A forum for reverse engineering, OS internals and malware analysis 

Forum for completed malware requests.
 #32247  by r0ny
 Mon Nov 12, 2018 2:13 pm
A hacker group likely supported by North Korea has launched an advanced persistent threat (APT) attack by inserting malicious code in a popular South Korean security program. APT attacks are typically characterized by being sophisticated, long-term attacks aimed at monitoring information and stealing data rather than immediately causing damage to a network or organization.

ref:http://blog.alyac.co.kr/m/1963

IOCs:
Code: Select all
08ba6fe2e325cc73dc9431d26ed2249c
85df8b5d94b71cb7490f8f125cdf9293
d0f6e169bf60797466bbb8cc069effcf
3eee8d2ed3601756839e090d851b6250