북한인권단체를 사칭한 APT37 공격 사례

2023-05-23 Genians Case of APT37 attack impersonating a North Korean human rights organization

https://www.genians.co.kr/hubfs/blogfile/threat_intelligence_report_apt37.pdf

Attachments

threat_intelligence_report_apt37.pdf (2 MB)

Thumbnail for 북한인권단체를 사칭한 APT37 공격 사례

Genians analyzed an APT37 campaign that impersonated a North Korean human-rights organization to target South Korean individuals and organizations. The report maps the attack scenario from spear-phishing through LNK-based delivery, follow-on payload execution, and attacker infrastructure. It frames the case as a threat-hunting study of APT37 tactics, techniques, and procedures, with indicators and defensive guidance for detecting similar North Korea-linked social-engineering operations.

Indicators of Compromise

Type Value First Seen Last Seen
HASH 85e71578ad7fea3c15095b6185b14881 2023-05-23 2023-07-13
HASH 74e3d84492845067a0da6cfa00c064eb 2023-05-23 2023-07-11
HASH 445e7fd6bb684420d6b8523fe0c55228 2023-05-18 2023-07-11
HASH e233e4da734f75388b40fed1717bfb6a 2023-05-23 2023-07-04
HASH 1ebf7d506d83fb5415c890bba175feac 2023-05-23 2023-05-23
HASH f948adbdfd39c63d226b0699c8b84bf0 2023-05-23 2023-05-23
HASH 6ffa17d5da06a643a2d4231497e66ee1 2023-05-23 2023-05-23
HASH e5fc86a7bae1e2269d543dfe83fd6625 2023-05-23 2023-05-23
HASH cfe96e925f8bfbe7ace33ddd41ead1fb 2023-05-23 2023-05-23
HASH ea0da915cd2da86f77d28bb96441ef43 2023-05-23 2023-05-23
HASH 9ef215b13d1e0140ac563d6cdc7a1495 2023-05-23 2023-05-23
HASH 59c146243f3b9315c71cacdaf838ddd5 2023-05-23 2023-05-23
HASH 16a3f7b7191fc3c70b3a9aad7dd44a25 2023-05-23 2023-05-23
HASH 71c5990bd1c04488b3f99cbebbcbfc19 2023-05-23 2023-05-23
HASH f1487347285b392bfc61724111863f91 2023-05-23 2023-05-23
HASH dac8aa9112bf51b88236adec2ddd0869 2023-05-23 2023-05-23
HASH a8a82038d1a91e9fdf538cb765d1be66 2023-05-23 2023-05-23
HASH ce0620a21b0ae4c5a527c5379b9d6664 2023-05-23 2023-05-23
HASH 904781cfcc946573bd2bf8882c85edbd 2023-05-23 2023-05-23
HASH f28b17886120556c00874b15efad6a76 2023-05-23 2023-05-23
HASH a36fcd7190b706e0c9eb4ef943db8487 2023-05-23 2023-05-23
HASH d716d836a9b904a03886a262f783c15f 2023-05-23 2023-05-23
HASH 35ac9f5ab3caba22c4ca204074cd8c01 2023-05-23 2023-05-23
HASH 1a085ef749e2cb832a1ac2aabcc58aef 2023-05-23 2023-05-23
HASH 1b046ab2261bc0dc5c6cd999f9a8b1c6 2023-05-23 2023-05-23
HASH 3b06e73ccb903b71f9ff1a60218f4b42 2023-05-23 2023-05-23
HASH be9de72058ba12acad5f4185cd551daf 2023-05-23 2023-05-23
EMAIL [email protected] 2023-05-23 2023-05-23
EMAIL [email protected] 2023-05-23 2023-05-23
EMAIL [email protected] 2023-05-23 2023-05-23
DOMAIN imuz.com 2023-05-23 2023-05-23
IPv4 54.164.68.94 2023-05-23 2023-05-23
IPv4 44.199.48.119 2023-05-23 2023-05-23
HASH aa8ba9a029fa98b868be66b7d46e927b 2023-04-21 2023-05-23
HASH 0f5eeb23d701a2b342fc15aa90d97ae0 2023-04-21 2023-05-23
HASH 657fd7317ccde5a0e0c182a626951a9f 2023-04-21 2023-05-23
HASH be32725e676d49eaa11ff51c61f18907 2023-04-21 2023-05-23
HASH 8f106544bfd4755d17a353064666426a 2023-04-10 2023-05-23
HASH 7ca1e08fc07166a440576d1af0a15bb1 2018-04-03 2023-05-23
HASH 44bdeb6c0af7c36a08c64e31ceadc63c 2018-04-03 2023-05-23

Related Actors

Related Reports

« Back