악성 OLE 개체가 삽입된 한글 문서 주의 - ASEC BLOG
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Powershell - T1059.001 Powershell - T1086 |
Common Information
| Type | Value |
|---|---|
| UUID | e915f90c-074c-42fa-bebe-fcea912dbef2 |
| Fingerprint | 7dce064c227d5733 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Oct. 27, 2023, 9 a.m. |
| Added to db | Oct. 27, 2023, 2:46 a.m. |
| Last updated | Nov. 18, 2024, 1:38 a.m. |
| Headline | 악성 OLE 개체가 삽입된 한글 문서 주의 |
| Title | 악성 OLE 개체가 삽입된 한글 문서 주의 - ASEC BLOG |
| Detected Hints/Tags/Attributes | 17/2/39 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://asec.ahnlab.com/ko/58043/ |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 18 | ✔ | ASEC | https://asec.ahnlab.com/ko/feed/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4 | host.sharingdocument.one |
|
| Details | Domain | 4 | mail.smartprivacyc.com |
|
| Details | Domain | 291 | raw.githubusercontent.com |
|
| Details | Domain | 5 | plm.myartsonline.com |
|
| Details | File | 4 | zz.bat |
|
| Details | File | 5 | oz.txt |
|
| Details | File | 5 | pq.txt |
|
| Details | File | 4 | down.txt |
|
| Details | File | 65 | info.txt |
|
| Details | File | 7 | upload.txt |
|
| Details | File | 4 | thumbs.log |
|
| Details | File | 1209 | powershell.exe |
|
| Details | md5 | 3 | 2f0a67b719d8303c0ec7cc9057ed8411 |
|
| Details | md5 | 3 | af5bbab33f934dc016fc1aa0d910820e |
|
| Details | md5 | 3 | 7f3a30525b9324a2aeb32a9018df944f |
|
| Details | md5 | 3 | 361237b6b385874f02f3724ae50d1522 |
|
| Details | md5 | 3 | a242741873637fdac8f69f2ffdba47bc |
|
| Details | md5 | 3 | 7284a6376aa79a2384f797769b7ce086 |
|
| Details | md5 | 3 | 2ef182bced72da507d2e403ab9db3c9f |
|
| Details | md5 | 3 | f416b44332b4fb394b4735634cb07ff2 |
|
| Details | md5 | 3 | c16796909d5feea709d99e306f7e9975 |
|
| Details | md5 | 3 | 0217e70fd7bc3a65ee0f2dd60ff85fbf |
|
| Details | md5 | 3 | d5d395d90ccf9a7309f2f64169a2c019 |
|
| Details | md5 | 3 | 8cafe74f03605a9bfaea5081b3ed0fc2 |
|
| Details | md5 | 3 | 4934226f319d82ae092ada2525a7feb5 |
|
| Details | md5 | 3 | 1061425d7e3d054a79f9294a2118b5da |
|
| Details | md5 | 3 | 2773acee87413790e9ace99c536c78ad |
|
| Details | md5 | 3 | 77edb140b86596eabe3602bb7febb997 |
|
| Details | Url | 1 | http://host.sharingdocument.one/dashboard/explore/starred?hwpview=[특정 |
|
| Details | Url | 1 | http://mail.smartprivacyc.com/get/account/view?myact=[특정 |
|
| Details | Url | 4 | https://raw.githubusercontent.com/babaramam/repo/main/pq.txt |
|
| Details | Url | 1 | https://raw.githubusercontent.com/babaramam/repo/main/info.txt에 |
|
| Details | Url | 3 | https://raw.githubusercontent.com/babaramam/repo/main/upload.txt |
|
| Details | Url | 1 | https://raw.githubusercontent.com/babaramam/repo/main/down.txt에 |
|
| Details | Url | 3 | https://raw.githubusercontent.com/babaramam/repo/main/down.txt |
|
| Details | Url | 1 | https://raw.githubusercontent.com/babaramam/repo/main/pq.txt에 |
|
| Details | Url | 2 | https://raw.githubusercontent.com/babaramam/repo/main/pq.txt‘)};$b=$a.replace |
|
| Details | Url | 3 | http://host.sharingdocument.one/dashboard/explore/starred?hwpview= |
|
| Details | Url | 3 | http://mail.smartprivacyc.com/get/account/view?myact= |