ioc[.]one - OSINT Cyber Threat Intelligence Database

Lazarus APT uses fake cryptocurrency apps to spread AppleJeus Malware

Tags

cmtmf-attack-pattern:	Masquerading
country:	North Korea
attack-pattern:	Dll Side-Loading - T1574.002 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Dll Side-Loading - T1073 Masquerading - T1036 Masquerading

Show in Graph

Common Information

Type	Value
UUID	0d68b520-cdea-4421-a1a8-1d401d4f54bf
Fingerprint	c82599194baa0932
Analysis status	DONE
Considered CTI value	1
Text language
Published	Dec. 5, 2022, 6:40 a.m.
Added to db	Oct. 24, 2023, 1:34 p.m.
Last updated	Oct. 6, 2024, 9:16 p.m.
Headline	UNKNOWN
Title	Lazarus APT uses fake cryptocurrency apps to spread AppleJeus Malware
Detected Hints/Tags/Attributes	26/3/9

Source URLs

	Redirection	Url
Details	Source	https://securityaffairs.co/139290/apt/lazarus-apt-bloxholder-campaign.html
Details	Redirection	https://securityaffairs.co/wordpress/139290/apt/lazarus-apt-bloxholder-campaign.html

URL Provider

Details	Provider	Source level domain
Details	securityaffairs.co	securityaffairs.co

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	8		bloxholder.com
Details	Domain	2		haasonline.com
Details	File	7		comparision.xls
Details	File	15		background.png
Details	File	6		logagent.exe
Details	File	31		wsock32.dll
Details	File	4		hijackinglib.dll
Details	md5	2		eb1e19613a6a260ddd0ae9224178355b
Details	md5	2		e66bc1e91f1a214d098cf44ddb1ae91a