Kimsuky(김수키) 대한민국 국회 보안 문서 [자문]북한 신형 자폭드론 으로 위장한 악성코드(2024.9.12)
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Malware - T1587.001 Malware - T1588.001
Show in Graph
Common Information
Type Value
UUID fc71af9e-e888-4334-9004-134b1e915f02
Fingerprint 70b95f24d5fe39e5
Analysis status DONE
Considered CTI value 2
Text language
Published Nov. 22, 2024, 8:48 p.m.
Added to db Nov. 25, 2024, 9:41 a.m.
Last updated Dec. 19, 2024, 9:49 a.m.
Headline 꿈을꾸는 파랑새
Title Kimsuky(김수키) 대한민국 국회 보안 문서 [자문]북한 신형 자폭드론 으로 위장한 악성코드(2024.9.12)
Detected Hints/Tags/Attributes 26/2/21
Source URLs
Redirection Url
Details Source http://wezard4u.tistory.com/429337
URL Provider
Details Provider Source level domain
Details tistory.com wezard4u.tistory.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 478 꿈을꾸는 파랑새 https://wezard4u.tistory.com/feed 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 3 
kimsuky.az
Details File 2287 
cmd.exe
Details File 2 
c:\users\public\music\default1.xml
Details File 2 
c:\users\public\music\default2.xml
Details File 2 
c:\users\public\pictures\default1.vbs
Details File 2 
default1.xml
Details File 2 
default2.xml
Details File 3 
agent.xml
Details File 4 
trojan-downloader.xml
Details File 2 
default1.vbs
Details File 2 
default2.vbs
Details File 8 
css.php
Details md5 3 
391fa4e57f91e3422ef5d32523d4dfc7
Details sha1 2 
f535a3faed62e48d588e190f372785ae9efcadb4
Details sha256 2 
57e9b7d1c18684a4e8b3688c454e832833e063019ed808fd69186c4e20df930a
Details Microsoft Patch Numbers 16 
KB5046740
Details Microsoft Patch Numbers 16 
KB5046613
Details Microsoft Patch Numbers 16 
KB5046617
Details Microsoft Patch Numbers 15 
KB5046633
Details Url 2 
https://petssecondchance(.)larcity.dev/modules/mod_custom/tmpl/andy/css
Details Url 2 
https://petssecondchance(.)larcity(.)dev/modules/mod_custom/tmpl/andy/css.php?na=sam2