Lazarus aka Hidden Cobra APT Group – Active IOCs
2024-11-21 • Rewterz •
https://www.rewterz.com/threat-advisory/lazarus-aka-hidden-cobra-apt-group-active-iocs-37353
This APT group has been associated with other threat actor groups, including Bluenoroff and Andariel, believed to be subgroups or closely aligned with Lazarus. One of their recent campaigns, "Dream Job," specifically targets cryptocurrency-adjacent entities by impersonating legitimate job recruiters and tricking individuals into downloading malware. The Lazarus group has been known to use a variety of tactics, techniques, and procedures TTPs in their operations, including spear-phishing, malware, and social engineering. Lazarus APT is one of North Korea's most sophisticated threat actors, and it has been operating since at least 2009.
Indicators of Compromise
| Type | Value | First Seen | Last Seen |
|---|---|---|---|
| HASH | c8549d0773855ce9a0b74d814da3e119 | 2024-11-21 | 2024-11-21 |
| HASH | 7c059314638fd78ce3d0f375bae16a6… | 2024-11-21 | 2024-11-21 |
| HASH | 4ca9cad959d64599e85ecb45232cb8a6 | 2024-11-21 | 2024-11-21 |
| HASH | 17f9e40a0315699e7b7e69397b661d5… | 2024-11-21 | 2024-11-21 |
| HASH | 4d056026488c0c9a2e15d915fde87db… | 2024-11-21 | 2024-11-21 |
| HASH | ab1071c25ce763072f6b85302a83024… | 2024-11-21 | 2024-11-21 |
| HASH | 37ff1f0febf3131bd82dcfd30bb83f9… | 2024-11-21 | 2024-11-21 |
| HASH | 782aadc761381ec79e8d01a5ed4d13a… | 2024-11-21 | 2024-11-21 |
| HASH | ac146406fa4781454cab035d4fe3f244 | 2024-11-21 | 2024-11-21 |
| HASH | e7923f6672cfc24f47982c3c5b8aa96… | 2024-11-21 | 2024-11-21 |
| HASH | bf6b4a30f1e5b4f4156446adc7693236 | 2024-11-21 | 2024-11-21 |
| HASH | 5f549663a4836ee2ea82c79aa786f25… | 2024-11-21 | 2024-11-21 |