Trend Analysis on Kimsuky Group’s Attacks Using AppleSeed [Wednesday, January 03, 2024]

Trend Analysis on Kimsuky Group’s Attacks Using AppleSeed [Wednesday, January 03, 2024]
Report

Trend Analysis on Kimsuky Group’s Attacks Using AppleSeed

Description :
The Kimsuky Group, a North Korean-based cyber-attack group, is continuing to use the same malware that was first identified in 2022, but is still using AppleSeed in its attacks.

Published Created Modified
2024-01-03 15:19:02 2024-01-03 15:19:02 2024-01-03 15:20:31

Tags

Indicators

IPv4s :
  • 38.110.1.69
  • 107.148.71.88
  • 45.114.129.138
  • 104.168.145.83
  • 159.100.6.137
URLs :
  • http://update.doumi.kro.kr/aha/
  • http://update.onedrive.p-e.kr/aha/
  • http://doma2.o-r.kr//
  • http://tehyeran1.r-e.kr//
  • http://update.ahnlaib.kro.kr/aha/
  • http://yes24.r-e.kr/aha/
  • http://bitburny.kro.kr/aha/
  • http://my.topton.r-e.kr/address/
  • http://bitthum.kro.kr/hu/
  • http://nobtwoseb1.n-e.kr//
  • http://octseven1.p-e.kr//
Domains :
  • tehyeran1.r-e.kr
  • octseven1.p-e.kr
  • my.topton.r-e.kr
  • nobtwoseb1.n-e.kr
  • yes24.r-e.kr
  • bitthum.kro.kr
  • doma2.o-r.kr
  • update.onedrive.p-e.kr
  • update.ahnlaib.kro.kr
  • bitburny.kro.kr
  • update.doumi.kro.kr
Hashes :
  • cbdcf6224aa15c70a22346594d1956c0589a9411beb75a003eaccb15db4370a5
  • 08d740277e6c3ba06cf6e4806132d8956795b64bb32a1433a5f09bdf941a1b72
MITRE ATT&CK Techniques :

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.