IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

Securonix Threat Research Security Advisory: Analysis of New DEEP#GOSU Attack Campaign Likely Associated with North Korean Kimsuky Targeting Victims with Stealthy Malware

DATE : 2024-03-18T16:07:50
SOURCE : youtube.com

FILE_HASH_SHA256:
46A5D54C264152CE915792AF31C75824A558AF7D7340D78B34E146D8C6249E79
1B75F70C226C9ADA8E79C3FDD987277B0199928800C51E5A1E55FF01246701DB
69C917EA96DB28DBD5B67073CA0AAC234D25651A849171B45F20979EAFA05A1C

Domain:
content.dropboxapi.com
gbionet.com
asec.ahnlab.com
regard.co.kr
genians.co.kr
group-ib.com

Url:
https://content.dropboxapi.com/2/files/download/step2/ps.bi
https://content.dropboxapi.com/2/files/download/step2/r_enc.bi
https://content.dropboxapi.com/2/files/download/step2/info_sc.txt
https://content.dropboxapi.com/2/files/download/step2/info_ps.bi
https://content.dropboxapi.com/2/files/download/step2/ad_ps.bi
https://www.genians.co.kr/hubfs/blogfile/20231030_threat_inteligence_report_Kimsuky.pdf
https://www.group-ib.com/blog/dark-pink-apt
https://asec.ahnlab.com/wp-content/uploads/2023/04/ATIP_2023_Feb_Threat-Trend-Report-on-Kimsuky-Group.pdf
https://asec.ahnlab.com/en/54736