{
  "metadata": {
    "generator": "Bulwark Black IOC Extractor",
    "source": "https://bulwarkblack.com/apt37-ruby-jumper-campaign-north-korean-hackers-deploy-malware-arsenal-to-bridge-air-gapped-networks/",
    "fang": "live",
    "exported_at": "2026-07-15T22:30:10Z",
    "total": 23,
    "categories": 4
  },
  "iocs": {
    "IPv4": [
      "144.172.106.66"
    ],
    "Domains": [
      "hightkdhe.store",
      "homeatedke.store",
      "philion.store",
      "www.hightkdhe.store",
      "www.homeatedke.store",
      "www.philion.store"
    ],
    "URLs": [
      "hightkdhe.store",
      "hightkdhe.store/star/main.php",
      "homeatedke.store/star/main.php",
      "https://www.hightkdhe.store/star/main.php",
      "https://www.homeatedke.store/star/main.php",
      "https://www.philion.store/star/main.php",
      "philion.store/star/main.php"
    ],
    "md5": [
      "098d697f29b94c11b52c51bfe8f9c47d",
      "4214818d7cde26ebeb4f35bc2fc29ada",
      "476bce9b9a387c5f39461d781e7e22b9",
      "57dac5f7d21da2454d0fbefdced80bf3",
      "585322a931a49f4e1d78fb0b3f3c6212",
      "5c6ff601ccc75e76c2fc99808d8cc9a9",
      "709d70239f1e9441e8e21fcacfdc5d08",
      "ad556f4eb48e7dba6da14444dcce3170",
      "ed54cf1ebffbfc1c8ae1ccdd2c681012"
    ]
  }
}