Lazarus_Medusa_Campaign_Config

YARA Rule

First Seen: 2026-03-12
Last Seen: 2026-03-12

1

Related Reports
0

Related IOCs

Related Reports

2026-03-12

Break Glass Intelligence

Lazarus Group Caught Running Medusa Ransomware: XOR-Decoded Config Exposes Tor C2, IME-Based Loader, and a 7-Month Intrusion Timeline

#Lazarus #Medusa #Ransomware #T1574.002 #T1562.001 #T1059.001 #T1490 #T1555 #T1486 #T1547.014 #T1129 #T1036.005 #T1622 #T1135 #T1027.002 #T1546.015 #T1489 #T1082

« Back

⚠ These IoCs were automatically extracted using regular expressions or an LLM and may include non-malicious data.