xxx 토큰 유통량 및 락업 스케줄 로 위장한 Konni(코니) 에서 만든 악성코드-xxx 토큰 유통량 및 락업 스케줄(2024.5.13)
2024-05-22 • Sakai • Malware Created by Konni Disguised as the xxx Token Circulation and Lockup Schedule - xxx Token Circulation and Lockup Schedule (2024.5.13) •
The report describes Konni malware disguised as a token circulation and lockup schedule document. The lure uses a large LNK file with hashes including SHA-256 77d05cc623f860ca2e6d47cdafc517aa0612de88291de7f2a3d95c5d04f1658a, likely padded with dummy data to hinder scanning and analysis, and is relevant to North Korea-linked social-engineering and downloader tradecraft.
Indicators of Compromise
| Type | Value | First Seen | Last Seen |
|---|---|---|---|
| DOMAIN | stem.io | 2024-05-22 | 2025-05-13 |
| HASH | 77d05cc623f860ca2e6d47cdafc517a… | 2024-05-22 | 2024-08-22 |
| HASH | a0483db3725f8a50078daee7fd10f9bb | 2024-05-22 | 2024-08-22 |
| URL | http://storkse.com/upload.php | 2024-05-22 | 2024-08-22 |
| DOMAIN | storkse.com | 2024-05-22 | 2024-08-22 |
| HASH | 2bd0260ae7b0a9e6131063243209d9c… | 2024-05-22 | 2024-05-22 |
| URL | http://storkse.com/list.php?f=%… | 2024-05-22 | 2024-05-22 |
Related Actors
Related Reports
Shares tags: Konni, LNK • Same author: Sakai • Published within a month
Shares tags: Konni, LNK • Same author: Sakai • Published within a month
Shares tags: Konni, LNK • Same author: Sakai • Published within a month
Shares tags: Konni, LNK • Same author: Sakai • Published within a month
2024-07-25 •
80% Match
북한 해킹 단체 Konni(코니) 암호화폐 거래소 빗썸(Bithumb) 정보 업데이트 요청으르로 위장한 악성코드-금융당국 요청에 따른 프로젝트 정보 확인 요청의 건.zip(2024.7.23)
Sakai
Shares tags: Konni, LNK • Same author: Sakai
Shares tags: Konni, LNK • Same author: Sakai