Threat Assessment: North Korean Threat Groups
Sept. 10, 2024, 8:56 a.m.
Description
This assessment evaluates several North Korean threat groups operating under the Reconnaissance General Bureau. It describes their organizational structure, objectives, and the diverse malware families employed in their recent campaigns targeting various industries worldwide. The analysis covers 10 malware samples across Windows, macOS, and Linux systems, providing technical insights into their functionality and Palo Alto Networks Cortex XDR's capability to detect and mitigate these threats.
Tags
Date
- Created: Sept. 10, 2024, 8:23 a.m.
- Published: Sept. 10, 2024, 8:23 a.m.
- Modified: Sept. 10, 2024, 8:56 a.m.
Indicators
- fee4f9dabc094df24d83ec1a8c4e4ff573e5d9973caa676f58086c99561382d7
- f3b0da965a4050ab00fce727bb31e0f889a9c05d68d777a8068cfc15a71d3703
- f1713afaf5958bdf3e975ebbab8245a98a84e03f8ce52175ef1568de208116e0
- d8565d58ad8e4f5558b5cd70df0ad12be9cf44e32ad07aaac6f65b816edbf414
- cbf4cfa2d3c3fb04fe349161e051a8cf9b6a29f8af0c3d93db953e5b5dc39c86
- c83c7b000a955f2b8cb92bb112ed606ffd9fbebbe3422f80d90d06b167f2f37b
- c6a48365c3db9761bd60981bdcdd87aced23d8e60067caa30fee501bf4b47b84
- bfd74b4a1b413fa785a49ca4a9c0594441a3e01983fc7f86125376fdbd4acf6b
- bce1eb513aaac344b5b8f7a9ba9c9e36fc89926d327ee5cc095fb4a895a12f80
- a03d13c9825e150810e6e6aaf053d71ec5a53b86581414dd982a74d4a8bc5475
- 99dbc6fe3c3e465052fcefa1642861747dc9e069eeb244589b605bd710b1e0d1
- 91eaf215be336eae983d069de16630cc3580e222c427f785e0da312d0692d0fd
- 87c5d0c93b80acf61d24e7aaf0faae231ab507ca45483ad3d441b5d1acebc43c
- 7667d1b8fcc4f712084e3e3f8b4ab505ab150c52aea7b219249ec508b4b0e224
- 689cfaa9319f3f7529a31472ecf6b2e0ca6891b736de009e0b6c2ebac958cc94
- 5e40d106977017b1ed235419b1e59ff090e1f43ac57da1bb5d80d66ae53b1df8
- 5c907b722c53a5be256dc5f96b755bc9e0b032cc30973a52d984d4174bace456
- 5009c7d1590c1f8c05827122172583ddf924c53b55a46826abf66da46725505a
- 492a643bd1efdaca4ca125ade1b606e7bbf00e995ac9115ac84d1c4c59cb66dd
- 479038eb12ed07893ee0dcc04fbdcf182489bbb271f5a4f90f83874881a80ce3
- 3c8dbfcbb4fccbaf924f9a650a04cb4715f4a58d51ef49cc75bfcef0ac258a3e
- 2546d239a262c24a6f8ea01d890cbc459a22db79b379b6ec3b24fbb56efb5381
- 15d53bb839e00405a34a8b690ec181f5555fc4f891b8248ae7fa72bad28315a9
- 0b5db31e47b0dccfdec46e74c0e70c6a1684768dbacc9eacbb4fd2ef851994c7
- 081804b491c70bfa63ecdbe9fd4618d3570706ad8b71dba13e234069648e5e48
- 973f7939ea03fd2c9663dafc21bb968f56ed1b9a56b0284acf73c3ee141c053c
- 63fb47c3b4693409ebadf8a5179141af5cf45a46d1e98e5f763ca0d7d64fb17c
- 8bfa4fe0534c0062393b6a2597c3491f7df3bf2eabfe06544c53bdf1f38db6d4
- c7f4aa77be7f7afe9d0665d3e705dbf7794bc479bb9c44488c7bf4169f8d14fe
- c9a7b42c7b29ca948160f95f017e9e9ae781f3b981ecf6edbac943e52c63ffc8
- 2360a69e5fd7217e977123c81d3dbb60bf4763a9dae6949bc1900234f7762df1
- 3ea2ead8f3cec030906dcbffe3efd5c5d77d5d375d4a54cca03bfe8a6cb59940
- 927b3564c1cf884d2a05e1d7bd24362ce8563a1e9b85be776190ab7f8af192f6
- 6c121f2b2efa6592c2c22b29218157ec9e63f385e7a1d7425857d603ddef8c59
- db6a9934570fa98a93a979e7e0e218e0c9710e5a787b18c6948f2eedd9338984
- e6bbc33815b9f20b0cf832d7401dd893fbc467c800728b5891336706da0dbcec
- a64fa9f1c76457ecc58402142a8728ce34ccba378c17318b3340083eeb7acc67
- 88.119.174.148
- 38.132.124.88
- 23.254.226.90
- 23.227.202.54
- 198.244.135.250
- 146.19.173.125
- www.talesseries.com
- http://www.talesseries.com/write.php
- http://rgedist.com/sfxl.php
- rgedist.com
- rentedpushy.com
- relysudden.com
- prontoposer.com
- rebelthumb.net
- levelframeblog.com
- globalkeystroke.com
- contortonset.com
- basketsalute.com
- airbseeker.com
- jdkgradle.com
- swissborg.blog