← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
New BabyShark Malware Targets U.S. National Security Think Tanks
WHITE CyberHunter_NL 2023-04-06 Modified: 2023-04-06
49
IOCs
MEDIUM VOLUME
A North Korean threat actor is believed to be targeting a US national security think tank, according to researchers at Palo Alto Networks, who identified a new family of malware called "BabyShark’s".
babysharkkimjongratstolen pencilnovemberpalo altonorth koreanortheast asiac2 serverappdatadecoy filenamedatealliancefebruaryshellwildfire
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
STOLEN PENCIL KimJongRAT BabyShark
Indicators of Compromise (3 / 49 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain
TYPEINDICATORDESCRIPTIONCREATED
URL https://tdalpacafarm.com/files/kr/contents/Usoro.hta 2023-04-06
URL https://tdalpacafarm.com/files/kr/contents/Vkggy0.hta 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5 2023-04-06
URL https://tdalpacafarm.com/files/kr/contents/upload.php' 2023-04-06
References (1)
↗ https://unit42.paloaltonetworks.com/new-babyshark-malware-targets-u-s-national-security-think-tanks/