Kimsuky Group Uses AutoIt to Create Malware (RftRAT, Amadey) [Wednesday, December 13, 2023]

Kimsuky Group Uses AutoIt to Create Malware (RftRAT, Amadey) [Wednesday, December 13, 2023]
Report

Kimsuky Group Uses AutoIt to Create Malware (RftRAT, Amadey)

Description :
Malware used by the Kimsuky group to steal information and technology from South Korea and other countries has been identified by researchers.

Published Created Modified
2023-12-13 13:38:47 2023-12-13 13:38:47 2023-12-13 13:48:25

Tags

Indicators

IPv4s :
  • 152.89.247.57
  • 23.236.181.108
  • 45.76.93.204
  • 192.236.154.125
  • 209.127.37.40
  • 91.202.5.80
  • 172.93.201.248
URLs :
  • https://splitbusiness.com/index.php
  • https://prohomepage.net/index.php
  • https://theservicellc.com/index.php
  • https://topspace.org/index.php
  • https://techgolfs.com/index.php
  • http://brhosting.net/index.php
Domains :
  • splitbusiness.com
  • topspace.org
  • brhosting.net
  • prohomepage.net
  • techgolfs.com
  • theservicellc.com
  • ciso2ciso.com
Hashes :
  • 42aaa172c7339134955aefb78fc389b2d9db328b889f98ba72fa776214203b66
  • d42a76f48a97037110d72e21e25bceede2188883ff45cecdf753cf93fcf5cb61
  • 58d6cb80f229326fa0d5418971c2d2706778d99e7712c6149f995036b7113ffe
  • 156a58be2307626aedef51165a944c71074a31456255e94aa34273be315c3f8c
  • 0f43a98afb2d511fe00028e23c5d418d5dabc1f6a3d6331427cce7d67b6a54fa
  • 498b820f2c21d9b30180ac5e82a2cc581aa2b76fb5ae3272b4e6f1898209c72b
  • fa7d61c8ad81d81a45382c7d8ca230b178c99f78347d3bb82119fa1b815e3cfc
  • 895f9f6d31a7069c8148a0d39ce7dca2b0f711d3d6294c6a3fb52a60f59924e8
  • 61ad37b39465752d15c92741c8e01440b50043aea13b0b9c4e99f2e674d20da5
  • 6c381cfbf56d2593b4341d88401d8fa65810121b1da2b97cc1b2c23d80f80a60
  • 02951f9f32ba0c5695aa54f7a7232ac5efd207d0c2760c537e31d9d73c8c0267
  • 2dab3f8a2264ca5f2a2376d732fc6c825cf93e43abd2eb6759620208e8b23fef
  • ccd7dbed32827b1898779cc1a087183e6261f5f3eca4e4d2ee0e0406de1f4250
  • ed9f048516ddc55d608dd0d8afb335362ecd64e429e1a5bebd2d990792b8fa73
  • c423c1958f29cd0015f69ffe7d361aa61ba21e6a3645d4c34e12a0919395562d
  • 2442716863e5039002f24b2445ea63725b05f4aea078920dcd07f0844b03722f
  • 32bf468cf695717514a939f27ee0272e38300b218984fef53a7eca0bf4f04379
  • bba6496a85d40c66d9d1a57a35753a4cca09c89e59d982765dcff10fd92e4456
  • ebec709ce266156dd5ab84e464fd1eb7524181f283c7121a557cc96fadcfbb43
  • 399f8a0be000f5563faab1bdf55ffa32cacb1ca234268e785e0232c23dc3d7ad
MITRE ATT&CK Techniques :

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.