← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Foreign interview referral impersonation Kim Suki attack found
WHITE Armature_TIP 2025-02-14 Modified: 2025-03-16
25
IOCs
MEDIUM VOLUME
Security Center (SC) has released an analysis of the Kimsuky cyber-attack using HWP and MSC malware, which it says was carried out by a group of Russian hackers, using malware designed to steal sensitive data.
createobjectkimsukyerror resumenexttrueplugxagendajunreutersbase64antimalwarefalsepandapowershellkorplugopendecoybabyshark
Indicators of Compromise (1 / 25 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain email hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA1 fc8d5e3ffc56198118b1d5155c9116a242008809 SHA1 of 5eae3d3b9aeeb0a4186ad3b68ff2da59 2025-02-14
References (1)
↗ https://www.genians.co.kr/blog/threat_intelligence/interview