{ "type": "bundle", "id": "bundle--675b249f-541c-4842-bf1b-4ba1c233d7c0", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--2b81ac94-301c-4ad2-9570-be4d616d870c", "created": "2023-03-08T12:51:45.55441Z", "modified": "2024-10-04T00:29:05.547086Z", "name": "Securonix", "identity_class": "organization" }, { "type": "file", "spec_version": "2.1", "id": "file--48c8381f-2eaf-4d3a-8983-a82f2008e74e", "hashes": { "SHA-256": "89cad9a57985cc0ab3b7403a943ad0aa7b167dc7a3c38557417fedea67a77b87" } }, { "type": "file", "spec_version": "2.1", "id": "file--75cbe60c-138c-49a1-bb76-f37141b56eb7", "hashes": { "SHA-256": "60666cacdd6806ed05771f32eaa719e3efd2f4db55f28a447d383c3eac1dc72e" } }, { "type": "file", "spec_version": "2.1", "id": "file--64c595c1-70d7-4bcc-9164-6bfed4f1f710", "hashes": { "SHA-256": "b72caab78d164637fea0937d7a94fc470579ec6bb4fa87dadb6f0fa7826e217c" } }, { "type": "file", "spec_version": "2.1", "id": "file--ca140f42-9158-4ec2-b16d-8376d4e4e354", "hashes": { "SHA-256": "f262588c48d2902992ffd275d2be6362fe7f02e2f00a44ab8c75ac1a2827c6e9" } }, { "type": "file", "spec_version": "2.1", "id": "file--8d9c6ccb-5633-4a00-af62-605e75c25348", "hashes": { "SHA-256": "69c917ea96db28dbd5b67073ca0aac234d25651a849171b45f20979eafa05a1c" } }, { "type": "file", "spec_version": "2.1", "id": "file--504b5364-ae03-4861-bb6d-0cfda5e0f885", "hashes": { "SHA-256": "1b75f70c226c9ada8e79c3fdd987277b0199928800c51e5a1e55ff01246701db" } }, { "type": "file", "spec_version": "2.1", "id": "file--93504d45-8b8a-4e3a-8ead-21a7f3723293", "hashes": { "SHA-256": "1617587ccdf5b0344089559ecf8fe7d39f6e07a6a64f74f2b44bfa2c8cb67983" } }, { "type": "file", "spec_version": "2.1", "id": "file--43ca9011-bff5-4f6d-a7bc-4e473cb04524", "hashes": { "SHA-256": "46a5d54c264152ce915792af31c75824a558af7d7340d78b34e146d8c6249e79" } }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--ea1e55cf-394a-4706-8c14-a9f5e4d960c8", "value": "regard.co.kr" }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--f9bffbc0-4808-4f64-a00f-98b3249f3c2a", "value": "gbionet.com" }, { "type": "url", "spec_version": "2.1", "id": "url--56440a04-2ee7-4897-a5e6-8403d6ab1d4b", "value": "https://content.dropboxapi.com/2/files/download/step2/r_enc.bin" }, { "type": "url", "spec_version": "2.1", "id": "url--7785349e-71be-4109-a098-751001245e16", "value": "https://content.dropboxapi.com/2/files/download/step2/ad_ps.bin" }, { "type": "url", "spec_version": "2.1", "id": "url--d0a5fa50-2f65-4874-b179-da0417da801f", "value": "http://gbionet.com/inc/basl/up1/list.php?query=6" }, { "type": "url", "spec_version": "2.1", "id": "url--562b0be8-c20f-47d3-9bc7-97303f32b9c1", "value": "https://content.dropboxapi.com/2/files/download/step2/info_sc.txt" }, { "type": "url", "spec_version": "2.1", "id": "url--b9263f70-ccd9-4a52-8391-f18fc8dc1ff5", "value": "https://content.dropboxapi.com/2/files/download/step2/ps.bin" }, { "type": "url", "spec_version": "2.1", "id": "url--7296f1c6-c0b7-46ba-b2ad-665c474fc7fc", "value": "https://content.dropboxapi.com/2/files/download/step2/info_ps.bin" }, { "type": "threat-actor", "spec_version": "2.1", "id": "threat-actor--3cad7692-b5b4-565b-88b1-63998b3f44a1", "created": "2026-06-24T21:17:48.326958Z", "modified": "2026-06-24T21:17:48.326958Z", "name": "Kimsuky" }, { "type": "report", "spec_version": "2.1", "id": "report--58b0c290-0da7-4dbe-bc81-32d2de16bbf2", "created_by_ref": "identity--2b81ac94-301c-4ad2-9570-be4d616d870c", "created": "2026-06-24T21:17:48.360785Z", "modified": "2026-06-24T21:17:48.360785Z", "name": "Analysis of New DEEP#GOSU Attack Campaign Likely Associated with North Korean Kimsuky Targeting Victims with Stealthy Malware", "published": "2024-03-18T00:00:00Z", "object_refs": [ "identity--2b81ac94-301c-4ad2-9570-be4d616d870c", "file--48c8381f-2eaf-4d3a-8983-a82f2008e74e", "file--75cbe60c-138c-49a1-bb76-f37141b56eb7", "file--64c595c1-70d7-4bcc-9164-6bfed4f1f710", "file--ca140f42-9158-4ec2-b16d-8376d4e4e354", "file--8d9c6ccb-5633-4a00-af62-605e75c25348", "file--504b5364-ae03-4861-bb6d-0cfda5e0f885", "file--93504d45-8b8a-4e3a-8ead-21a7f3723293", "file--43ca9011-bff5-4f6d-a7bc-4e473cb04524", "domain-name--ea1e55cf-394a-4706-8c14-a9f5e4d960c8", "domain-name--f9bffbc0-4808-4f64-a00f-98b3249f3c2a", "url--56440a04-2ee7-4897-a5e6-8403d6ab1d4b", "url--7785349e-71be-4109-a098-751001245e16", "url--d0a5fa50-2f65-4874-b179-da0417da801f", "url--562b0be8-c20f-47d3-9bc7-97303f32b9c1", "url--b9263f70-ccd9-4a52-8391-f18fc8dc1ff5", "url--7296f1c6-c0b7-46ba-b2ad-665c474fc7fc", "threat-actor--3cad7692-b5b4-565b-88b1-63998b3f44a1" ], "external_references": [ { "source_name": "source", "url": "https://www.securonix.com/blog/securonix-threat-research-security-advisory-new-deepgosu-attack-campaign/" } ] } ] }