ioc[.]one - OSINT Cyber Threat Intelligence Database

Rewterz Threat Alert – Lazarus Threat Actor Group Abuses Microsoft IIS Servers for Widespread Malware Distribution

Tags

country:	North Korea South Korea
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Malware - T1587.001 Malware - T1588.001 Multi-Factor Authentication - T1556.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vulnerabilities - T1588.006

Show in Graph

Common Information

Type	Value
UUID	6510b464-da44-4093-b8af-0eec55b78109
Fingerprint	a40019bdaf01644d
Analysis status	DONE
Considered CTI value	0
Text language
Published	July 25, 2023, 12:56 p.m.
Added to db	Aug. 1, 2023, 3:02 p.m.
Last updated	Dec. 20, 2024, 11:30 a.m.
Headline	Rewterz Threat Alert – Lazarus Threat Actor Group Abuses Microsoft IIS Servers for Widespread Malware Distribution
Title	Rewterz Threat Alert – Lazarus Threat Actor Group Abuses Microsoft IIS Servers for Widespread Malware Distribution
Detected Hints/Tags/Attributes	51/3/4

Source URLs

	Redirection	Url
Details	Source	https://www.rewterz.com/rewterz-news/rewterz-threat-alert-lazarus-threat-actor-group-abuses-microsoft-iis-servers-for-widespread-malware-distribution/

URL Provider

Details	Provider	Source level domain
Details	rewterz.com	www.rewterz.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	365	✔	—	https://www.rewterz.com/feed	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	CVE	7		cve-2023-22043
Details	File	21		scskapplink.dll
Details	File	5		usopriv.exe
Details	File	4		usoshared.dat