← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
cloning so mine dont go missing clone arek-btc credit Malware para Linux vincula a Lazarus con el ataque a la cadena de suministro de 3CX CREATED 10 MONTHS AGO MODIFIED 9 MONTHS AGO by Arek-BTC
WHITE Lazarus msudosos 2026-04-06 Modified: 2026-04-06
198
IOCs
HIGH VOLUME
this softwareincludingbut notlimited tocopyrightesetredistributionis providedby theas isdirectdamageemotet payloadf8 b9emotetc0 c3c0 c7c3 b8ce e8cf e8f3 ffdc ffsha256vhashrich pessdeepaaaadocument filev2 documentcrlf lineunicode textutf8rgbams windowsvista eventfile v2documentdefenderlinuxlazarussimplexteafigurastrongbadcallvirustotalopendrivewindowsc servercoreagopuramiconicstealercrisismalwarecoldcatdanabotlumma stealerupdateagenttwittertaxhaulcomofirstphishingexecutionesteodicloaderuploadiconicloadertabla 1
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Windows OdicLoader Linux Upload IconicLoader Tabla 1 BADCALL SimplexTea Figura
Indicators of Compromise (17 / 198 total)
All YARA URL email hostname FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain CVE SSLCertFingerprint
TYPEINDICATORDESCRIPTIONCREATED
URL https://www.welivesecurity.com/ 2026-04-06
URL https://github.com/eset/malware-ioc/ 2026-04-06
URL https://journalide.org/djour.php 2026-04-06
URL http://23.254.211.230:25 2026-04-06
URL http://23.254.211.230:443 2026-04-06
URL http://23.254.211.230:587 2026-04-06
URL http://23.254.211.230:80 2026-04-06
URL http://glassdoornews.com 2026-04-06
URL http://mezlan.me/ 2026-04-06
URL http://plankproductions.com/ 2026-04-06
URL http://zevegan.com/ 2026-04-06
URL https://23.254.211.230:443 2026-04-06
URL https://glassdoornews.com 2026-04-06
URL https://labs.inquest.net/dfi/hash/f9b62b2aee5937e4d7f33f04f52ad5b05c4a1ccde6553e18909d2dc0cb595209 2026-04-06
URL http://en.wikipedia.org/wiki/Windows_API 2026-04-06
URL https://github.com/eset/malware-ioc/ 2026-04-06
URL https://www.welivesecurity.com/ 2026-04-06
References (1)
↗ http://dlvr.it/Sn3dHM