ioc[.]one - OSINT Cyber Threat Intelligence Database

2023-11-23 BEAVERTAIL and INVISIBLE_FERRET Lazarus Group Malware Samples

Tags

country:	North Korea
attack-pattern:	Javascript - T1059.007 Keylogging - T1056.001 Keylogging - T1417.001 Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Server - T1583.004 Server - T1584.004 Software - T1592.002

Show in Graph

Common Information

Type	Value
UUID	b4cef0d7-d960-42ff-ae6f-548d39a45adf
Fingerprint	5204d8b8957b7cb
Analysis status	DONE
Considered CTI value	2
Text language
Published	Sept. 12, 2024, 6:16 p.m.
Added to db	Sept. 12, 2024, 8:58 p.m.
Last updated	Nov. 12, 2024, 4:57 a.m.
Headline	2023-11-23 BEAVERTAIL and INVISIBLE_FERRET Lazarus Group Malware Samples
Title	2023-11-23 BEAVERTAIL and INVISIBLE_FERRET Lazarus Group Malware Samples
Detected Hints/Tags/Attributes	30/2/80

Source URLs

	Redirection	Url
Details	Source	https://malware.news/t/2023-11-23-beavertail-and-invisible-ferret-lazarus-group-malware-samples/86328

URL Provider

Details	Provider	Source level domain
Details	malware.news	malware.news

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	158	✔	Malware Analysis, News and Indicators - Latest topics	https://malware.news/latest.rss	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	1	v2.zip
Details	Domain	1	ico.zip
Details	Domain	1	arb.zip
Details	Domain	1	african-economy-main.zip
Details	Domain	1	solbots-template.zip
Details	Domain	1	9ae24a1912e4b0bab76ae97484b62ea22bdc27b7ea3e6472f18bf04ca66c87de.zip
Details	Domain	1	moonshield.zip
Details	Domain	1	rockblocks-main.zip
Details	Domain	1	dapp.zip
Details	Domain	1	0915.zip
Details	Domain	1	0913.zip
Details	Domain	36	contagiodump.blogspot.com
Details	Domain	19	contagiominidump.blogspot.com
Details	File	25	config.js
Details	File	25	server.js
Details	File	3	setup.js
Details	File	1	setuptests.js
Details	File	1	error.js
Details	File	16	test.js
Details	File	1	act.js
Details	File	1	servicechecker.js
Details	File	1	configurationr.js
Details	File	1	serviceworker.js
Details	File	1	v2.zip
Details	File	1	ico.zip
Details	File	1	arb.zip
Details	File	1	v2.rar
Details	File	1	african-economy-main.zip
Details	File	1	solbots-template.zip
Details	File	1	9ae24a1912e4b0bab76ae97484b62ea22bdc27b7ea3e6472f18bf04ca66c87de.zip
Details	File	1	moonshield.zip
Details	File	1	rockblocks-main.zip
Details	File	1	dapp.zip
Details	File	1	0915.zip
Details	File	1	0913.zip
Details	File	1	92aeea4c32013b935cd8550a082aff1014d0cd2c2b7d861b43a344de83b68129.js
Details	sha256	1	09a508e99b905330a3ebb7682c0dd5712e8eaa01a154b45a861ca12b6af29f86
Details	sha256	1	0ce264819c7af1c485878ce795fd4727952157af7ffdea5f78bfd5b9d7806db1
Details	sha256	1	1123fea9d3a52989ec34041f791045c216d19db69d71e62aa6b24a22d3278ef9
Details	sha256	1	121ca625f582add0527f888bb84b31920183e78c7476228091ff2199ec5d796b
Details	sha256	1	1b21556fc8ecb9f8169ba0482de857b1f8a5cb120b2f1ac7729febe76f1eea83
Details	sha256	1	1f9169492d18bffacebe951a22495d5dec81f35b0929da7783b5f094efef7b48
Details	sha256	1	2618a067e976f35f65aee95fecc9a8f52abea2fffd01e001f9865850435694cf
Details	sha256	1	40645f9052e03fed3a33a7e0f58bc2c263eeae02cbc855b9308511f5dc134797
Details	sha256	1	41a912d72ba9d5db95094be333f79b60cae943a2bd113e20cc171f86ebcb86cf
Details	sha256	1	4c465e6c8f43f7d13a1b887ff26d9a30f77cf65dd3b6f2e9f7fe36c8b6e83003
Details	sha256	1	4c605c6ef280b4ed5657fe97ba5b6106b10c4de02a40ae8c8907683129156efd
Details	sha256	1	6b3fce8f2dad7e803418edd8dfc807b0252705c11ec77114498b01766102e849
Details	sha256	1	700a582408cbda7ee79723b3969b8d10d67871ea31bb17c8ca3c0d94b481aa8c
Details	sha256	1	72ebfe69c69d2dd173bb92013ab44d895a3367f91f09e3f8d18acab44e37b26d
Details	sha256	1	75f9f99295f86de85a8a2e4d73ed569bdb14a56a33d8240c72084f11752b207e
Details	sha256	1	785f65f1853a08b0e86db5638fbd76e8cad5fe1359655716166a76035261c0be
Details	sha256	1	7b718a46ae4de09ed4f2513df6e989afe1fbb1a0f59511a4689fac5e1745547d
Details	sha256	1	7f8bb754f84a06b3e3617dd1138f07a918d11717cc63acaef8eb5c6d10101377
Details	sha256	1	845d7978682fa19161281a35b62f4c447c477082a765d6fedb219877d0c90f31
Details	sha256	1	9867f99a66e64f6bce0cfca18b124194a683b8e4cb0ced44f7cb09386e1b528d
Details	sha256	1	a2f8de3c5f5f6ecbf29c15afd43a7c13a5bf60023ecb371d39bcca6ceef1d2b7
Details	sha256	1	b833f40b2f3439f317cf95980b29bddd2245d2acc2d5c11e9690dd2fa4289585
Details	sha256	1	d8f065d264b1112d6ee3cf34979289e89d9dcb30d2a3bd78cc797a81d3d56f56
Details	sha256	1	de42155e14a3c9c4d919316d6ba830229533de5063fcd110f53e2395ef3aa77a
Details	sha256	1	fc9bb03998a89524ce5a0f859feb45806983aa4feb5f4d436107198ca869ff6f
Details	sha256	1	2d8a5b637a95de3b709780898b7c3957f93d72806e87302f50c40fe850471a44
Details	sha256	1	c5a73896dc628c23a0b6210f50019445e2b8bfc9770f4c81e1fed097f02dfade
Details	sha256	1	da6d9c837c7c2531f0dbb7ce92bfceba4a9979953b6d49ed0862551d4b465adc
Details	sha256	1	104926c2c937b4597ea3493bccb7683ae812ef3c62c93a8fb008cfd64e05df59
Details	sha256	1	12c0f44a931b9d0d74a2892565363bedfa13bec8e48ff5cd2352dec968f407ee
Details	sha256	1	592769457001374fac7a44379282ddf28c2219020c88150e32853f7517896c34
Details	sha256	1	61dff5cbad45b4fe0852ac95b96b62918742b9c90dd47c672cbe0d1dafccb6c5
Details	sha256	1	6465f7ddc9cf8ab6714cbbd49e1fd472e19818a0babbaf3764e96552e179c9af
Details	sha256	1	709820850127201a17caab273e01bb36ce185b4c4f68cd1099110bb193c84c42
Details	sha256	1	9ae24a1912e4b0bab76ae97484b62ea22bdc27b7ea3e6472f18bf04ca66c87de
Details	sha256	1	b5f151f0a4288e148fd10e19c78399f5b7bdff2ad66940fadd20d6eae4b7518b
Details	sha256	1	c8c11f9b308ea5983eebd8a414684021cc4cc1f67e7398ff967a18ae202fb457
Details	sha256	1	ceb59dbaf58a8de02f9d5e9b497321db0a19b7db4affd5b8d1a7e40d62775f96
Details	sha256	1	db6e75987cabdbfc21d0fdcb1cdae9887c492cab2b2ff1e529601a34a2abfd99
Details	sha256	1	e2a940c7d19409e960427749519dc02293abe58a1bef78404a8390f818e40d08
Details	sha256	1	ff620bd560485c13a58a0de941bd3e52943036e6a05306e928f7c626998822fb
Details	sha256	1	92aeea4c32013b935cd8550a082aff1014d0cd2c2b7d861b43a344de83b68129
Details	Threat Actor Identifier by Unit 42	11	CL-STA-0240
Details	Threat Actor Identifier by Unit 42	1	CL-STA-0241