Medium
IconDown Downloader used by Attack Group BlackTech targeting different Japanese organizations. Although it has not been confirmed by what means IconDown is installed / executed, according to the blog published by ESET, it has been confirmed that the update function of ASUS WebStorage is exploited. It is said that. This time, details of IconDown confirmed in the Japanese organization.
Domain Name
panasocin[.]com
Hostname
update[.]panasocin[.]com
SHA256