← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Exposing Attack Operations Utilizing PyPI Against Windows, Linux and macOS Platforms
WHITE APT-C-26 (Lazarus) AlienVault 2024-07-08 Modified: 2024-08-07
75
IOCs
HIGH VOLUME
The report details the APT-C-26 (Lazarus) group's recent attack campaign utilizing malicious Python packages hosted on the PyPI repository to deliver payloads targeting multiple platforms including Windows, Linux, and macOS. It analyzes the attack flow, delivery methods, and malware components involved, providing insights into the group's tactics and capabilities spanning various operating systems. The report also attributes the activity to the Lazarus group based on evidence linking it to their previous attack patterns and infrastructure.
lazarussupply chaincross-platformaptmalwarepypicomebacker
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Comebacker
Indicators of Compromise (32 / 75 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 05957d98a75c04597649295dc846682d 2024-07-08
FileHash-MD5 10f190b9bbb875d3b2582ae9229da634 2024-07-08
FileHash-MD5 11c0ce888a5aedf82c509c4dca1b5b00 2024-07-08
FileHash-MD5 133b1621d76bd7f1f4c814f53cd501bc 2024-07-08
FileHash-MD5 1352f2621107e503cddde3bcc0d53d52 2024-07-08
FileHash-MD5 15a5fc35905624174077afcc1eaaa4ea 2024-07-08
FileHash-MD5 1f76eb089ef9f9cbf6840eb5231b2e75 2024-07-08
FileHash-MD5 267ef172f81bb8577e5371fbf20f7306 2024-07-08
FileHash-MD5 330fff5b3c54a03fd59a64981e96814d 2024-07-08
FileHash-MD5 33c9a47debdb07824c6c51e13740bdfe 2024-07-08
FileHash-MD5 3fcb2ccdc883d8f2d1a3761c1dc5cb3e 2024-07-08
FileHash-MD5 420f6e424b1b4a5b9d817c73f9eafa84 2024-07-08
FileHash-MD5 46127a35b73b714a9c5c58aaa43cb51f 2024-07-08
FileHash-MD5 494f2cc788afc585b4a5bd39ecb6dcca 2024-07-08
FileHash-MD5 4b3462420d5b05c78cfefec0e233b4ef 2024-07-08
FileHash-MD5 5a25375f2b23680690fe82c99cf3d314 2024-07-08
FileHash-MD5 67d112a63fd9c9c9ebb022675e794322 2024-07-08
FileHash-MD5 716f20a45816101a1dc58a02f776ea24 2024-07-08
FileHash-MD5 73850470a358c79b0a67eb809491dfdb 2024-07-08
FileHash-MD5 744187fb884a7650f4981d0d28ffdfd4 2024-07-08
FileHash-MD5 79a022c9b41cab5900a46c4b59c02954 2024-07-08
FileHash-MD5 7f30ca2454e02be1d5e71b3682b04ea5 2024-07-08
FileHash-MD5 864cbadfcc4a6d3554c032e7eb30d03f 2024-07-08
FileHash-MD5 8c351d35369a63d6c4a1478428a593d7 2024-07-08
FileHash-MD5 8c9094137a1624abb0f94d5fb3143d1e 2024-07-08
FileHash-MD5 8eca54af4e9e013acff7b2f18ac6ccff 2024-07-08
FileHash-MD5 a6e7c231a699d4efe85080ce5fb36dfb 2024-07-08
FileHash-MD5 b62c912de846e743effdf7e5654a7605 2024-07-08
FileHash-MD5 cd980f9f4de27f712f69ad31f8cc13a9 2024-07-08
FileHash-MD5 e88528ac23092ba628523654cad8abc4 2024-07-08
FileHash-MD5 f2013e689dad863e02bfda9481f37085 2024-07-08
FileHash-MD5 f50c83a4147b86cdb20cc1fbae458865 2024-07-08
References (1)
↗ https://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA%3D%3D&mid=2247499462&idx=1&sn=7cc55f3cc2740e8818648efbec21615f&chksm=f9c1cdcfceb644d9a6f169ca81188a0e3ab4a9799437f6c57b71ede3ac6aab6d121dd023d42a&scene=178&cur_album_id=1955835290309230595