Create IOC-Kimsuky-2020-03-20.json
This commit is contained in:
parent
4a3161baa6
commit
555bbaea1f
@ -0,0 +1,72 @@
|
|||||||
|
[
|
||||||
|
{
|
||||||
|
"Type": "SHA-256",
|
||||||
|
"Indicator": "1fcd9892532813a27537f4e1a1c21ec0c110d6b3929602750ed77bbba7caa426",
|
||||||
|
"Description": "붙임. 전문가 칼럼 원고 작성 양식.doc"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Type": "SHA-256",
|
||||||
|
"Indicator": "828a5527e25e3cab4e97ed25ec2b3d2d7cdf22f868101a33802598cc974d6db4",
|
||||||
|
"Description": "flower01.ps1"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Type": "URL",
|
||||||
|
"Indicator": "http://mybobo.mygamesonline.org/flower01/flower01.ps1",
|
||||||
|
"Description": "URL delivery"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Type": "Domain",
|
||||||
|
"Indicator": "mybobo.mygamesonline.org",
|
||||||
|
"Description": "Domain C2"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Type": "IP",
|
||||||
|
"Indicator": "185.176.43.82",
|
||||||
|
"Description": "IP C2"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Type": "URL",
|
||||||
|
"Indicator": "http://mybobo.mygamesonline.org/flower01/post.php",
|
||||||
|
"Description": "URL C2"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Type": "SHA-256",
|
||||||
|
"Indicator": "7d2b9f391588cc07d9ba78d652819d32d3d79e5a74086b527c32126ad88b5015",
|
||||||
|
"Description": "COVID-19 and North Korea.docx"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Type": "URL",
|
||||||
|
"Indicator": "http://crphone.mireene.com/plugin/editor/Templates/normal.php?name=web",
|
||||||
|
"Description": "URL delivery"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Type": "SHA-256",
|
||||||
|
"Indicator": "144242e42335b015145100dbaebf902df3403244921cf81402f67778959c642",
|
||||||
|
"Description": "web.dotm"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Type": "URL",
|
||||||
|
"Indicator": "http://crphone.mireene.com/plugin/editor/Templates/filedown.php?name=v1",
|
||||||
|
"Description": "URL delivery"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Type": "SHA-256",
|
||||||
|
"Indicator": "0588510dddbd802a5a95fa299d8fa7235b0c270236cbaf51e5b57536222226bf",
|
||||||
|
"Description": "V1.py"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Type": "SHA-256",
|
||||||
|
"Indicator": "7f83912127f5b9680ff57581fc40123c21257bd8e186d7cab4c838a867bb137f",
|
||||||
|
"Description": "V60.py"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Type": "URL",
|
||||||
|
"Indicator": "http://crphone.mireene.com/plugin/editor/Templates/filedown.php?name=new",
|
||||||
|
"Description": "URL delivery"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Type": "URL",
|
||||||
|
"Indicator": "http://crphone.mireene.com/plugin/editor/Templates/upload.php",
|
||||||
|
"Description": "URL C2"
|
||||||
|
}
|
||||||
|
]
|
Loading…
Reference in New Issue
Block a user