IoCs - DPRK Threat Intelligence | lazarus.day

IoCs

210 IoCs

Type	Value	First Seen	Last Seen
YARA	NikiCert	2024-06-19	2024-06-19
YARA	NikiGo	2024-06-19	2024-06-19
YARA	NikiHTTP	2024-06-19	2024-06-19
YARA	Kimsuky_Spy_Tool	2024-06-07	2024-06-07
YARA	MAL_H0lyGh0st_SiennaPurple_stri…	2024-03-17	2024-03-17
YARA	DLL_North_Korean_Lazarus_March2…	2024-03-14	2024-03-14
YARA	kimsuky_VBS_script	2024-03-12	2024-03-12
YARA	operation_DREAMJOB_AMAZON_VNC	2024-02-19	2024-02-19
YARA	APT_NK_TA444_CosmicRust	2024-01-04	2024-01-04
YARA	APT_NK_TA444_SpectralBlur	2024-01-03	2024-01-03
YARA	APT_NK_TA444_SpectralBlur_SockR…	2024-01-03	2024-01-03
YARA	APT_NK_TA430_HazyLoad_Mem	2024-01-01	2024-01-01
YARA	XProtect_MACOS_c723519	2023-10-05	2023-10-05
YARA	MTI_Hunting_POOLRAT	2023-10-05	2023-10-05
YARA	MTI_Hunting_POOLRAT	2023-08-10	2023-08-10

NikiCert

YARA

First seen: 2024-06-19 • Last seen: 2024-06-19

NikiGo

YARA

First seen: 2024-06-19 • Last seen: 2024-06-19

NikiHTTP

YARA

First seen: 2024-06-19 • Last seen: 2024-06-19

Kimsuky_Spy_Tool

YARA

First seen: 2024-06-07 • Last seen: 2024-06-07

MAL_H0lyGh0st_SiennaPurple_strings

YARA

First seen: 2024-03-17 • Last seen: 2024-03-17

DLL_North_Korean_Lazarus_March2024

YARA

First seen: 2024-03-14 • Last seen: 2024-03-14

kimsuky_VBS_script

YARA

First seen: 2024-03-12 • Last seen: 2024-03-12

operation_DREAMJOB_AMAZON_VNC

YARA

First seen: 2024-02-19 • Last seen: 2024-02-19

APT_NK_TA444_CosmicRust

YARA

First seen: 2024-01-04 • Last seen: 2024-01-04

APT_NK_TA444_SpectralBlur

YARA

First seen: 2024-01-03 • Last seen: 2024-01-03

APT_NK_TA444_SpectralBlur_SockRacket_Overlap

YARA

First seen: 2024-01-03 • Last seen: 2024-01-03

APT_NK_TA430_HazyLoad_Mem

YARA

First seen: 2024-01-01 • Last seen: 2024-01-01

XProtect_MACOS_c723519

YARA

First seen: 2023-10-05 • Last seen: 2023-10-05

MTI_Hunting_POOLRAT

YARA

First seen: 2023-10-05 • Last seen: 2023-10-05

MTI_Hunting_POOLRAT

YARA

First seen: 2023-08-10 • Last seen: 2023-08-10

NikiCert

YARA

First seen: Jun 2024

Last seen: Jun 2024

NikiGo

YARA

First seen: Jun 2024

Last seen: Jun 2024

NikiHTTP

YARA

First seen: Jun 2024

Last seen: Jun 2024

Kimsuky_Spy_Tool

YARA

First seen: Jun 2024

Last seen: Jun 2024

MAL_H0lyGh0st_SiennaPurple_strings

YARA

First seen: Mar 2024

Last seen: Mar 2024

DLL_North_Korean_Lazarus_March2024

YARA

First seen: Mar 2024

Last seen: Mar 2024

kimsuky_VBS_script

YARA

First seen: Mar 2024

Last seen: Mar 2024

operation_DREAMJOB_AMAZON_VNC

YARA

First seen: Feb 2024

Last seen: Feb 2024

APT_NK_TA444_CosmicRust

YARA

First seen: Jan 2024

Last seen: Jan 2024

APT_NK_TA444_SpectralBlur

YARA

First seen: Jan 2024

Last seen: Jan 2024

APT_NK_TA444_SpectralBlur_SockRacket_Overlap

YARA

First seen: Jan 2024

Last seen: Jan 2024

APT_NK_TA430_HazyLoad_Mem

YARA

First seen: Jan 2024

Last seen: Jan 2024

XProtect_MACOS_c723519

YARA

First seen: Oct 2023

Last seen: Oct 2023

MTI_Hunting_POOLRAT

YARA

First seen: Oct 2023

Last seen: Oct 2023

MTI_Hunting_POOLRAT

YARA

First seen: Aug 2023

Last seen: Aug 2023

1
«
4
5
6
7
8
»
14

⚠ These IoCs were automatically extracted using regular expressions or an LLM and may include non-malicious data.