IOC Radar
TLP:WHITE8 IOCs

Persistent Threats from the Kimsuky Group Using RDP Wrapper

BO
Botvrij.eu OSINT Feed
Published February 6, 2025Original Report

Diamond Model

SOCIAL AXISTECHNOLOGY AXISADVERSARYunknownINFRASTRUCTUREhttps://asec.ahnlab.c…216.219.87.4174.50.94.175CAPABILITYunknownVICTIMunknown
Adversary
Infrastructure(3)
Capability
Victim

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise8

TypeIndicatorConfidenceScoreFirst Seen
URLhttps://asec.ahnlab.com/en/86098/
loadermalwarenetwork
High
68
Jun 2, 26
MD52ea71ff410088bbe79f28e7588a6fb47
file-hashloadermalware
High
68
Jun 2, 26
MD526d96d40e4c8aed03d80740e1d5a4559
file-hashloadermalware
High
68
Jun 2, 26
MD53211ef223177310021e174c928f96bab
file-hashloadermalware
High
68
Jun 2, 26
IP216.219.87.41
loadermalwarenetwork
High
68
Jun 2, 26
MD55565b337bfba78970b73ae65b95f2c4f
file-hashloadermalware
High
68
Jun 2, 26
MD504e5f813da28b5975d0b6445f687bc48
file-hashloadermalware
High
68
Jun 2, 26
IP74.50.94.175
loadermalwarenetwork
High
68
Jun 2, 26

IOC Relationship Graph

IOC Relationship Graph8 total IOCs
URLMD5IP
MD55IP2URL1REPORTPersistent Threats from th
scroll to zoom · drag to pan · click IOC to open