탈세제보로 위장한 Konni(코니) 에서 만든 악성코드-첨부1_소명자료 목록(탈세제보)(2024.4.5)

2024-05-06 Sakai Malware Created by Konni Disguised as a Tax Evasion Tip-Off - Attachment 1_List of Explanatory Materials (Tax Evasion Tip-Off) (2024.4.5)

https://wezard4u.tistory.com/6806

Thumbnail for 탈세제보로 위장한 Konni(코니) 에서 만든 악성코드-첨부1_소명자료 목록(탈세제보)(2024.4.5)

The report analyzes a Konni-linked LNK malware sample disguised as a tax-evasion evidence HWP attachment. When opened, the shortcut launches PowerShell, uses obfuscated script content, and is associated with the SHA-256 hash 2189aa5be8a01bc29a314c3c3803c2b8131f49a84527c6b0a710b50df661575e, making it useful for defenders tracking North Korea-linked phishing and document-lure intrusion activity.

Indicators of Compromise

Type Value First Seen Last Seen
HASH 65f5f7d127c478522e9669200de2000… 2024-05-06 2024-10-30
HASH 2189aa5be8a01bc29a314c3c3803c2b… 2024-05-06 2024-10-30
HASH 9d6c79c0b395cceb83662aa3f7ed0123 2024-05-06 2024-10-30
URL https://jethropc.com/wp-admin/c… 2024-05-06 2024-08-22
URL https://jethropc.com/wp-admin/c… 2024-05-06 2024-05-06
EMAIL [email protected] 2024-04-22 2024-05-06
DOMAIN mail9602-udlv.com 2024-04-22 2024-05-06

Related Actors

Related Reports

« Back