북한의 해킹 그룹 Konni(코니)에서 만든 악성코드-김명희_20240515.xlsx(2024.5.16)
2024-06-03 • Sakai • Malware Created by the North Korean Hacking Group Konni - Kim Myung-hee_20240515.xlsx (2024.5.16) •
Konni, a North Korea-linked threat group associated in reporting with Thallium, APT37, and possibly Kimsuky, distributed a malicious Excel LNK-themed file named around Kim Myeong-hui in May 2024. The report links Konni RAT activity to phishing delivery, information collection, screenshots, file theft, and remote interactive shell access, and provides hashes for the analyzed sample.
Indicators of Compromise
| Type | Value | First Seen | Last Seen |
|---|---|---|---|
| HASH | 0993cf18121be84f5b1511318df80f44 | 2024-06-03 | 2024-09-05 |
| HASH | 05b26db4fca3c8a735517b3979962aa… | 2024-06-03 | 2024-06-03 |
| DOMAIN | tring.fr | 2024-06-03 | 2024-06-03 |
Related Actors
Related Reports
Shares tags: Konni, LNK • Same author: Sakai • Published within a month
Shares tags: Konni, LNK • Same author: Sakai • Published within a month
Shares tags: Konni, LNK • Same author: Sakai • Published within a month
Shares tags: Konni, LNK • Same author: Sakai • Published within a month
2024-07-25 •
80% Match
북한 해킹 단체 Konni(코니) 암호화폐 거래소 빗썸(Bithumb) 정보 업데이트 요청으르로 위장한 악성코드-금융당국 요청에 따른 프로젝트 정보 확인 요청의 건.zip(2024.7.23)
Sakai
Shares tags: Konni, LNK • Same author: Sakai
Shares tags: Konni, LNK • Same author: Sakai