun
Details	Domain	2	seededraisinlilinglov.fun
Details	Domain	2	gougeflying.fun
Details	Domain	3	imagebengalnews.com
Details	Domain	3	enfantfoundation.com
Details	Domain	2	vbglimited.com
Details	Domain	2	moshito-marketing.com
Details	Domain	2	sms.vbglimited.com
Details	Domain	3	lungalungaenergyltd.co.ke
Details	Domain	2	vrecepte.com.ua
Details	Domain	2	erp.fastgas.co.ke
Details	Domain	2	marrakechfolkloredays.com
Details	Domain	3	africatechs.com
Details	Domain	2	rusticironstore.com
Details	Domain	2	tinsignsnmore.com
Details	Domain	2	ezisystem.com
Details	Domain	2	portmarine.co.tz
Details	Domain	2	mediterraneanshippingllc.com
Details	Domain	2	toolstechs.com
Details	Domain	2	justentertainer.us
Details	File	20	win.msi
Details	File	2	amday.exe
Details	File	2	amdays.exe
Details	File	2	amda.exe
Details	File	2	sms.vb
Details	File	3	adayn.exe
Details	File	2	blazerstreetavenu.exe
Details	File	2	bitmodertorent.exe
Details	File	2	clips.exe
Details	File	2	55aa5e.exe
Details	File	10	clip.exe
Details	File	2	5ea275.exe
Details	md5	2	eae39f18a51c151601eaf430245d3cb4
Details	md5	2	3c39098b93eb02c664d09e0f94736d95
Details	md5	2	89644b879046b97dccf71c68c88bcf42
Details	md5	2	bb2147e536ba06511ca8ea0b43a38ef7
Details	md5	2	e584f749b3b06d328001f0dea7a45617
Details	md5	2	331c7d351bc39efb36fd53c74c12c3a5
Details	md5	2	d8518e4fcbdbcc056a72a495430f37b6
Details	md5	2	2667f726136c0c848b30ec93cbd488b7
Details	md5	2	a0caecafa32e88f363942945f759b799
Details	md5	2	5dfe53ca9cd218a0ed129ebecc107cf0
Details	md5	2	7ed43c0f2093707f65369ad87832599c
Details	md5	2	dabe6f3ac23858a353c53382f92a217b
Details	md5	2	fa371f301369b16a7a379008cc1b4f64
Details	md5	2	6b5ad8f456dc6704638d5b3e38135a2b
Details	md5	2	dbee35748bd993f3bd4a822d362f309d
Details	md5	2	331031e51a9816db6aa48a7dcff41c28
Details	md5	2	32b4703cc03286e610094704925ca5e4
Details	md5	2	e5f82461f276bfb9150ab253b3474aa1
Details	md5	2	e6facedba218387d24d6908a59f1730b
Details	md5	2	8329b54e5b8921825579c3eae37ee8b4
Details	md5	2	6260a3ea150744248ed0a155d079d2c8
Details	md5	2	a998f8d64d6953e1fdaafba655c84120
Details	md5	2	cbc06399af416c6b5a5aec73890a15a1
Details	md5	2	613425d8623f118e45fb65619f71c387
Details	md5	2	5d2359723a3acac158320a48f1930e08
Details	md5	2	05ab72ab29765fa803a9a88e940cc826
Details	md5	2	b484fdc3953f4d84e24ba8dd309accf2
Details	md5	2	7974df61d5906ca20e146c1b8b8b3aaa
Details	md5	2	0970196d074cbf7221f5be8208c7cba3
Details	md5	2	63a0789d8bfa599da31a7620947d7a24
Details	md5	2	d8b5732afb4897035043ea05ad84f928
Details	md5	2	a82d9b679c0df2a62939ee21939e7e7a
Details	md5	2	4cf108debe0314357431525f01376a56
Details	md5	2	de9cb5f942d9f73a1a5659172372b099
Details	md5	2	aa4fb8876b89288a015fbf945da98d87
Details	md5	2	b64c3663718228679df20e9282727110
Details	md5	2	0ece25acd98b2cd0beebd20d3fc11fd1
Details	IPv4	2	49.13.59.137
Details	IPv4	2	95.216.166.188
Details	IPv4	2	49.13.51.185
Details	Url	2	http://49.13.59.137
Details	Url	2	http://95.216.166.188
Details	Url	2	http://49.13.51.185
Details	Url	2	http://imagebengalnews.com/amday.exe
Details	Url	3	http://enfantfoundation.com/amday.exe
Details	Url	2	http://vbglimited.com/amdays.exe
Details	Url	2	http://moshito-marketing.com/amda.exe
Details	Url	2	http://sms.vbglimited.com/amda.exe
Details	Url	3	http://lungalungaenergyltd.co.ke/adayn.exe
Details	Url	2	http://vrecepte.com.ua/blazerstreetavenu.exe
Details	Url	2	http://erp.fastgas.co.ke/bitmodertorent.exe
Details	Url	2	http://marrakechfolkloredays.com/clips.exe
Details	Url	2	http://africatechs.com/55aa5e.exe
Details	Url	2	http://rusticironstore.com/clip.exe
Details	Url	2	http://tinsignsnmore.com/5ea275.exe
Details	Url	2	http://ezisystem.com/clip.exe
Details	Url	2	http://portmarine.co.tz/5ea275.exe
Details	Url	2	http://mediterraneanshippingllc.com/clip.exe
Details	Url	2	http://toolstechs.com/5ea275.exe
Details	Url	2	http://justentertainer.us/5ea275.exe