← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Threat Assessment: North Korean Threat Groups
WHITE Various North Korean groups under the Reconnaissance General Bureau AlienVault 2024-09-10 Modified: 2024-10-10
98
IOCs
HIGH VOLUME
This assessment evaluates several North Korean threat groups operating under the Reconnaissance General Bureau. It describes their organizational structure, objectives, and the diverse malware families employed in their recent campaigns targeting various industries worldwide. The analysis covers 10 malware samples across Windows, macOS, and Linux systems, providing technical insights into their functionality and Palo Alto Networks Cortex XDR's capability to detect and mitigate these threats.
comebackercollectionratnorthkoreamalwarefullhouseespionagepoolratratscybercrimeodicloaderrustbucketobjcshellzkandykornpondratsmoothoperator
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
RustBucket KANDYKORN SmoothOperator ObjCShellz Fullhouse POOLRAT PondRAT OdicLoader Comebacker CollectionRAT
Indicators of Compromise (23 / 98 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 05957d98a75c04597649295dc846682d 2024-09-10
FileHash-MD5 17ab2927a235a0b98480945285767bcf 2024-09-10
FileHash-MD5 1fddf14984c6b57358401a4587e7b950 2024-09-10
FileHash-MD5 2fdf61fdfd649f8bbf5730307a0ab5d1 2024-09-10
FileHash-MD5 33c9a47debdb07824c6c51e13740bdfe 2024-09-10
FileHash-MD5 3cf7232e5185109321921046d039cf10 2024-09-10
FileHash-MD5 451c23709ecd5a8461ad060f6346930c 2024-09-10
FileHash-MD5 470275eaf344be97f9950c4c42a783ef 2024-09-10
FileHash-MD5 4745f0dbe50ba732cffb72c3cb62e51a 2024-09-10
FileHash-MD5 5499878e25b23aec7700c756bbcd56c4 2024-09-10
FileHash-MD5 5ee33bf8d8834370daa5b70db373024a 2024-09-10
FileHash-MD5 5faf36ca90f6406a78124f538a03387a 2024-09-10
FileHash-MD5 660ea9b8205fbd2da59fefd26ae5115c 2024-09-10
FileHash-MD5 6f2f61783a4a59449db4ba37211fa331 2024-09-10
FileHash-MD5 791167f905e248b7aef5b5f28d939516 2024-09-10
FileHash-MD5 9294648d744703cfa0456ec74d014fe4 2024-09-10
FileHash-MD5 973225dc83f568ef6208d49fe2648fc0 2024-09-10
FileHash-MD5 9ca5df575e5bd60035202dabd67b7af2 2024-09-10
FileHash-MD5 b62c912de846e743effdf7e5654a7605 2024-09-10
FileHash-MD5 c90d094a8fbeaa8a0083c7372bfc1897 2024-09-10
FileHash-MD5 d8011dcca570689d72064b156647fa82 2024-09-10
FileHash-MD5 f44bc360b07800a4746511aecf5e3f3d 2024-09-10
FileHash-MD5 f50c83a4147b86cdb20cc1fbae458865 2024-09-10
References (1)
↗ https://unit42.paloaltonetworks.com/threat-assessment-north-korean-threat-groups-2024/