Kimsuky 그룹이 사용하는 Github Repository
2024-07-05 • Ahnlab • GitHub Repository Used by the Kimsuky Group •
ASEC found a GitHub repository while analyzing malware tied to the Kimsuky group. The repository contained a FlowerPower malware type distributed since 2020, and ASEC said user information leaked through that GitHub location had also been uploaded there. The repository remained accessible at the time of analysis on July 5, giving defenders concrete infrastructure and tooling artifacts to correlate with earlier FlowerPower and Kimsuky activity.
Indicators of Compromise
| Type | Value | First Seen | Last Seen |
|---|---|---|---|
| HASH | daa2395113772adb0fab0cf0b2028ed2 | 2024-07-05 | 2024-07-05 |
| IPv4 | 106.14.166.53 | 2024-07-05 | 2024-07-05 |
Related Actors
Related Reports
Shares tag: Kimsuky • Same author: Ahnlab • Published within a week
Shares tag: Kimsuky • Same author: Ahnlab • Published within a month
Shares tag: Kimsuky • Same author: Ahnlab • Published within a month
Shares tag: Kimsuky • Same author: Ahnlab • Published within a month
Shares tags: Kimsuky, FlowerPower • Same author: Ahnlab
Shares tags: Kimsuky, FlowerPower • Same author: Ahnlab