疑似Kimsuky APT组织利用韩国外交部为诱饵的攻击活动分析
2021-05-06 • Qianxin • Analysis of attack activities suspected to be carried out by the Kimsuky APT organization using the Ministry of Foreign Affairs of South Korea as bait •
Indicators of Compromise
| Type | Value | First Seen | Last Seen |
|---|---|---|---|
| HASH | 199674e87f437bdbd68884b155346d25 | 2021-05-06 | 2021-09-01 |
| HASH | 14b95dc99e797c6c717bf68440eae720 | 2021-05-06 | 2021-05-06 |
| HASH | 10b9702f8096afa8c928de6507f7ecfe | 2021-05-06 | 2021-05-06 |
| HASH | 3a4ab11b25961becece1c358029ba611 | 2021-05-06 | 2021-05-06 |
| HASH | 80a2bb7884b8bad4a8e83c2cb03ee343 | 2021-05-06 | 2021-05-06 |
| URL | http://pootbal.med/ianewsonline… | 2021-05-06 | 2021-05-06 |
| DOMAIN | pootbal.med | 2021-05-06 | 2021-05-06 |
Related Actors
Related Reports
Shares tag: Kimsuky • Shares 3 IOCs • Published within a week
Shares tag: Kimsuky • Same author: Qianxin
2021-06-03 •
80% Match
#Kimsuky
#AppleSeed
#T1406
#T1426
#T1430
#T1071
#T1571
#T1573
#T1448
#T1447
#T1412
Shares tag: Kimsuky • Published within a month
2021-06-01 •
80% Match
#Kimsuky
#AppleSeed
#T1082
#T1140
#T1005
#T1070.004
#T1587.001
#T1041
#T1113
#T1560
#T1071.001
#T1112
#T1083
#T1056.001
#T1059.007
#T1027
#T1566.001
#T1547.001
#T1585.002
#T1059.001
#T1585.001
#T1001
#T1598
#T1583
#T1218.010
#T1134
#T1025
Shares tag: Kimsuky • Published within a month
Shares tag: Kimsuky • Published within a month
Shares tag: Kimsuky • Published within a week