IoCs - DPRK Threat Intelligence | lazarus.day

IoCs

210 IoCs

Type	Value	First Seen	Last Seen
YARA	lazarus_2	2023-08-02	2023-08-02
YARA	lazarus_1	2023-08-02	2023-08-02
YARA	apt_nk_kimsuky_phishing_script	2023-08-01	2023-08-01
YARA	usps_phisher_tracker	2023-08-01	2023-08-01
YARA	aws_monitor_2	2023-08-01	2023-08-01
YARA	aws_monitor	2023-08-01	2023-08-01
YARA	Smooth_Operator_II	2023-06-29	2023-06-29
YARA	Smooth_Operator_Sleeps	2023-06-29	2023-06-29
YARA	Smooth_Operator_C2_codes	2023-06-29	2023-06-29
YARA	Smooth_Operator_Strings	2023-06-29	2023-06-29
YARA	Smooth_Operator_Obfuscation_2	2023-06-29	2023-06-29
YARA	Smooth_Operator_Obfuscation	2023-06-29	2023-06-29
YARA	apt_Bluenoroff_downloader_win_c…	2023-05-22	2023-05-22
YARA	apt_Bluenoroff_downloader_mac_R…	2023-05-22	2023-05-22
YARA	RichHeaders_Lazarus_NukeSped_Ic…	2023-04-20	2023-04-20

lazarus_2

YARA

First seen: 2023-08-02 • Last seen: 2023-08-02

lazarus_1

YARA

First seen: 2023-08-02 • Last seen: 2023-08-02

apt_nk_kimsuky_phishing_script

YARA

First seen: 2023-08-01 • Last seen: 2023-08-01

usps_phisher_tracker

YARA

First seen: 2023-08-01 • Last seen: 2023-08-01

aws_monitor_2

YARA

First seen: 2023-08-01 • Last seen: 2023-08-01

aws_monitor

YARA

First seen: 2023-08-01 • Last seen: 2023-08-01

Smooth_Operator_II

YARA

First seen: 2023-06-29 • Last seen: 2023-06-29

Smooth_Operator_Sleeps

YARA

First seen: 2023-06-29 • Last seen: 2023-06-29

Smooth_Operator_C2_codes

YARA

First seen: 2023-06-29 • Last seen: 2023-06-29

Smooth_Operator_Strings

YARA

First seen: 2023-06-29 • Last seen: 2023-06-29

Smooth_Operator_Obfuscation_2

YARA

First seen: 2023-06-29 • Last seen: 2023-06-29

Smooth_Operator_Obfuscation

YARA

First seen: 2023-06-29 • Last seen: 2023-06-29

apt_Bluenoroff_downloader_win_curl_agent:

YARA

First seen: 2023-05-22 • Last seen: 2023-05-22

apt_Bluenoroff_downloader_mac_RustBucket

YARA

First seen: 2023-05-22 • Last seen: 2023-05-22

RichHeaders_Lazarus_NukeSped_IconicPayloads_3CX_Q12023

YARA

First seen: 2023-04-20 • Last seen: 2023-04-20

lazarus_2

YARA

First seen: Aug 2023

Last seen: Aug 2023

lazarus_1

YARA

First seen: Aug 2023

Last seen: Aug 2023

apt_nk_kimsuky_phishing_script

YARA

First seen: Aug 2023

Last seen: Aug 2023

usps_phisher_tracker

YARA

First seen: Aug 2023

Last seen: Aug 2023

aws_monitor_2

YARA

First seen: Aug 2023

Last seen: Aug 2023

aws_monitor

YARA

First seen: Aug 2023

Last seen: Aug 2023

Smooth_Operator_II

YARA

First seen: Jun 2023

Last seen: Jun 2023

Smooth_Operator_Sleeps

YARA

First seen: Jun 2023

Last seen: Jun 2023

Smooth_Operator_C2_codes

YARA

First seen: Jun 2023

Last seen: Jun 2023

Smooth_Operator_Strings

YARA

First seen: Jun 2023

Last seen: Jun 2023

Smooth_Operator_Obfuscation_2

YARA

First seen: Jun 2023

Last seen: Jun 2023

Smooth_Operator_Obfuscation

YARA

First seen: Jun 2023

Last seen: Jun 2023

apt_Bluenoroff_downloader_win_curl_agent:

YARA

First seen: May 2023

Last seen: May 2023

apt_Bluenoroff_downloader_mac_RustBucket

YARA

First seen: May 2023

Last seen: May 2023

RichHeaders_Lazarus_NukeSped_IconicPayloads_3CX_Q12023

YARA

First seen: Apr 2023

Last seen: Apr 2023

1
«
5
6
7
8
9
»
14

⚠ These IoCs were automatically extracted using regular expressions or an LLM and may include non-malicious data.