{ "type": "bundle", "id": "bundle--b40e62ca-51db-4764-820b-009230333aa9", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--bd9ae498-a728-494b-98e1-cd065c0346cd", "created": "2023-03-08T12:51:43.166519Z", "modified": "2025-03-25T23:27:46.306349Z", "name": "K7SecurityLabs", "identity_class": "organization" }, { "type": "url", "spec_version": "2.1", "id": "url--5483483f-5518-4ea4-b0f4-9c9f9ac2f2ed", "value": "https://www.theregister.com/2019/12/05/lazarus_group_macos_malware/" }, { "type": "url", "spec_version": "2.1", "id": "url--803b64dd-76af-4c21-80be-5a1176cecd4e", "value": "https://threatvector.cylance.com/en_us/home/running-executables-on-macos-from-memory.html" }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--4e47cc96-f5d6-444b-ad39-48bb075fb319", "value": "threatvector.cylance.com" }, { "type": "threat-actor", "spec_version": "2.1", "id": "threat-actor--af08d5c9-f507-5ed5-9986-7ffea3df195b", "created": "2026-06-24T22:21:40.127751Z", "modified": "2026-06-24T22:21:40.127751Z", "name": "Lazarus" }, { "type": "report", "spec_version": "2.1", "id": "report--bc3885be-ba2b-4b65-8081-96674ecfb837", "created_by_ref": "identity--bd9ae498-a728-494b-98e1-cd065c0346cd", "created": "2026-06-24T22:21:40.128854Z", "modified": "2026-06-24T22:21:40.128854Z", "name": "Ghost Mach-O: an analysis of Lazarus\u2019 Mac-malware innovations", "published": "2020-10-02T00:00:00Z", "object_refs": [ "identity--bd9ae498-a728-494b-98e1-cd065c0346cd", "url--5483483f-5518-4ea4-b0f4-9c9f9ac2f2ed", "url--803b64dd-76af-4c21-80be-5a1176cecd4e", "domain-name--4e47cc96-f5d6-444b-ad39-48bb075fb319", "threat-actor--af08d5c9-f507-5ed5-9986-7ffea3df195b" ], "external_references": [ { "source_name": "source", "url": "https://vb2020.vblocalhost.com/uploads/VB2020-Devadoss.pdf" } ] } ] }