Shares 1 IOC • Published within a week
Fake Cisco Job Posting Targets Korean Candidates
2019-01-30 • Cisco Talos •
https://blog.talosintelligence.com/2019/01/fake-korean-job-posting.html
Cisco Talos observed a targeted malware campaign using a Microsoft Word document disguised as a Cisco Korea job posting. The lure reused legitimate job-posting content and appeared to start a multi-stage infection process aimed at specific organizations. Talos also identified additional related samples, making the campaign relevant to job-themed social engineering and Korean-targeted intrusion activity.
Indicators of Compromise
| Type | Value | First Seen | Last Seen |
|---|---|---|---|
| DOMAIN | ilovesvc.com | 2019-01-30 | 2022-03-31 |
| HASH | bf27c1631ef64c1e75676375a85d48f… | 2019-01-30 | 2019-01-30 |
| HASH | 809b1201b17a77732be3a9f96a25d64… | 2019-01-30 | 2019-01-30 |
| HASH | 7af59922d4c1b4f2d589cb2853afb54… | 2019-01-30 | 2019-01-30 |
| HASH | 1497ab6ddccf91ef7f2cd75ce020bb3… | 2019-01-30 | 2019-01-30 |
| HASH | adfb60104a6399c0b1a6b4e0544cca3… | 2019-01-30 | 2019-01-30 |
| HASH | e259aa1de48fd10b7601c4486b84142… | 2019-01-30 | 2019-01-30 |
| HASH | cd2e8957a2e980ffb82c04e428fed69… | 2019-01-30 | 2019-01-30 |
Related Reports
2022-03-31 •
5% Match
#DeFi
#Lazarus
#T1082
#T1070.004
#T1041
#T1071.001
#T1083
#T1204.002
#T1124
#T1057
#T1547.001
#T1573.001
#T1070.006
Shares 1 IOC