← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
3CX DesktopApp Supply Chain Attack Also Detected in Korea - ASEC BLOG
A supply chain attack through 3CX DesktopApp has been detected in North Korea, and this post will provide an analysis of the malware used in the attacks and their infection in Korea. and other countries.
MITRE ATT&CK & Malware Families
Indicators of Compromise (80)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| URL | https://raw.githubusercontent.com/IconStorages/images/main/icon[숫자].ico | — | 2023-04-10 | |
| URL | https://raw.githubusercontent.com/IconStorages/images/main/icon[Number].ico | — | 2023-04-10 | |
| URL | https://msedgepackageinfo.com/microsoft-edge | — | 2023-04-10 | |
| URL | https://officeaddons.com/technologies | — | 2023-04-10 | |
| CVE | CVE-2023-29059 | — | 2023-04-10 | |
| FileHash-MD5 | 0eeb1c0133eb4d571178b2d9d14ce3e9 | MD5 of 59e1edf4d82fae4978e97512b0331b7eb21dd4b838b850ba46794d9c7a2c0983 | 2023-04-10 | |
| FileHash-MD5 | 27b134af30f4a86f177db2f2555fe01d | MD5 of c485674ee63ec8d4e8fde9800788175a8b02d3f9416d0e763360fff7f8eb4e02 | 2023-04-10 | |
| FileHash-MD5 | 2fdf61fdfd649f8bbf5730307a0ab5d1 | MD5 of fee4f9dabc094df24d83ec1a8c4e4ff573e5d9973caa676f58086c99561382d7 | 2023-04-10 | |
| FileHash-MD5 | 5729fb29e3a7a90d2528e3357bd15a4b | MD5 of 5407cda7d3a75e7b1e030b1f33337a56f293578ffa8b3ae19c671051ed314290 | 2023-04-10 | |
| FileHash-MD5 | 6426fe4dc604c7f1784ed1d48ab4ffc8 | MD5 of aa4e398b3bd8645016d8090ffc77d15f926a8e69258642191deb4e68688ff973 | 2023-04-10 | |
| FileHash-MD5 | 660ea9b8205fbd2da59fefd26ae5115c | MD5 of a64fa9f1c76457ecc58402142a8728ce34ccba378c17318b3340083eeb7acc67 | 2023-04-10 | |
| FileHash-MD5 | 74bc2d0b6680faa1a5a76b27e5479cbc | MD5 of 7986bbaee8940da11ce089383521ab420c443ab7b15ed42aed91fd31ce833896 | 2023-04-10 | |
| FileHash-MD5 | 7faea2b01796b80d180399040bb69835 | MD5 of 8ab3a5eaaf8c296080fadf56b265194681d7da5da7c02562953a4cb60e147423 | 2023-04-10 | |
| FileHash-MD5 | 82187ad3f0c6c225e2fba0c867280cc9 | MD5 of 11be1803e2e307b647a8a7e02d128335c448ff741bf06bf52b332e0bbf423b03 | 2023-04-10 | |
| FileHash-MD5 | f3d4144860ca10ba60f7ef4d176cc736 | MD5 of aa124a4b4df12b34e74ee7f6c683b2ebec4ce9a8edcf9be345823b4fdcf5d868 | 2023-04-10 | |
| FileHash-SHA1 | 188754814b37927badc988b45b7c7f7d6b4c8dd3 | SHA1 of c485674ee63ec8d4e8fde9800788175a8b02d3f9416d0e763360fff7f8eb4e02 | 2023-04-10 | |
| FileHash-SHA1 | 19f4036f5cd91c5fc411afc4359e32f90caddaac | SHA1 of 5407cda7d3a75e7b1e030b1f33337a56f293578ffa8b3ae19c671051ed314290 | 2023-04-10 | |
| FileHash-SHA1 | 20d554a80d759c50d6537dd7097fed84dd258b3e | SHA1 of 11be1803e2e307b647a8a7e02d128335c448ff741bf06bf52b332e0bbf423b03 | 2023-04-10 | |
| FileHash-SHA1 | 3b3e778b647371262120a523eb873c20bb82beaf | SHA1 of 8ab3a5eaaf8c296080fadf56b265194681d7da5da7c02562953a4cb60e147423 | 2023-04-10 | |
| FileHash-SHA1 | 3b88cda62cdd918b62ef5aa8c5a73a46f176d18b | SHA1 of aa4e398b3bd8645016d8090ffc77d15f926a8e69258642191deb4e68688ff973 | 2023-04-10 | |
| FileHash-SHA1 | 769383fc65d1386dd141c960c9970114547da0c2 | SHA1 of a64fa9f1c76457ecc58402142a8728ce34ccba378c17318b3340083eeb7acc67 | 2023-04-10 | |
| FileHash-SHA1 | b2a89eebb5be61939f5458a024c929b169b4dc85 | SHA1 of fee4f9dabc094df24d83ec1a8c4e4ff573e5d9973caa676f58086c99561382d7 | 2023-04-10 | |
| FileHash-SHA1 | bea77d1e59cf18dce22ad9a2fad52948fd7a9efa | SHA1 of aa124a4b4df12b34e74ee7f6c683b2ebec4ce9a8edcf9be345823b4fdcf5d868 | 2023-04-10 | |
| FileHash-SHA1 | bf939c9c261d27ee7bb92325cc588624fca75429 | SHA1 of 7986bbaee8940da11ce089383521ab420c443ab7b15ed42aed91fd31ce833896 | 2023-04-10 | |
| FileHash-SHA1 | bfecb8ce89a312d2ef4afc64a63847ae11c6f69e | SHA1 of 59e1edf4d82fae4978e97512b0331b7eb21dd4b838b850ba46794d9c7a2c0983 | 2023-04-10 | |
| FileHash-SHA256 | 11be1803e2e307b647a8a7e02d128335c448ff741bf06bf52b332e0bbf423b03 | — | 2023-04-10 | |
| FileHash-SHA256 | 5009c7d1590c1f8c05827122172583ddf924c53b55a46826abf66da46725505a | — | 2023-04-10 | |
| FileHash-SHA256 | 5407cda7d3a75e7b1e030b1f33337a56f293578ffa8b3ae19c671051ed314290 | — | 2023-04-10 | |
| FileHash-SHA256 | 59e1edf4d82fae4978e97512b0331b7eb21dd4b838b850ba46794d9c7a2c0983 | — | 2023-04-10 | |
| FileHash-SHA256 | 7986bbaee8940da11ce089383521ab420c443ab7b15ed42aed91fd31ce833896 | — | 2023-04-10 | |
| FileHash-SHA256 | 87c5d0c93b80acf61d24e7aaf0faae231ab507ca45483ad3d441b5d1acebc43c | — | 2023-04-10 | |
| FileHash-SHA256 | 8ab3a5eaaf8c296080fadf56b265194681d7da5da7c02562953a4cb60e147423 | — | 2023-04-10 | |
| FileHash-SHA256 | a64fa9f1c76457ecc58402142a8728ce34ccba378c17318b3340083eeb7acc67 | — | 2023-04-10 | |
| FileHash-SHA256 | aa124a4b4df12b34e74ee7f6c683b2ebec4ce9a8edcf9be345823b4fdcf5d868 | — | 2023-04-10 | |
| FileHash-SHA256 | aa4e398b3bd8645016d8090ffc77d15f926a8e69258642191deb4e68688ff973 | — | 2023-04-10 | |
| FileHash-SHA256 | c485674ee63ec8d4e8fde9800788175a8b02d3f9416d0e763360fff7f8eb4e02 | — | 2023-04-10 | |
| FileHash-SHA256 | e6bbc33815b9f20b0cf832d7401dd893fbc467c800728b5891336706da0dbcec | — | 2023-04-10 | |
| FileHash-SHA256 | fee4f9dabc094df24d83ec1a8c4e4ff573e5d9973caa676f58086c99561382d7 | — | 2023-04-10 | |
| URL | http://akamaitechcloudservices.com/v2/fileapi | — | 2023-04-10 | |
| URL | http://azuredeploystore.com/cloud/images | — | 2023-04-10 | |
| URL | http://azureonlinestorage.com/google/storage | — | 2023-04-10 | |
| URL | http://glcloudservice.com/v1/status | — | 2023-04-10 | |
| URL | http://msedgepackageinfo.com/ms-webview | — | 2023-04-10 | |
| URL | http://msstorageazure.com/analysis | — | 2023-04-10 | |
| URL | http://msstorageboxes.com/xbox | — | 2023-04-10 | |
| URL | http://officeaddons.com/quality | — | 2023-04-10 | |
| URL | http://officestoragebox.com/api/biosync | — | 2023-04-10 | |
| URL | http://pbxcloudeservices.com/network | — | 2023-04-10 | |
| URL | http://pbxphonenetwork.com/phone | — | 2023-04-10 | |
| URL | http://pbxsources.com/queue | — | 2023-04-10 | |
| URL | http://sourceslabs.com/status | — | 2023-04-10 | |
| URL | http://visualstudiofactory.com/groupcore | — | 2023-04-10 | |
| URL | http://zacharryblogs.com/xmlquery | — | 2023-04-10 | |
| URL | https://akamaitechcloudservices.com/v2/storage | — | 2023-04-10 | |
| URL | https://azuredeploystore.com/cloud/services | — | 2023-04-10 | |
| URL | https://azureonlinestorage.com/azure/storage | — | 2023-04-10 | |
| URL | https://glcloudservice.com/v1/console | — | 2023-04-10 | |
| URL | https://msstorageazure.com/window | — | 2023-04-10 | |
| URL | https://msstorageboxes.com/office | — | 2023-04-10 | |
| URL | https://officestoragebox.com/api/session | — | 2023-04-10 | |
| URL | https://pbxcloudeservices.com/phonesystem | — | 2023-04-10 | |
| URL | https://pbxsources.com/exchange | — | 2023-04-10 | |
| URL | https://sourceslabs.com/downloads | — | 2023-04-10 | |
| URL | https://visualstudiofactory.com/workload | — | 2023-04-10 | |
| URL | https://zacharryblogs.com/feed | — | 2023-04-10 | |
| domain | akamaitechcloudservices.com | — | 2023-04-10 | |
| domain | azuredeploystore.com | — | 2023-04-10 | |
| domain | azureonlinestorage.com | — | 2023-04-10 | |
| domain | glcloudservice.com | — | 2023-04-10 | |
| domain | msedgepackageinfo.com | — | 2023-04-10 | |
| domain | msstorageazure.com | — | 2023-04-10 | |
| domain | msstorageboxes.com | — | 2023-04-10 | |
| domain | officeaddons.com | — | 2023-04-10 | |
| domain | officestoragebox.com | — | 2023-04-10 | |
| domain | pbxcloudeservices.com | — | 2023-04-10 | |
| domain | pbxphonenetwork.com | — | 2023-04-10 | |
| domain | pbxsources.com | — | 2023-04-10 | |
| domain | sourceslabs.com | — | 2023-04-10 | |
| domain | visualstudiofactory.com | — | 2023-04-10 | |
| domain | zacharryblogs.com | — | 2023-04-10 |
References (1)