← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Three Lazarus RATs coming for your cheese – Fox-IT International blog
WHITE Lazarus mengkuong 2025-09-03 Modified: 2025-10-03
80
IOCs
HIGH VOLUME
A team of researchers from Fox-IT and NCC Group has identified and identified the Lazarus cyber-attack group, which targets companies active in the cryptocurrency sector and financial services sector in 2024 and 2025.
pondratthemeforestratpoolratremotepec2 serverwindowslinuxfigureperfhloaderratstelegramlazaruspythonformatsequelvirustotalwindowquasarfacebooksessionenvapplejeusmacos
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
SessionEnv AppleJeus Linux macOS Windows Lazarus
Indicators of Compromise (10 / 80 total)
All CVE FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL YARA domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 19dbffec4e359a198daf4ffca1ab9165 MD5 of 24d5dd3006c63d0f46fb33cbc1f576325d4e7e03e3201ff4a3c1ffa604f1b74a 2025-09-03
FileHash-MD5 23c2569a65870a9e412d98d5b3bdc554 MD5 of 159471e1abc9adf6733af9d24781fbf27a776b81d182901c2e04e28f3fe2e6f3 2025-09-03
FileHash-MD5 33c9a47debdb07824c6c51e13740bdfe MD5 of 973f7939ea03fd2c9663dafc21bb968f56ed1b9a56b0284acf73c3ee141c053c 2025-09-03
FileHash-MD5 435c7b4fd5e1eaafcb5826a7e7c16a83 2025-09-03
FileHash-MD5 451c23709ecd5a8461ad060f6346930c MD5 of 5e40d106977017b1ed235419b1e59ff090e1f43ac57da1bb5d80d66ae53b1df8 2025-09-03
FileHash-MD5 6f2f61783a4a59449db4ba37211fa331 2025-09-03
FileHash-MD5 75a46b23825ce7aa4ca297d93450f4e2 MD5 of aa4a2d1215f864481994234f13ab485b95150161b4566c180419d93dda7ac039 2025-09-03
FileHash-MD5 7cc55f3cc2740e8818648efbec21615f 2025-09-03
FileHash-MD5 893fed20a939e613f2b108096573eb8b MD5 of 9dddf5a1d32e3ba7cc27f1006a843bfd4bc34fa8a149bcc522f27bda8e95db14 2025-09-03
FileHash-MD5 d3ee425502cb60db1e75ef5bfd232c72 MD5 of 8c3c8f24dc0c1d165f14e5a622a1817af4336904a3aabeedee3095098192d91f 2025-09-03
References (1)
↗ https://blog.fox-it.com/2025/09/01/three-lazarus-rats-coming-for-your-cheese/