{ "type": "bundle", "id": "bundle--87fd49df-bb1b-4f4f-a9c1-0fc4daf78ab3", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--5ace95f0-bd6c-4fee-a494-ca40e791918d", "created": "2023-03-08T12:51:44.544245Z", "modified": "2024-09-09T23:28:33.92829Z", "name": "PaloaltoNetworks", "identity_class": "organization" }, { "type": "file", "spec_version": "2.1", "id": "file--93855af1-d87a-439b-865c-86eae521f3d8", "hashes": { "SHA-256": "4b87b775cdb265ecd872a71be810d7816d0d8b54663b3c536862db098874f288" } }, { "type": "file", "spec_version": "2.1", "id": "file--5b3e1a4c-dc23-4575-ba3b-e0af44ec92d1", "hashes": { "SHA-256": "8a000aa43c17250dd02f842bc2ab37e47dd8d68da0d59753943df8b37004b701" } }, { "type": "file", "spec_version": "2.1", "id": "file--cf3b343e-62cd-4468-a073-e504ba55a64e", "hashes": { "SHA-256": "3c2ea04090ad8c28116c42a9a2be5b240f135ac184e5a2c121b4eb311a7bf075" } }, { "type": "file", "spec_version": "2.1", "id": "file--03f7da1e-ee9b-4c0b-bcce-0dc3ec2d3b5e", "hashes": { "SHA-256": "eb68ed54e543c18070e5cc93a27db4a508d79016c09e28a47260ca080110328f" } }, { "type": "file", "spec_version": "2.1", "id": "file--922f01d8-8e79-4b92-88a1-d5b8af1ce7b6", "hashes": { "SHA-256": "2ba3397cba28af1a929403910035b78bf946acbafe9e186ac329b55086fe7703" } }, { "type": "file", "spec_version": "2.1", "id": "file--2a51c485-af24-41f2-9c6c-3ec8bd39a3d2", "hashes": { "SHA-256": "9e4e45e8f12db94997767bd3899968b9bc147bf08c062d3caea7f0864a67ea2c" } }, { "type": "file", "spec_version": "2.1", "id": "file--59a9d300-3a14-4989-9c1a-aa035e4b1c46", "hashes": { "SHA-256": "5a18a29791cfb18767a43bebb61f923e64be7988235213678514007174f60b3e" } }, { "type": "file", "spec_version": "2.1", "id": "file--271119c4-45c1-434b-93b6-e3116eb54cb0", "hashes": { "SHA-256": "9c9136fc8a279ce395997dd42c075e265c6daec14b13bbe4237a4178769d270e" } }, { "type": "file", "spec_version": "2.1", "id": "file--80b1311d-3ee7-4be8-8223-81c3cbddac5a", "hashes": { "SHA-256": "945e4f78196ef3a5548996a8d09e4220b779a2e78d40a86d64f233f7908550e6" } }, { "type": "file", "spec_version": "2.1", "id": "file--b626d531-38c5-4f0b-8dd0-df97471b9fbf", "hashes": { "SHA-256": "bcdc99e0f17486aa5a5faa0b9e7d7ccbeaa5372626733433214bb722ba260234" } }, { "type": "file", "spec_version": "2.1", "id": "file--6320cf66-cdff-4f68-95ae-0ced6dca40c6", "hashes": { "SHA-256": "f4d9547269e0cd7a0df97e394f688e0eb00b31965abd5e6ad67d373a7dc58f3b" } }, { "type": "file", "spec_version": "2.1", "id": "file--1663afaf-c0e2-4db4-b94e-33d2945424f6", "hashes": { "SHA-256": "3b0a3bd5b790e5f130e7819550613b7e0194a3475f553285a1b7dc18ecca9d02" } }, { "type": "file", "spec_version": "2.1", "id": "file--260582c1-fa92-466e-9b8c-efb8f53cb0ab", "hashes": { "SHA-256": "97d1bd607b4dc00c356dd873cd4ac309e98f2bb17ae9a6791fc0a88bc056195a" } }, { "type": "file", "spec_version": "2.1", "id": "file--62adf700-f5df-4640-bcb8-b9f048cdc4fd", "hashes": { "SHA-256": "ab8862628584aa429fe7614d1c674bbdf324fa2668c4d3c94670cf6b6db597f6" } }, { "type": "file", "spec_version": "2.1", "id": "file--d9dd78e5-59ff-4f69-8e62-72538b72631b", "hashes": { "SHA-256": "5097553dff2a2da4f16b80a346fe543422b22d262e0c40e187b345afbcc7d41a" } }, { "type": "file", "spec_version": "2.1", "id": "file--2f84c612-ac90-44e3-b7f5-ac3777602b2a", "hashes": { "SHA-256": "b7dad38a099947612fcc42c50f4ba1708af969a3222b3345bdff35323a41974d" } }, { "type": "file", "spec_version": "2.1", "id": "file--bbab19df-8043-4cad-badf-155ff0a54583", "hashes": { "SHA-256": "4e45009f5b582ca404b197d28805e363a537856b55e39c5c806fcf05acd928ff" } }, { "type": "file", "spec_version": "2.1", "id": "file--e8cf7154-eda2-4563-8f94-0f7f788767b8", "hashes": { "SHA-256": "f73164bd4d2a475f79fb7d0806cfc3ddb510015f9161e7dce537d90956c11393" } }, { "type": "file", "spec_version": "2.1", "id": "file--23562614-d6d3-4b5d-b73b-f339c2b76fa4", "hashes": { "SHA-256": "c356cd9fea07353a0ee4dfd4652bf79111b70790e7ed63df6b31d7ec2f5953d5" } }, { "type": "file", "spec_version": "2.1", "id": "file--1bdb2ad2-ff81-4a02-b9b5-afd386a8702b", "hashes": { "SHA-256": "3c6476411d214d40d0cc43241f63e933f5a77991939de158df40d84d04b7aa78" } }, { "type": "file", "spec_version": "2.1", "id": "file--ed3e1e49-876b-405a-b20c-7abc8bb12cf0", "hashes": { "SHA-256": "8b0b62a31b348c5a2337ee69cfd3f68a427466539484f55f1cd2910237b59700" } }, { "type": "file", "spec_version": "2.1", "id": "file--1d9e468b-d7cb-46ef-9372-12c47b581c1e", "hashes": { "SHA-256": "ef0ce406fa722d30bfa094c660e81ed4a72ff8c75a629081293f4a86e0e587c2" } }, { "type": "file", "spec_version": "2.1", "id": "file--c0a85a2a-1b66-4dc4-a0de-826e49fa124b", "hashes": { "SHA-256": "bdb272189a7cdcf166fce130d58b794b242c582032f19369166b3d4cfdc0902c" } }, { "type": "file", "spec_version": "2.1", "id": "file--183ed93f-ac50-4099-ab59-16dd09997757", "hashes": { "SHA-256": "d92b858d691c84b4e3752fdd46b5673fbd6b5af101a7111c1d8756c90271b732" } }, { "type": "file", "spec_version": "2.1", "id": "file--550c87ba-5de0-4780-a9ce-7e3a021171a4", "hashes": { "SHA-256": "85be5cc01f0e0127a26dceba76571a94335d00d490e5391ccef72e115c3301b3" } }, { "type": "file", "spec_version": "2.1", "id": "file--51637e80-2c7d-4abb-a0f3-5c1df137c24b", "hashes": { "SHA-256": "7a37e2d6dc941386d1f300bac48056030f37c950bcd441d83eca708d2beab939" } }, { "type": "file", "spec_version": "2.1", "id": "file--246cc2b7-6e89-4b9a-b1f3-02e3d5acc10d", "hashes": { "SHA-256": "02783530bbd8416ebc82ab1eb5bbe81d5d87731d24c6ff6a8e12139a5fe33cee" } }, { "type": "file", "spec_version": "2.1", "id": "file--b00bfce6-b589-423d-ad98-b2a736849e5c", "hashes": { "SHA-256": "96df4f9cb5d9cacd6e3b947c61af9b8317194b1285936ce103f155e082290381" } }, { "type": "file", "spec_version": "2.1", "id": "file--21722a51-de8c-4f2b-91c3-93d62249333e", "hashes": { "SHA-256": "accf50d769408253bf9a7da378228debce7c8f6d60fb76da48196fe42cacedf3" } }, { "type": "file", "spec_version": "2.1", "id": "file--f11e1301-fdd2-4962-b159-f88935dff72d", "hashes": { "SHA-256": "9bfbf7618a2c5270d552f4deb69b56082cc7723433a1517678863363cb800161" } }, { "type": "file", "spec_version": "2.1", "id": "file--02b58b02-480c-41dc-a3a2-d8adb567cec3", "hashes": { "SHA-256": "b103190c647ddd7d16766ee5af19e265f0e15d57e91a07b2a866f5b18178581c" } }, { "type": "file", "spec_version": "2.1", "id": "file--874c4d74-672f-4476-a87a-9042d0cd90fd", "hashes": { "SHA-256": "be080777332ad1186fb8547a6a354b2beba62f2a24537eb7b79e849f084a95be" } }, { "type": "file", "spec_version": "2.1", "id": "file--f8825ec1-16a8-41d0-be73-e2d2b03dfb4c", "hashes": { "SHA-256": "45980cc8afb4e1b3738130d0855bb608530eef6731c5116fd053ac6e04159725" } }, { "type": "file", "spec_version": "2.1", "id": "file--2b9502f7-5735-441f-9995-83e7c4d5847b", "hashes": { "SHA-256": "d7a61ab1b1eadd3b34386ec2a96324195ec25cd71fe4e5d9a8f993a6bd52eb92" } }, { "type": "file", "spec_version": "2.1", "id": "file--d34cba73-51df-4350-99f8-7025d088b831", "hashes": { "SHA-256": "7a9f4ca13aed4d6d8ba430bc2b2f5ac2e4f9c7b5de2f5d2ba5aada211059da73" } }, { "type": "file", "spec_version": "2.1", "id": "file--b026f494-a47f-4e2d-b1c5-bfc913a60e8e", "hashes": { "SHA-256": "b90b2d992b41d146e70b775e2bc0430b9f7fb0ed0cd285c59daea92c2fc6af0b" } }, { "type": "file", "spec_version": "2.1", "id": "file--8a7e2e24-655a-47fd-ae9f-8d9cd19a9243", "hashes": { "SHA-256": "6347d70b73e1cabadf8af8602b22a8220ed5b7298dbc15f16eb7dd493d6c6a78" } }, { "type": "file", "spec_version": "2.1", "id": "file--13a3de86-76d6-4f34-9660-7ed6f294b734", "hashes": { "SHA-256": "3589c871b56cf76ce28c6be914b206afe977ec13b0894f56e05c5772a3c7e495" } }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--86567d6c-1d16-48a3-86b0-2ba54e17ab65", "value": "secservice.ddns.net" }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--6eac4d50-8acc-4b49-acf0-c08d24af2930", "value": "131.153.13.235" }, { "type": "file", "spec_version": "2.1", "id": "file--d3836f6c-34a6-4c5c-8c22-6e09e7850c9f", "hashes": { "SHA-256": "28f2fcece68822c38e72310c911ef007f8bd8fd711f2080844f666b7f371e9e1" } }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--ab06445e-a4c3-4d89-bac1-34f4fac5c3b0", "value": "srvdown.ddns.net" }, { "type": "file", "spec_version": "2.1", "id": "file--2eecef7d-1726-4c76-b067-a9a1995ad6b3", "hashes": { "SHA-256": "a66c25b1f0dea6e06a4c9f8c5f6ebba0f6c21bd3b9cc326a56702db30418f189" } }, { "type": "report", "spec_version": "2.1", "id": "report--eb69d800-9598-4a46-a9fc-7fab195c4e18", "created_by_ref": "identity--5ace95f0-bd6c-4fee-a494-ca40e791918d", "created": "2026-06-24T19:21:39.428252Z", "modified": "2026-06-24T19:21:39.428252Z", "name": "Exploring a New KimJongRAT Stealer Variant and Its PowerShell Implementation", "published": "2025-06-17T00:00:00Z", "object_refs": [ "identity--5ace95f0-bd6c-4fee-a494-ca40e791918d", "file--93855af1-d87a-439b-865c-86eae521f3d8", "file--5b3e1a4c-dc23-4575-ba3b-e0af44ec92d1", "file--cf3b343e-62cd-4468-a073-e504ba55a64e", "file--03f7da1e-ee9b-4c0b-bcce-0dc3ec2d3b5e", "file--922f01d8-8e79-4b92-88a1-d5b8af1ce7b6", "file--2a51c485-af24-41f2-9c6c-3ec8bd39a3d2", "file--59a9d300-3a14-4989-9c1a-aa035e4b1c46", "file--271119c4-45c1-434b-93b6-e3116eb54cb0", "file--80b1311d-3ee7-4be8-8223-81c3cbddac5a", "file--b626d531-38c5-4f0b-8dd0-df97471b9fbf", "file--6320cf66-cdff-4f68-95ae-0ced6dca40c6", "file--1663afaf-c0e2-4db4-b94e-33d2945424f6", "file--260582c1-fa92-466e-9b8c-efb8f53cb0ab", "file--62adf700-f5df-4640-bcb8-b9f048cdc4fd", "file--d9dd78e5-59ff-4f69-8e62-72538b72631b", "file--2f84c612-ac90-44e3-b7f5-ac3777602b2a", "file--bbab19df-8043-4cad-badf-155ff0a54583", "file--e8cf7154-eda2-4563-8f94-0f7f788767b8", "file--23562614-d6d3-4b5d-b73b-f339c2b76fa4", "file--1bdb2ad2-ff81-4a02-b9b5-afd386a8702b", "file--ed3e1e49-876b-405a-b20c-7abc8bb12cf0", "file--1d9e468b-d7cb-46ef-9372-12c47b581c1e", "file--c0a85a2a-1b66-4dc4-a0de-826e49fa124b", "file--183ed93f-ac50-4099-ab59-16dd09997757", "file--550c87ba-5de0-4780-a9ce-7e3a021171a4", "file--51637e80-2c7d-4abb-a0f3-5c1df137c24b", "file--246cc2b7-6e89-4b9a-b1f3-02e3d5acc10d", "file--b00bfce6-b589-423d-ad98-b2a736849e5c", "file--21722a51-de8c-4f2b-91c3-93d62249333e", "file--f11e1301-fdd2-4962-b159-f88935dff72d", "file--02b58b02-480c-41dc-a3a2-d8adb567cec3", "file--874c4d74-672f-4476-a87a-9042d0cd90fd", "file--f8825ec1-16a8-41d0-be73-e2d2b03dfb4c", "file--2b9502f7-5735-441f-9995-83e7c4d5847b", "file--d34cba73-51df-4350-99f8-7025d088b831", "file--b026f494-a47f-4e2d-b1c5-bfc913a60e8e", "file--8a7e2e24-655a-47fd-ae9f-8d9cd19a9243", "file--13a3de86-76d6-4f34-9660-7ed6f294b734", "domain-name--86567d6c-1d16-48a3-86b0-2ba54e17ab65", "ipv4-addr--6eac4d50-8acc-4b49-acf0-c08d24af2930", "file--d3836f6c-34a6-4c5c-8c22-6e09e7850c9f", "domain-name--ab06445e-a4c3-4d89-bac1-34f4fac5c3b0", "file--2eecef7d-1726-4c76-b067-a9a1995ad6b3" ], "external_references": [ { "source_name": "source", "url": "https://unit42.paloaltonetworks.com/kimjongrat-stealer-variant-powershell/" } ] } ] }