Overlaps between Konni and Kimsuky Attackers

description: Links between two North Korean groups of attackers.

publish date:

reference :

IOC Table
total 28
type value
FileHash-MD5 c616893e73cfa2a5456deb578725f1e7
FileHash-MD5 b9ba36607ea379da4b6620c4e3fce2ca
FileHash-MD5 2bfbf8ce47585aa86b1ab90ff109fd57
FileHash-MD5 49b3c5975c8717da0606ec060b4271a2
FileHash-MD5 3dcd31490846e235bc17cbfdac0a9484
FileHash-MD5 dfe2f5fc4579f5cb56a76702a61e692a
FileHash-MD5 87e00dede257d234d2558ed2ae0d7ec2
FileHash-MD5 0eb6090397c74327cd4d47819f724953
FileHash-MD5 2614bd5b8177ef93efaa9b06beda2398
FileHash-MD5 b5d9d194e1bea5889096460172673081
hostname carolie-svr-v1.16mb.com
hostname filer1.1apps.com
hostname kuku675.site11.com
hostname oeks39402.890m.com
hostname naver-security-mail.96.lt
hostname naoei3-tosma.96.lt
hostname naiei-aldiel.16mb.com
hostname kuku79.herobo.com
hostname filer2.1apps.com
hostname upgradesrv.890m.com
hostname my-homework.890m.com
URL http://www.jejuseongahn.org/hboard4/data/file/AccountChooser/confirm'
URL http://filer1.1apps.Com/1.txt
URL http://filer1.1apps.com/1.txt
URL http://ago2.co.kr/bbs/data/dir
URL http://naoei3-tosma.96.lt/1
URL http://kuku675.site11.com/data/zero/log.txt
URL http://jejuseongahn.org/hboard4/data/cheditor/badu/log.txt