Democratic People's Republic of Korea (DPRK)
· Published 21/12/2025 07:11 · Modified 21/12/2025 07:11
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 07:11
- Modified
- 21/12/2025 07:11
- Updated at
- 21/12/2025 07:11
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 1 reports, 16 attack patterns (mitre), 2 malware, 2 sectors, 5 indicators
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (1)
-
16 MITREs 2 Malwares 8 Observables 1 APTPublished 17/09/2024 13:55 · Modified 17/09/2024 14:59
Attack patterns (MITRE) (16)
-
T1547.001 usesRegistry Run Keys / Startup Folder
-
T1589.001 usesCredentials
-
T1056.001 usesKeylogging
-
Transport Agent usesT1505.002
-
T1592 usesGather Victim Host Information
-
T1589 usesGather Victim Identity Information
-
Port Monitors usesT1547.010
-
T1059.001 usesPowerShell
-
T1059.005 usesVisual Basic
-
T1059.007 usesJavaScript
-
T1021.001 usesRemote Desktop Protocol
-
T1497.001 usesSystem Checks
-
T1059.006 usesPython
-
T1546.003
-
T1137 usesOffice Application Startup
-
T1610 usesDeploy Container
Malware (2)
-
Thiefbucket usesFamilyPublished 17/09/2024 13:55 · Modified 17/09/2024 13:55
-
RustDoor usesFamilyPublished 21/01/2025 22:17 · Modified 21/01/2025 22:17
Sectors (2)
- Finance targets
- Technology targets
Indicators (5)
-
https://taurihostmetrics.com/cloud/zsh_envindicates -
https://taurihostmetrics.com/cloud/VisualStudioHelperindicates -
taurihostmetrics.comindicates -
wiresapplication.comindicates -
juchesoviet48.comindicates