찾아줄게요

KKK 파일은 무엇입니까?

• 안녕하세요. 제 컴퓨터에서 KKK라는 파일을 찾았는데 이것이 무엇인지 잘 모르겠습니다. 알려주시면 감사하겠습니다.

• KKK 파일은 JigSaw 암호화 파일 입니다. JigSaw에서 배포한 파일인 것으로 보입니다. 2017-10-20 05:04:58에 처음으로 보고되었으며 2017-10-20 05:04:58에 마지막으로 보고되었습니다.

• JigSaw 프로그램을 다운로드하여 KKK 파일을 열 수 있습니다.

• JigSaw 랜섬웨어 암호화 파일
  
  JigSaw ransomware encrypted file

• 시그니처 정보가 없습니다.

• 연관 링크 #1: 첨부된 링크가 없습니다.

• 연관 링크 #2: 첨부된 링크가 없습니다.

• [2021-06-28 22:49:17] @reecdeep #Malware #Raccon targets #Italy ???????? XLSX > #GuLoader > EXE https://app.any.run/tasks/57c0823d-885a-414b-9dc0-27fc9328f5b1 1⃣p://maizefucanism.hopto.org/new.exe 2⃣ps://drive.google.com/uc?export= download&id= 1V8t6cBYUxfu3nP2JKKKyCtxGO5SylImh 3⃣ps://tttttt.me/hapikmalabar ????c2: 34.141.128.39 #infosec #CyberSecurity https://twitter.com/reecdeep/status/1409539406415945735/photo/1

• [2021-05-20 21:19:40] @James_inthe_box Incoming #hancitor run. http://DENVERBANKRUPTCYLAW.COM sender. DocuSign subject. @google doc links: https://docs.google.com/document/d/e/2PACX-1vTXCHcpXv_Pfu-HyCMCqrlVFXJK4_xEj5CVVqjKkk-DHQZYDdMJ5ls5eWm-geGHNlLeA3hX1yUONJ_x/pub https://twitter.com/James_inthe_box/status/1395383727396515845/photo/1

• [2020-10-22 23:49:31] @ffforward Was weaponized for a little while earlier. just saw one mail. XLS: https://bazaar.abuse.ch/sample/9f02013549837f8dabe75cf353fe7eae347518905acd985584771eb307d3f1c3 DLL: https://bazaar.abuse.ch/sample/63c8c6ac173f3a20beaae72f96110c8defaa197c3a65b68e5562a0e588532b1f/ C2: /kochamkkkras.ru (same as yesterday but new IP 45.128.206.55) #Signed NOPVNXSIGTCRPCCRUA

• [2020-10-22 00:36:32] @ffforward Daily #zloader #sovietZloader. s/download24.top/download.php as seen yesterday. Subject: Your boss is going to be pissed off XLS: https://bazaar.abuse.ch/sample/8cd7e0f9850770e73e7b3e1f44b0276017a57a109f791056dfde75a4ed51ad2f/ DLL: https://bazaar.abuse.ch/sample/dbc2e7788019f8b0959377fa9e0f3d41d0db82445799721d1d77c583ac793e9a/ #Signed AHYKURGXLQFNQZUZJZ C2 /kochamkkkras.ru @Office365 w. @MSThreatProtect delivers to inbox. https://twitter.com/ffforward/status/1318969430932639744/photo/1

• [2020-10-21 03:12:37] @ffforward Daily #zloader #sovietZloader downloads from /download24.top/download.php. lure unknown. XLS: https://bazaar.abuse.ch/sample/2302f75d2a0891d3a7031ffb5eebee5f561d3998ce8e08fc4cea9fee8ba30fdd/ DLL: https://bazaar.abuse.ch/sample/44ede6e1b9be1c013f13d82645f7a9cff7d92b267778f19b46aa5c1f7fa3c10b/ New C2: http://kochamkkkras.ru #signed AHYKURGXLQFNQZUZJZ

• [2020-03-09 09:36:06] @58_158_177_102 日本語マルウェアメールの接到を確認しています。 #malspam in Japanese observed. #remcos Subject : DHL貨物配送 C2 : favournwa.ddns.net Sample : https://app.any.run/tasks/00c5eeea-f240-4a69-9e30-b68676cdd2d2 … https://tria.ge/reports/200309-nerxz72er2/behavioral1 … pic.twitter.com/kKK8edfEq5

• [2020-03-03 01:09:09] @wwp96 #Formbook @JAMESWT_MHT /www.quidoz.com /www.9227kkk.com /www.sellanews.com /www.gominou.com /www.woodruna.com /www.andlynweb.com /www.tributenora.com /www.casaboquete.com 7245db5b46a794874030c21c9055b59e 5a901aeebae809032680d4988c7139f1 https://app.any.run/tasks/2e634193-bacb-4c30-8258-eceff8534cdb …

• [2020-02-14 01:41:10] @wwp96 #Formbook @JAMESWT_MHT /www.drjaysarkar.com /www.9227kkk.com /www.trekofpersia.com /www.casestudysite.com /www.quidoz.com /www.andlynweb.com /www.2ipc.com /www.birlikcevre.com 13e074d41dc67a62047b0a9bd595a7c2 1053dd25ae62da9aa0c8c1fa4e43c3e6 https://app.any.run/tasks/45a5b65a-f07c-4ef8-9c40-def8343d40c2 …

• [2020-01-30 20:00:04] @500mk500 https://www.virustotal.com/gui/ip-address/94.140.114.181/relations … askkkkkkassaa.xyz danmikolls.xyz duiioosoiis.xyz faniposlskd.xyz ferilppdslos.xyz findfilius.xyz mantropoliops.xyz miiiiisdkkkksd.xyz panikolsos.xyz prontosloshop.xyz vitruuusd.xyz

• [2020-01-23 16:37:33] @reecdeep #brushaloader #malware from #maldoc #PowerPoint targets #Italia hxxps://kamasutraladies.com/faktura.zip POST to askkkkkkassaa.xyz @JAMESWT_MHT @matte_lodi @James_inthe_box @malwrhunterteam @merlos1977 @VK_Intel #DFIR #infosec #cybersecurity #ThreatIntel #threathunting pic.twitter.com/QtaLrhgsTt

• 보이스피싱, 불법촬영물, 랜섬웨어, 사이버 안보위협 등에 관련된 사안의 경우 다음과 같은 기관 및 단체의 도움을 받을 수 있습니다. 노모어랜섬(No More Ransom) 경찰청 사이버범죄 신고시스템 국가정보원 민원센터