입사지원서를 위장한 악성코드 유포 중 - ASEC BLOG
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Software - T1592.002
Show in Graph
Common Information
Type Value
UUID fa7b38e4-c752-4982-8ac3-185777be14b5
Fingerprint 3a202ce4c0345731
Analysis status DONE
Considered CTI value 2
Text language
Published June 1, 2023, 12:50 p.m.
Added to db June 5, 2023, 10:10 a.m.
Last updated Nov. 12, 2024, 11:50 a.m.
Headline 입사지원서를 위장한 악성코드 유포 중
Title 입사지원서를 위장한 악성코드 유포 중 - ASEC BLOG
Detected Hints/Tags/Attributes 9/2/25
Source URLs
Redirection Url
Details Source https://asec.ahnlab.com/ko/53562/
URL Provider
Details Provider Source level domain
Details ahnlab.com asec.ahnlab.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 18 ASEC https://asec.ahnlab.com/ko/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 3 
manage.albamon.info
Details Domain 3 
manage.albamon.live
Details Domain 3 
ggt-send-6187.orange-app.vip
Details File 5 
v3lite.exe
Details File 4 
wechatweb.exe
Details File 2 
cmcs21.dll
Details File 2 
yga.txt
Details File 41 
avastsvc.exe
Details File 2 
ncleanservice.exe
Details File 7 
360rps.exe
Details File 36 
zhudongfangyu.exe
Details File 2 
naver-nst.exe
Details File 5 
kavsvc.exe
Details File 45 
mcshield.exe
Details File 2 
rising.exe
Details md5 2 
15a0e9cd449bce9e37bb1f8693b3c4e0
Details md5 2 
498eda85200257a813dc6731d3324eb6
Details md5 2 
0ddcb876007aee40f0c819ae2381d1b1
Details md5 2 
ccf3fcd6323bcdd09630e69d6ee74197
Details Url 1 
https://manage.albamon.info/download/20230201good001/�<생략>_입사지원서.hwp.scr
Details Url 1 
https://manage.albamon.live/23_05_15_05/�%<생략>_입사지원서.hwp.scr
Details Url 1 
https://manage.albamon.live/23_05_22_fighting_ok/�<생략>_입사지원서.hwp.scr
Details Url 2 
http://ggt-send-6187.orange-app.vip:6187
Details Url 2 
https://manage.albamon.info
Details Windows Registry Key 2 
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\specialyouttg0a