Skip to content

Latest commit

 

History

History

lazarus

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
3CXSupplyChain
3CXSupplyChain
 
 
MATA
MATA
 
 
fudmodule
fudmodule
 
 
sample
sample
 
 
20231013_Lazarus_OP.Dream_Magic.pdf
20231013_Lazarus_OP.Dream_Magic.pdf
 
 
2024-10-14 Lazarus InvisibleFerret.pdf
2024-10-14 Lazarus InvisibleFerret.pdf
 
 
C2_Communication_of_ThreatNeedle.pdf
C2_Communication_of_ThreatNeedle.pdf
 
 
CryptoCore-Lazarus-Clearsky.pdf
CryptoCore-Lazarus-Clearsky.pdf
 
 
Dream-Job-Campaign.pdf
Dream-Job-Campaign.pdf
 
 
Dtrack RAT.zip
Dtrack RAT.zip
 
 
Lazarus Group Recruitment_ Threat Hunters vs Head Hunters.pdf
Lazarus Group Recruitment_ Threat Hunters vs Head Hunters.pdf
 
 
Operation-Blockbuster-Report.pdf
Operation-Blockbuster-Report.pdf
 
 
README.MD
README.MD
 
 
The Nightmare of Global Cryptocurrency Companies DangerousPassword of the APT Organization.pdf
The Nightmare of Global Cryptocurrency Companies DangerousPassword of the APT Organization.pdf
 
 
The_Lazarus_Constellation.pdf
The_Lazarus_Constellation.pdf
 
 
WithSecure-Lazarus-No-Pineapple-Threat-Intelligence-Report-2023.pdf
WithSecure-Lazarus-No-Pineapple-Threat-Intelligence-Report-2023.pdf
 
 
kaspersky-ics-cert-lazarus-targets-defense-industry-with-threatneedle-en-20210225.pdf
kaspersky-ics-cert-lazarus-targets-defense-industry-with-threatneedle-en-20210225.pdf
 
 
lazarus-powershell.zip
lazarus-powershell.zip
 
 
lazarus-threat-intel-report2.pdf
lazarus-threat-intel-report2.pdf
 
 
multiple campaigns of the Lazarus group and their connections.pdf
multiple campaigns of the Lazarus group and their connections.pdf
 
 
uscert.txt
uscert.txt
 
 

README.MD

Summary Report

2023.10.16

Analysis Report on Lazarus Threat Group’s Volgmer and Scout Malwares

https://asec.ahnlab.com/en/57685/

2023.8.15

Lazarus Group Launches First Open Source Supply Chain Attacks Targeting Crypto Sector.

https://twitter.com/blackorbird/status/1691345881310928896

2023.5.12

Attack Trends Related to DangerousPassword

https://blogs.jpcert.or.jp/en/2023/05/dangerouspassword.html

2022.12

BlueNoroff introduces new methods bypassing MoTW

https://securelist.com/bluenoroff-methods-bypass-motw/108383/

2021.11

https://twitter.com/ESETresearch/status/1458438155149922312

A8EF73CC67C794D5AA860538D66898868EE0BEC0

DE0E23DB04A7A780A640C656293336F80040F387

2021.4

https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/lazarus-recruitment/

2021.Security Researcher

https://blog.google/threat-analysis-group/update-campaign-targeting-security-researchers/

https://enki.co.kr/blog/2021/02/04/ie_0day.html

https://www.microsoft.com/security/blog/2021/01/28/zinc-attacks-against-security-researchers/

https://medium.com/s2wlab/analysis-of-threatneedle-c-c-communication-feat-google-tag-warning-to-researchers-782aa51cf74

https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers/

https://mp.weixin.qq.com/s/W-C_tKVnXco8C3ctgAjoNQ

https://mp.weixin.qq.com/s/UBD0hyXUooYuDrpsz8-MtQ

2019.09.24

Dtrack RAT

sample password:infected

https://securelist.com/my-name-is-dtrack/93338/

8f360227e7ee415ff509c2e443370e56

3a3bad366916aa3198fd1f76f3c29f24

F84de0a584ae7e02fb0ffe679f96db8d

2019.09.23

related

https://twitter.com/cyberwar_15/status/1175940165425958912

sample password:infected

#Lazarus #Powershell

92.222.106[.]229

158.69.57[.]135

79d09d46fd66085587afca579557bc89

50ca734bfba54ed33af469537b5e22c1

17f0f148f53968effcb42230518aeb67

8b51170fc6ecbea6b8496c8a8a8e4f1a