← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
New BabyShark Malware Targets U.S. National Security Think Tanks
WHITE CyberHunter_NL 2023-04-06 Modified: 2023-04-06
49
IOCs
MEDIUM VOLUME
A North Korean threat actor is believed to be targeting a US national security think tank, according to researchers at Palo Alto Networks, who identified a new family of malware called "BabyShark’s".
babysharkkimjongratstolen pencilnovemberpalo altonorth koreanortheast asiac2 serverappdatadecoy filenamedatealliancefebruaryshellwildfire
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
STOLEN PENCIL KimJongRAT BabyShark
Indicators of Compromise (15 / 49 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA1 0a631b0072cee1e20854b187276a0ba560d6d4f8 SHA1 of 94a09aff59c0c27d1049509032d5ba05e9285fd522eb20b033b8188e0fee4ff0 2023-04-06
FileHash-SHA1 162a72a53e79602e4d0e2cc81dc5b3253498cb92 SHA1 of 52b898adaaf2da71c5ad6b3dfd3ecf64623bedf505eae51f9769918dbfb6b731 SHA1 of 52b898adaaf2da71c5ad6b3dfd3ecf64623bedf505eae51f9769918dbfb6b731 2023-04-06
FileHash-SHA1 432e43053a65d8de9011198aaa8d9fbe679cfba6 SHA1 of 0c8f17b2130addebcb2ca75bd7a982e37ddcc49d49e79fe60e3fda767f2ec972 2023-04-06
FileHash-SHA1 548b64c0f904733dd5433f6f3878487eeda54fa1 SHA1 of 1334c087390fb946c894c1863dfc9f0a659f594a3d6307fb48f24c30a23e0fc0 2023-04-06
FileHash-SHA1 5ae5ca0daccfa21706e157a19bdb67e48cbfe137 SHA1 of 8ef4bc09a9534910617834457114b9217cac9cb33ae22b37889040cde4cabea6 2023-04-06
FileHash-SHA1 7012195c8c6aca88e2d805d632f148f74f0b6e64 SHA1 of 1ad53f5ff0a782fec3bce952035bc856dd940899662f9326e01cb24af4de413d 2023-04-06
FileHash-SHA1 818bfc1fdb8126b58835e77f13afa9435e883919 SHA1 of 331d17dbe4ee61d8f2c91d7e4af17fb38102003663872223efaa4a15099554d7 2023-04-06
FileHash-SHA1 88708e9562a8c4ee4601b3990a664bc63b378753 SHA1 of 9d842c9c269345cd3b2a9ce7d338a03ffbf3765661f1ee6d5e178f40d409c3f8 2023-04-06
FileHash-SHA1 89b9b7f2c3eb275eabe78c04a30dc09281a201e6 SHA1 of 7b77112ac7cbb7193bcd891ce48ab2acff35e4f8d523980dff834cb42eaffafa 2023-04-06
FileHash-SHA1 89d599fe7a3025cd8d285dc044799c1054fb5f00 SHA1 of b3e85c569e89b6d409841463acb311839356c950d9eb64b9687ddc6a71d1b01b 2023-04-06
FileHash-SHA1 9b28ef5adf11016e4ccd3b3a422a0f48f43eed18 SHA1 of c4547c917d8a9e027191d99239843d511328f9ec6278009d83b3b2b8349011a0 2023-04-06
FileHash-SHA1 cb1125d5a57a529bf88bf590c0cb675f37261839 SHA1 of 2b6dc1a826a4d5d5de5a30b458e6ed995a4cfb9cad8114d1197541a86905d60e 2023-04-06
FileHash-SHA1 d1207b7b846b80418b459e9d03e1b5afbd3e97a7 SHA1 of 66439f0e377bbe8cda3e516e801a86c64688e7c3dde0287b1bfb298a5bdbc2a2 2023-04-06
FileHash-SHA1 d96c04952ba0cb61b64bc7f08d7257913d8b7968 SHA1 of 6f76a8e16908ba2d576cf0e8cdb70114dcb70e0f7223be10aab3a728dc65c41c 2023-04-06
FileHash-SHA1 ec4bd72fcb440f47912d06c75a9d56ad86953f70 SHA1 of dc425e93e83fe02da9c76b56f6fd286eace282eaad6d8d497e17b3ec4059020a 2023-04-06
References (1)
↗ https://unit42.paloaltonetworks.com/new-babyshark-malware-targets-u-s-national-security-think-tanks/