{
    "type": "bundle",
    "id": "bundle--06036940-17b8-41f5-ab63-9053f8bbe203",
    "objects": [
        {
            "type": "identity",
            "spec_version": "2.1",
            "id": "identity--18a3a1f0-eb3d-4bbc-904e-ee52948913a7",
            "created": "2023-03-08T12:51:43.431426Z",
            "modified": "2023-03-08T12:51:43.431505Z",
            "name": "Malwarebytes",
            "identity_class": "organization"
        },
        {
            "type": "domain-name",
            "spec_version": "2.1",
            "id": "domain-name--1cb52c11-5905-4936-8720-e382f5e54803",
            "value": "jinjinpig.co.kr"
        },
        {
            "type": "file",
            "spec_version": "2.1",
            "id": "file--16fcf84c-e2a4-4584-9a03-9af9346026e6",
            "hashes": {
                "SHA-256": "ed5fbefd61a72ec9f8a5ebd7fa7bcd632ec55f04bdd4a4e24686edccb0268e05"
            }
        },
        {
            "type": "url",
            "spec_version": "2.1",
            "id": "url--6dd99b4f-1f02-453d-ba6b-7d21e94fc8b0",
            "value": "http://www.jinjinpig.co.kr/Anyboard/skin/board.php"
        },
        {
            "type": "url",
            "spec_version": "2.1",
            "id": "url--897208c9-aab6-468f-8eeb-dace89d00caf",
            "value": "http://mail.namusoft.kr/jsp/user/eam/board.jsp"
        },
        {
            "type": "domain-name",
            "spec_version": "2.1",
            "id": "domain-name--0979aa07-ee56-45e5-af77-44d419dfa199",
            "value": "mail.namusoft.kr"
        },
        {
            "type": "file",
            "spec_version": "2.1",
            "id": "file--a12adef7-21af-4b72-a4e1-3039a9edf8db",
            "hashes": {
                "SHA-256": "f1eed93e555a0a33c7fef74084a6f8d06a92079e9f57114f523353d877226d72"
            }
        },
        {
            "type": "threat-actor",
            "spec_version": "2.1",
            "id": "threat-actor--af08d5c9-f507-5ed5-9986-7ffea3df195b",
            "created": "2026-06-24T18:20:36.300438Z",
            "modified": "2026-06-24T18:20:36.300438Z",
            "name": "Lazarus"
        },
        {
            "type": "report",
            "spec_version": "2.1",
            "id": "report--e6c4a24d-5318-42a6-a492-8ed119f7afce",
            "created_by_ref": "identity--18a3a1f0-eb3d-4bbc-904e-ee52948913a7",
            "created": "2026-06-24T18:20:36.301546Z",
            "modified": "2026-06-24T18:20:36.301546Z",
            "name": "Lazarus APT conceals malicious code within BMP image to drop its RAT",
            "published": "2021-04-19T00:00:00Z",
            "object_refs": [
                "identity--18a3a1f0-eb3d-4bbc-904e-ee52948913a7",
                "domain-name--1cb52c11-5905-4936-8720-e382f5e54803",
                "file--16fcf84c-e2a4-4584-9a03-9af9346026e6",
                "url--6dd99b4f-1f02-453d-ba6b-7d21e94fc8b0",
                "url--897208c9-aab6-468f-8eeb-dace89d00caf",
                "domain-name--0979aa07-ee56-45e5-af77-44d419dfa199",
                "file--a12adef7-21af-4b72-a4e1-3039a9edf8db",
                "threat-actor--af08d5c9-f507-5ed5-9986-7ffea3df195b"
            ],
            "external_references": [
                {
                    "source_name": "source",
                    "url": "https://www.malwarebytes.com/blog/threat-intelligence/2021/04/lazarus-apt-conceals-malicious-code-within-bmp-file-to-drop-its-rat"
                }
            ]
        }
    ]
}