Rewterz Threat Alert – North Korea Linked Konni APT Group – Active IOCs
Tags
| country: | North Korea South Korea Russia United States Of America |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Software - T1592.002 Vulnerabilities - T1588.006 Hypervisor - T1062 |
Common Information
| Type | Value |
|---|---|
| UUID | fbaed303-c7f1-4dad-a499-38bf68cf17eb |
| Fingerprint | 26380da1af4149cc |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | May 24, 2023, 8:47 a.m. |
| Added to db | May 30, 2023, 8:35 p.m. |
| Last updated | Oct. 14, 2024, 2:07 p.m. |
| Headline | Rewterz Threat Alert – North Korea Linked Konni APT Group – Active IOCs |
| Title | Rewterz Threat Alert – North Korea Linked Konni APT Group – Active IOCs |
| Detected Hints/Tags/Attributes | 51/3/8 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 365 | ✔ | — | https://www.rewterz.com/feed | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 22 | cve-2023-30440 |
|
| Details | CVE | 51 | cve-2023-33246 |
|
| Details | Domain | 4 | gg1593.c1.biz |
|
| Details | File | 8 | dn.php |
|
| Details | md5 | 1 | 3a3ce0a1794b548682167da692052dc2 |
|
| Details | sha1 | 1 | 9f94236a481b957890cc7f7a85dc90533ba8d70b |
|
| Details | sha256 | 1 | b97e12807dcde2a8fd53d7f8e74336442d0cf8dbed19c0a44fcef359160bdd77 |
|
| Details | Url | 1 | http://gg1593.c1.biz/dn.php?name=[machinename]&prefix=tt&tp=[osversion] |