hwp malware : "국제안보군사정세"내용으로 위장한 한글 악성코드
Tags
attack-pattern: | Malware - T1587.001 Malware - T1588.001 |
Common Information
Type | Value |
---|---|
UUID | f4068dbd-9a87-49fe-b36c-161943478c83 |
Fingerprint | da3b9ef60b384e1b |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Feb. 7, 2019, 2:22 a.m. |
Added to db | Oct. 22, 2023, 10:41 p.m. |
Last updated | Dec. 16, 2024, 9:19 p.m. |
Headline | Beyond The Binary |
Title | hwp malware : "국제안보군사정세"내용으로 위장한 한글 악성코드 |
Detected Hints/Tags/Attributes | 5/1/15 |
Source URLs
Redirection | Url | |
---|---|---|
Details | Source | https://sfkino.tistory.com/73 |
Details | Source | http://sfkino.tistory.com/73 |
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 235 | ✔ | Beyond The Binary | https://sfkino.tistory.com/rss | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 1 | congre.co.kr |
|
Details | File | 1 | inexplorer.exe |
|
Details | File | 1 | himtrary.dll |
|
Details | File | 1 | himtray.dll |
|
Details | File | 1 | bin0008.ep |
|
Details | File | 57 | iexplorer.exe |
|
Details | File | 13 | down.php |
|
Details | md5 | 3 | 48d9e625ea3efbcbef3963c8714544a7 |
|
Details | md5 | 1 | 5cc715e6a91385c5c092ff79c73592aa |
|
Details | sha1 | 1 | ad6b7c7b61d662ab653c25fe850e2406f283c919 |
|
Details | sha1 | 1 | 64c9e04e9dd12796e76436364967ba85f2527a33 |
|
Details | sha256 | 1 | cd6a12cc693e98e4f47d2161e9fe99d04895472d964575c749bbdd460f0fefdc |
|
Details | sha256 | 1 | a9c028a68deb18d900701a92bfd432acfee275c8b66cd196402c41ab0621fe39 |
|
Details | Url | 1 | https://www.virustotal.com/gui/search/cd6a12cc693e98e4f47d2161e9fe99d04895472d964575c749bbdd460f0fefdc |
|
Details | Url | 1 | http://congre.co.kr/_ext/adodb5/perf/com1/download1/down.php |