{ "type": "bundle", "id": "bundle--d3761c78-c410-4ab3-9c92-016a86d9431a", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--6b1d3dfe-e4c1-47eb-9e38-bb509a96d883", "created": "2024-11-06T00:58:43.491961Z", "modified": "2024-11-06T01:01:17.692995Z", "name": "Rewterz", "identity_class": "organization" }, { "type": "file", "spec_version": "2.1", "id": "file--11888810-c46d-4cdc-b9e2-d7822663546f", "hashes": { "SHA-256": "58f2972c6a8fc743543f7b8c4df085c5cf2c6e674e5601e85eec60cd269cfb3c" } }, { "type": "file", "spec_version": "2.1", "id": "file--5be8fa77-82ef-4ed4-8b0a-56d5c5694acb", "hashes": { "SHA-256": "f5873ecd60390e7b86db5ddaf158ed201b386be26ad80af8a7da3576446520b8" } }, { "type": "file", "spec_version": "2.1", "id": "file--ac88cbc2-9e9f-496b-8d31-b32d3b77e9f0", "hashes": { "SHA-1": "8edcd1d8d390d61587d334f4527e569a5bdf915c" } }, { "type": "file", "spec_version": "2.1", "id": "file--543ad9d3-13d0-4dfb-b436-60e51d681563", "hashes": { "SHA-1": "1876e829b675e86e950f2e701ab9b2c4a56b4817" } }, { "type": "file", "spec_version": "2.1", "id": "file--e3608cba-7104-426c-9d9b-b5ce50b2329c", "hashes": { "SHA-256": "ba5f3bbe77eef8e730fde5f7ab493e4ed3d954b9fa70a234eda6fe3c2fc1d572" } }, { "type": "file", "spec_version": "2.1", "id": "file--2ad8d026-3480-42d7-9e5d-3a2f5996881e", "hashes": { "SHA-256": "6f9b79c20330a7c8ade8285866e5602bb86b50a817205ee3c8a466101193386d" } }, { "type": "file", "spec_version": "2.1", "id": "file--c8fd1e76-df34-49f1-bcf6-9596fae13929", "hashes": { "SHA-1": "57d60872a6239449116c9c609838906cec923ef5" } }, { "type": "file", "spec_version": "2.1", "id": "file--15a4dd30-3311-4187-be0e-b2381d19ff47", "hashes": { "SHA-1": "0d17d477207d717f4e1be67e96c925aae473109d" } }, { "type": "file", "spec_version": "2.1", "id": "file--d34d036f-5a75-45aa-8230-2423acb3b9bd", "hashes": { "SHA-256": "95dc085b0fea4a8d80df11ba1409a2df89ca97d980ba3dcf8e90d31e9d3fd533" } }, { "type": "file", "spec_version": "2.1", "id": "file--96d081d8-985f-4ac3-ad6b-1d714f048870", "hashes": { "SHA-1": "2a900fbfdd65dafe6fadc4d5706e151c8b72230a" } }, { "type": "file", "spec_version": "2.1", "id": "file--9392560d-f516-48a1-b753-02e83ed79d0a", "hashes": { "MD5": "cf8c0999c148d764667b1a269c28bdcb" } }, { "type": "file", "spec_version": "2.1", "id": "file--c1ccf025-86ea-4b79-a5f8-0307d2837c89", "hashes": { "MD5": "4c4abe85a1c68ba8385d2cb928ac5646" } }, { "type": "file", "spec_version": "2.1", "id": "file--af2eb166-6966-4264-a8b3-ee9163018bb7", "hashes": { "MD5": "00a2952a279f9c84ae71367d5b8990c1" } }, { "type": "file", "spec_version": "2.1", "id": "file--c6969b8f-a13e-4de2-b065-9c3b2bd4206f", "hashes": { "MD5": "5eac943e23429a77d9766078e760fc0b" } }, { "type": "file", "spec_version": "2.1", "id": "file--036c3b3f-5131-4f03-8c60-af2603949a72", "hashes": { "MD5": "80ab98c10c23b7281a2bf1489fc98c0d" } }, { "type": "threat-actor", "spec_version": "2.1", "id": "threat-actor--af08d5c9-f507-5ed5-9986-7ffea3df195b", "created": "2026-06-24T18:40:33.16494Z", "modified": "2026-06-24T18:40:33.16494Z", "name": "Lazarus" }, { "type": "report", "spec_version": "2.1", "id": "report--4902ee61-35b5-4b90-8a74-79b718b16c31", "created_by_ref": "identity--6b1d3dfe-e4c1-47eb-9e38-bb509a96d883", "created": "2026-06-24T18:40:33.167551Z", "modified": "2026-06-24T18:40:33.167551Z", "name": "Lazarus Group Uses CookiePlus Malware to Target Nuclear Engineers \u2013 Active IOCs", "published": "2024-12-23T00:00:00Z", "object_refs": [ "identity--6b1d3dfe-e4c1-47eb-9e38-bb509a96d883", "file--11888810-c46d-4cdc-b9e2-d7822663546f", "file--5be8fa77-82ef-4ed4-8b0a-56d5c5694acb", "file--ac88cbc2-9e9f-496b-8d31-b32d3b77e9f0", "file--543ad9d3-13d0-4dfb-b436-60e51d681563", "file--e3608cba-7104-426c-9d9b-b5ce50b2329c", "file--2ad8d026-3480-42d7-9e5d-3a2f5996881e", "file--c8fd1e76-df34-49f1-bcf6-9596fae13929", "file--15a4dd30-3311-4187-be0e-b2381d19ff47", "file--d34d036f-5a75-45aa-8230-2423acb3b9bd", "file--96d081d8-985f-4ac3-ad6b-1d714f048870", "file--9392560d-f516-48a1-b753-02e83ed79d0a", "file--c1ccf025-86ea-4b79-a5f8-0307d2837c89", "file--af2eb166-6966-4264-a8b3-ee9163018bb7", "file--c6969b8f-a13e-4de2-b065-9c3b2bd4206f", "file--036c3b3f-5131-4f03-8c60-af2603949a72", "threat-actor--af08d5c9-f507-5ed5-9986-7ffea3df195b" ], "external_references": [ { "source_name": "source", "url": "https://www.rewterz.com/threat-advisory/lazarus-group-uses-cookieplus-malware-to-target-nuclear-engineers-active-iocs" } ] } ] }