[VB2021 페이퍼 한글 번역본] Multi-universe of adversary: Multiple campaigns of Lazarus group and its connect
Tags
| country: | South Korea |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 |
Common Information
| Type | Value |
|---|---|
| UUID | 86c91b8f-04c0-4ccc-961d-a68ec33e48b3 |
| Fingerprint | 11addf7269a81a12 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Nov. 4, 2021, 12:51 p.m. |
| Added to db | Jan. 30, 2023, 4:35 p.m. |
| Last updated | Nov. 17, 2024, 5:57 p.m. |
| Headline | [VB2021 페이퍼 한글 번역본] Multi-universe of adversary: Multiple campaigns of Lazarus group and its connect |
| Title | [VB2021 페이퍼 한글 번역본] Multi-universe of adversary: Multiple campaigns of Lazarus group and its connect |
| Detected Hints/Tags/Attributes | 27/3/42 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 2 | operationblockbuster.com |
|
| Details | Domain | 403 | securelist.com |
|
| Details | Domain | 262 | www.welivesecurity.com |
|
| Details | Domain | 55 | blog.google |
|
| Details | Domain | 57 | www.clearskysec.com |
|
| Details | Domain | 71 | blogs.jpcert.or.jp |
|
| Details | Domain | 9 | www.krcert.or.kr |
|
| Details | Domain | 4 | reportview.do |
|
| Details | File | 2 | lazarus_malware2.html |
|
| Details | md5 | 2 | 0bdb652bbe15942e866083f29fb6dd62 |
|
| Details | md5 | 2 | bbbcf6da5a4c352e8846bf91c3358d5c |
|
| Details | md5 | 2 | d7089e6bc8bd137a7241a7ad297f975d |
|
| Details | md5 | 1 | 69da2c56a56fecb981e326cb6ea42704 |
|
| Details | md5 | 2 | c34d5d2cc857b6ee9038d8bb107800f1 |
|
| Details | md5 | 1 | e441f021b1c8a3d481be0a5312378d6f |
|
| Details | md5 | 1 | 4c1d8c4142f2a260f69ec8d597ba51fa |
|
| Details | md5 | 1 | 140a5572e0171cfe393321017b9cdee9 |
|
| Details | md5 | 1 | c04e50275ab9c4b22f39bcd61db0da76 |
|
| Details | md5 | 2 | d1c652b4192857cb08907f0ba1790976 |
|
| Details | md5 | 1 | 7228705813d5bc6c6a62fc53ac019344 |
|
| Details | md5 | 1 | 3d0355ff78dcc979b3f83a679b6ba794 |
|
| Details | md5 | 1 | 74b16e70e721cdb6cd04fc8220c93dd2 |
|
| Details | md5 | 1 | ddf6bd6ad5e40b236492d06e40d197ca |
|
| Details | md5 | 1 | 06adca7a28b6d1d983912f7f544ee413 |
|
| Details | md5 | 1 | d59a0a04abcb38fdb391a09972aa3ff4 |
|
| Details | md5 | 1 | b8df94ce84201b17684e0d368ed38024 |
|
| Details | md5 | 1 | 05ae0af44b62f4df432b281809e90f67 |
|
| Details | md5 | 2 | 859e7e9a11b37d355955f85b9a305fec |
|
| Details | md5 | 2 | 7b068dfbea310962361abf4723332b3a |
|
| Details | md5 | 2 | da50a7a05abffb806f4a60c461521f41 |
|
| Details | md5 | 2 | ec05817e19039c2f6cc2c021e2ea0016 |
|
| Details | Url | 1 | https://operationblockbuster.com |
|
| Details | Url | 5 | https://securelist.com/operation-applejeus/87553 |
|
| Details | Url | 2 | https://securelist.com/operation-applejeus-sequel/95596 |
|
| Details | Url | 1 | https://securelist.com/mata-multi-platform-targeted-malware-framework/97746 |
|
| Details | Url | 2 | https://securelist.com/lazarus-threatneedle/100803 |
|
| Details | Url | 2 | https://securelist.com/lazarus-covets-covid-19-related-intelligence/99906 |
|
| Details | Url | 2 | https://www.welivesecurity.com/2020/11/16/lazarus-supply-chain-attack-south-korea |
|
| Details | Url | 5 | https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers |
|
| Details | Url | 1 | https://www.clearskysec.com/operation-dream-job |
|
| Details | Url | 1 | https://blogs.jpcert.or.jp/en/2021/01/lazarus_malware2.html |
|
| Details | Url | 1 | https://www.krcert.or.kr/data/reportview.do?bulletin_writing_sequence=35330 |