라자루스(Lazarus) APT 그룹, 암호화폐 투자계약서 사칭 무비 코인 작전
Tags
| attack-pattern: | Web Shell - T1505.003 Web Shell - T1100 |
Common Information
| Type | Value |
|---|---|
| UUID | ed4a1bea-d54c-45dc-bd21-2e5eac7873da |
| Fingerprint | affe5aea096dd77c |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | June 20, 2019, 11:49 p.m. |
| Added to db | Jan. 30, 2023, 4:35 p.m. |
| Last updated | Nov. 17, 2024, 11:40 p.m. |
| Headline | |
| Title | 라자루스(Lazarus) APT 그룹, 암호화폐 투자계약서 사칭 무비 코인 작전 |
| Detected Hints/Tags/Attributes | 17/1/26 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://blog.alyac.co.kr/2377 |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | File | 1 | movie64.dll |
|
| Details | File | 1206 | index.php |
|
| Details | File | 5 | left.php |
|
| Details | Url | 4 | https://gozdeelektronik.net/wp-content/themes/0111/movie.png |
|
| Details | Url | 4 | https://gozdeelektronik.net/wp-content/themes/0111/movie.jpg |
|
| Details | Url | 1 | https://rxrenew.us/wp-content/themes/hestias/index.php |
|
| Details | Url | 1 | https://creativefishstudio.com/newbiesspeak/left.php |
|
| Details | Url | 1 | https://sensationalsecrets.com/js/left.php |
|
| Details | Domain | 10 | bin0001.ps |
|
| Details | Domain | 4 | gozdeelektronik.net |
|
| Details | Domain | 1 | rxrenew.us |
|
| Details | Domain | 1 | creativefishstudio.com |
|
| Details | Domain | 1 | sensationalsecrets.com |
|
| Details | Domain | 69 | trojan.android |
|
| Details | File | 9 | 'bin0001.ps |
|
| Details | File | 4 | movie.png |
|
| Details | File | 4 | movie.jpg |
|
| Details | File | 1 | 'movie.png |
|
| Details | File | 1 | 'movie.jpg |
|
| Details | File | 2 | 'movie32.dll |
|
| Details | File | 2 | 'movie64.dll |
|
| Details | File | 3 | battle32.avi |
|
| Details | File | 2 | star3.avi |
|
| Details | File | 1 | movie32.dll |
|
| Details | File | 3 | battle64.avi |
|
| Details | File | 2 | star6.avi |