← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Linux malware strengthens links between Lazarus and the 3CX supply‑chain attack
WHITE Lazarus tr2222200 2023-04-24 Modified: 2023-04-24
42
IOCs
MEDIUM VOLUME
lazaruslinuxsimplexteawindowsbadcallsimpleseaodicloadersimplextea linuxlinux dreamjobmacossimplesea macosiconicloadervirustotaleset researchmarchfigureiconicstealerfebruaryaprilfirstaugustupdateagentmalwareopenpodcast
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
IconicLoader SIMPLESEA macOS macOS Linux DreamJob SimplexTea Linux OdicLoader SIMPLESEA BADCALL Windows Linux SimplexTea
Indicators of Compromise (11 / 42 total)
All IPv4 FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 3cf7232e5185109321921046d039cf10 2023-04-24
FileHash-MD5 451c23709ecd5a8461ad060f6346930c MD5 of 58b0516d28bd7218b1908fb266b8fe7582e22a5f MD5 of 58b0516d28bd7218b1908fb266b8fe7582e22a5f 2023-04-24
FileHash-MD5 6426fe4dc604c7f1784ed1d48ab4ffc8 MD5 of 3b88cda62cdd918b62ef5aa8c5a73a46f176d18b 2023-04-24
FileHash-MD5 760c35a80d758f032d02cf4db12d3e55 MD5 of 1c66e67a8531e3ff1c64ae57e6edfde7bef2352d 2023-04-24
FileHash-MD5 76111d9780b2d0b5adee61cf752d937e MD5 of 5b03294b72c0caa5fb20e7817002c600645eb475 2023-04-24
FileHash-MD5 9e4d9edb07c348b10863d89b6bb08141 MD5 of 65122e5129fc74d6b5ebafcc3376abae0145bc14 MD5 of 65122e5129fc74d6b5ebafcc3376abae0145bc14 2023-04-24
FileHash-MD5 aac5a52b939f3fe792726a13ff7a1747 2023-04-24
FileHash-MD5 af2bc70f1c97a2f583f7b87aea3c8a6c MD5 of 7491bd61ed15298ce5ee5ffd01c8c82a2cdb40ec 2023-04-24
FileHash-MD5 c01dc42f65acaf1c917c0cc29ba63adc MD5 of d288766fa268bc2534f85fd06a5d52264e646c47 MD5 of d288766fa268bc2534f85fd06a5d52264e646c47 2023-04-24
FileHash-MD5 cedb9cdbad254f60cfb215b9bff84fb9 2023-04-24
FileHash-MD5 fc41cb8425b6432af8403959bb59430d 2023-04-24
References (1)
↗ https://www.welivesecurity.com/2023/04/20/linux-malware-strengthens-links-lazarus-3cx-supply-chain-attack/