Threat Trend Report on Kimsuky – April 2023
Contents
AhnLab Cyber Threat Intelligence Report
TLP: GREEN
Threat Trend Report on Kimsuky
April 2023 Statistics and Major Issues
V1.0
AhnLab Security Emergency response Center (ASEC)
May 4, 2023
April 2023 Threat Trend Report on Kimsuky Group
Classification
Publications or provided content can only be used within the scope allowed for each
classification as shown below.
Classification
TLP: RED
TLP: AMBER
TLP: GREEN
TLP: WHITE
Distribution Targets
Precautions
Documents that can only be accessed by
Reports only provided for
the recipient or the recipient department
certain clients and
Cannot be copied or distributed except by
tenants
the recipient
Can be copied and distributed within the
recipient organization (company) of
Reports only provided for
reports
limited clients and
Must seek permission from AhnLab to use
tenants
the report outside the organization, such as
for educational purposes
Can be freely used within the industry and
utilized as educational materials for
Reports that can be used
internal training, occupational training, and
by anyone within the
security manager training
service
Strictly limited from being used as
presentation materials for the public
Cite source
Available for commercial and nonReports that can be
commercial uses
freely used
Can produce derivative works by changing
the …
TLP: GREEN
Threat Trend Report on Kimsuky
April 2023 Statistics and Major Issues
V1.0
AhnLab Security Emergency response Center (ASEC)
May 4, 2023
April 2023 Threat Trend Report on Kimsuky Group
Classification
Publications or provided content can only be used within the scope allowed for each
classification as shown below.
Classification
TLP: RED
TLP: AMBER
TLP: GREEN
TLP: WHITE
Distribution Targets
Precautions
Documents that can only be accessed by
Reports only provided for
the recipient or the recipient department
certain clients and
Cannot be copied or distributed except by
tenants
the recipient
Can be copied and distributed within the
recipient organization (company) of
Reports only provided for
reports
limited clients and
Must seek permission from AhnLab to use
tenants
the report outside the organization, such as
for educational purposes
Can be freely used within the industry and
utilized as educational materials for
Reports that can be used
internal training, occupational training, and
by anyone within the
security manager training
service
Strictly limited from being used as
presentation materials for the public
Cite source
Available for commercial and nonReports that can be
commercial uses
freely used
Can produce derivative works by changing
the …
IoC
00DBF10C3103ED95F6ABE0F98B2384F7
1A7098EE5571A5FA928EB517A56740EB
1FF29B06DC80EAE0F3583C965BBDFE92
34C58AC8F0F780512B7165697FC693FA
433A2A49A84545F23A038F3584F28B4A
5F88DA72ABDBD23DA4DF12385F26EB99
6158C202A1005F0EF64B3A9AC85C4950
6B017DCAABA40712B74FADAA5CBC94C9
6D788BC0BE3F8F271DE503CFC8BF5928
7BFBA6A51C9193AC142EAB8C2C180470
7FCED6CD5C31375FDF4BF3AD9A24E5A8
84B18F77CF556C31582C96FDE60CAD34
8867E234ED6E619C38198F1576EA9438
955170427D0C4F9C23F7B8507A6003AA
B29DE686362EA0D2D1B768E2E4438A91
B5FA9FC4CE170AE200C6FF9B568CF967
BC1C1013568BF6DEED4AA4AF00536B47
C3026118C6EC57EF62B627B4A3CE0C31
E3FE5030FFA123FE6BEBE6CB73E3949E
http://greenspace1.com/gnuboard4/bbs/png/main.php?query=[RandomNumber
http://greenspace1.com/gnuboard4/bbs/png/stdio.php?idx=[RandomNumber
http://ibsq.co.kr/m.layouts/demo.txt
http://usn.drctech.kr/motel2/plugin/new/test/main.php?query=[RandomNumber
http://usn.drctech.kr/motel2/plugin/new/test/stdio.php?idx=[RandomNumber
http://www.mowu119.com/skin/shop/basic/jhstyle/lib.php?idx=[RandomNumber
http://www.mowu119.com/skin/shop/basic/jhstyle/list.php?query=[RandomNumber
1A7098EE5571A5FA928EB517A56740EB
1FF29B06DC80EAE0F3583C965BBDFE92
34C58AC8F0F780512B7165697FC693FA
433A2A49A84545F23A038F3584F28B4A
5F88DA72ABDBD23DA4DF12385F26EB99
6158C202A1005F0EF64B3A9AC85C4950
6B017DCAABA40712B74FADAA5CBC94C9
6D788BC0BE3F8F271DE503CFC8BF5928
7BFBA6A51C9193AC142EAB8C2C180470
7FCED6CD5C31375FDF4BF3AD9A24E5A8
84B18F77CF556C31582C96FDE60CAD34
8867E234ED6E619C38198F1576EA9438
955170427D0C4F9C23F7B8507A6003AA
B29DE686362EA0D2D1B768E2E4438A91
B5FA9FC4CE170AE200C6FF9B568CF967
BC1C1013568BF6DEED4AA4AF00536B47
C3026118C6EC57EF62B627B4A3CE0C31
E3FE5030FFA123FE6BEBE6CB73E3949E
http://greenspace1.com/gnuboard4/bbs/png/main.php?query=[RandomNumber
http://greenspace1.com/gnuboard4/bbs/png/stdio.php?idx=[RandomNumber
http://ibsq.co.kr/m.layouts/demo.txt
http://usn.drctech.kr/motel2/plugin/new/test/main.php?query=[RandomNumber
http://usn.drctech.kr/motel2/plugin/new/test/stdio.php?idx=[RandomNumber
http://www.mowu119.com/skin/shop/basic/jhstyle/lib.php?idx=[RandomNumber
http://www.mowu119.com/skin/shop/basic/jhstyle/list.php?query=[RandomNumber