North Korean APT Kimsuky aka Black Banshee – Active IOCs
Contents
Multiple WordPress Plugins Vulnerabilities
March 17, 2025Multiple Microsoft Products Vulnerabilities
March 17, 2025Multiple WordPress Plugins Vulnerabilities
March 17, 2025Multiple Microsoft Products Vulnerabilities
March 17, 2025Severity
High
Analysis Summary
Kimsuky is a North Korean advanced persistent threat (APT) group, also known as "Black Banshee". The group has been active since at least 2012 and is believed to be state-sponsored. Kimsuky is known for conducting cyber espionage operations and targeting organizations and individuals in various countries, including South Korea, Japan, and the United States. The group has been observed using various techniques to compromise its targets, such as phishing attacks, malware infections, and supply chain attacks. The group's ultimate goals and motivations are not well understood, but they are generally believed to be focused on intelligence gathering and political or economic gain. The tactics, techniques, and procedures (TTPs) used by the Kimsuky APT group are constantly evolving, but some of their most commonly used methods include:
- Phishing attacks: The …
March 17, 2025Multiple Microsoft Products Vulnerabilities
March 17, 2025Multiple WordPress Plugins Vulnerabilities
March 17, 2025Multiple Microsoft Products Vulnerabilities
March 17, 2025Severity
High
Analysis Summary
Kimsuky is a North Korean advanced persistent threat (APT) group, also known as "Black Banshee". The group has been active since at least 2012 and is believed to be state-sponsored. Kimsuky is known for conducting cyber espionage operations and targeting organizations and individuals in various countries, including South Korea, Japan, and the United States. The group has been observed using various techniques to compromise its targets, such as phishing attacks, malware infections, and supply chain attacks. The group's ultimate goals and motivations are not well understood, but they are generally believed to be focused on intelligence gathering and political or economic gain. The tactics, techniques, and procedures (TTPs) used by the Kimsuky APT group are constantly evolving, but some of their most commonly used methods include:
- Phishing attacks: The …
IoC
http://mrasis.n-e.kr/
101.36.114.190
2bd2657c4924e2cb6f2ae33997262c7cd8432fe1
3cc47aea39c48aa22fbf246f11cd4aaa8179efa48bb1c3e30fbf70541fe2cf87
a6598bbdc947286c84f951289d14425c
5f23b1ca43f6a18e3c9f21d390f5d1e187b1339b07a1dce70f8338f3be320878
784d5df037879ed47cf46f8b2ec2c54e3c590805dbc05539ddd8c328215644a7
07c7cf4441254e8754aa62150bf8c5365c3825f4
85f5075610661c9706571a33548d7585
d5eb074d6db0e5b0725389236e883915d629de21
d414e3718ad82a9925339ac8338b77a6
6ffb5106d912e582bde2c095365fa37a441741e4b9ea7f856b2ecad9516b74c2
bc36b9e8cf23dc0287f090a5c0bad3b391d00f86
ba00e1a70e5da6ed610652a93e7cc7dd
101.36.114.190
2bd2657c4924e2cb6f2ae33997262c7cd8432fe1
3cc47aea39c48aa22fbf246f11cd4aaa8179efa48bb1c3e30fbf70541fe2cf87
a6598bbdc947286c84f951289d14425c
5f23b1ca43f6a18e3c9f21d390f5d1e187b1339b07a1dce70f8338f3be320878
784d5df037879ed47cf46f8b2ec2c54e3c590805dbc05539ddd8c328215644a7
07c7cf4441254e8754aa62150bf8c5365c3825f4
85f5075610661c9706571a33548d7585
d5eb074d6db0e5b0725389236e883915d629de21
d414e3718ad82a9925339ac8338b77a6
6ffb5106d912e582bde2c095365fa37a441741e4b9ea7f856b2ecad9516b74c2
bc36b9e8cf23dc0287f090a5c0bad3b391d00f86
ba00e1a70e5da6ed610652a93e7cc7dd