← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Foreign interview referral impersonation Kim Suki attack found
WHITE Armature_TIP 2025-02-14 Modified: 2025-03-16
25
IOCs
MEDIUM VOLUME
Security Center (SC) has released an analysis of the Kimsuky cyber-attack using HWP and MSC malware, which it says was carried out by a group of Russian hackers, using malware designed to steal sensitive data.
createobjectkimsukyerror resumenexttrueplugxagendajunreutersbase64antimalwarefalsepandapowershellkorplugopendecoybabyshark
Indicators of Compromise (4 / 25 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain email hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 1cfef99f68b749d81736397e652c3d87 2025-02-14
FileHash-MD5 5eae3d3b9aeeb0a4186ad3b68ff2da59 2025-02-14
FileHash-MD5 9eb0b3e2f61ef255ef51ace86381a258 2025-02-14
FileHash-MD5 cb82751ae9f84709268fd5e5b135b74e 2025-02-14
References (1)
↗ https://www.genians.co.kr/blog/threat_intelligence/interview