← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Mach-O Man Malware: What CISOs Need to Know
WHITE Lazarus Group Tr1sa111 2026-04-23 Modified: 2026-05-22
16
IOCs
MEDIUM VOLUME
mach-o manbrowser stealingpylangghostratsocial engineeringmacosmach-o binariestelegram exfiltrationcredential theftclickfixfintech targeting
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Mach-O Man PyLangGhostRAT
Indicators of Compromise (16)
All FileHash-SHA256 URL domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 0f41fd82cac71e27c36eb90c0bf305d6006b4f3d59e8ba55faeacbe62aadef90 2026-04-23
FileHash-SHA256 24af069b8899893cfc7347a4e5b46d717d77994a4b140d58de0be029dba686c9 2026-04-23
FileHash-SHA256 4b08a9e221a20b8024cf778d113732b3e12d363250231e78bae13b1f1dc1495b 2026-04-23
FileHash-SHA256 85bed283ba95d40d99e79437e6a3161336c94ec0acbc0cd38599d0fc9b2e393c 2026-04-23
FileHash-SHA256 871d8f92b008a75607c9f1feb4922b9a02ac7bd2ed61b71ca752a5bed5448bf3 2026-04-23
FileHash-SHA256 89616a503ffee8fc70f13c82c4a5e4fa4efafa61410971f4327ed38328af2938 2026-04-23
FileHash-SHA256 a73ce18952b40fd621789e43c56b2af08d1497ce3560b2481fa973d8265ce491 2026-04-23
FileHash-SHA256 a9562ab6bce06e92d4e428088eacc1e990e67ceae6f6940047360261b5599614 2026-04-23
FileHash-SHA256 cc31b3dc8aeed0af9dd24b7e739f183527d55d5b5ecd3d93ba45dd4aaa8ba260 2026-04-23
FileHash-SHA256 dfee6ea9cafc674b93a8460b9e6beea7f0eb0c28e28d1190309347fd1514dbb6 2026-04-23
FileHash-SHA256 eb3eae776d175f7fb2fb9986c89154102ba8eabfde10a155af4dfb18f28be1b5 2026-04-23
URL http://172.86.113.102/localencode 2026-04-23
URL http://livemicrosft.com/meet/89035563931?p=9jXK14VFM8fObdKxfkake8tD7rPhzs.1 2026-04-23
URL http://update-teams.live/teams 2026-04-23
domain livemicrosft.com 2026-04-23
domain update-teams.live 2026-04-23
References (1)
↗ https://any.run/cybersecurity-blog/lazarus-macos-malware-mach-o-man/