LazyScripter
Essential information
- Confidence
- 100/100
- Published
- 16/12/2025 19:39
- Modified
- 27/03/2026 01:14
- Updated at
- 27/03/2026 01:14
- Revoked
- No
- Author / Source
- The MITRE Corporation
- Resource level
- —
- Primary motivation
- —
- Related entities
- 20 attack patterns (mitre), 2 malware, 5 tool
Description
Marking (TLP)
Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.
External references
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Attack patterns (MITRE) (20)
-
T1105 usesIngress Tool Transfer
-
T1204.001 usesMalicious Link
-
T1566.001 usesSpearphishing Attachment
-
T1566.002 usesSpearphishing Link
-
T1059.007 usesJavaScript
-
T1204.002 usesMalicious File
-
Command Obfuscation uses
-
T1218.011 usesRundll32
-
T1071.004 usesDNS
-
T1059.001 usesPowerShell
-
T1102 usesWeb Service
-
T1588.001 usesMalware
-
T1547.001 usesRegistry Run Keys / Startup Folder
-
T1036 usesMasquerading
-
T1218.005 usesMshta
-
T1059.005 usesVisual Basic
-
T1583.001 usesDomains
-
T1608.001 usesUpload Malware
-
T1059.003 usesWindows Command Shell
-
T1583.006 usesWeb Services
Malware (2)
-
NJRat usesFamilyPublished 05/03/2025 11:12 · Modified 05/03/2025 11:12
- KOCTOPUS
Tool (5)
-
QuasarRAT usesThe MITRE Corporation Confidence 100
[QuasarRAT](https://attack.mitre.org/software/S0262) is an open-source, remote access tool that has been publicly available on GitHub since at least 2014. [QuasarRAT](https://attack.mitre.org/software/S0262) is developed in the C# language.(Citation: GitHub QuasarRAT)(Citation: Volexity …
Published 17/10/2018 02:14 · Modified 27/03/2026 01:07 -
ngrok usesThe MITRE Corporation Confidence 100
[ngrok](https://attack.mitre.org/software/S0508) is a legitimate reverse proxy tool that can create a secure tunnel to servers located behind firewalls or on local machines that do not have a public …
Published 14/09/2023 20:56 · Modified 27/03/2026 01:07 -
Remcos usesThe MITRE Corporation Confidence 100
[Remcos](https://attack.mitre.org/software/S0332) is a closed-source tool that is marketed as a remote control and surveillance software by a company called Breaking Security. [Remcos](https://attack.mitre.org/software/S0332) has been observed being used in …
Published 29/01/2019 19:55 · Modified 27/03/2026 01:07 -
Koadic usesThe MITRE Corporation Confidence 100
[Koadic](https://attack.mitre.org/software/S0250) is a Windows post-exploitation framework and penetration testing tool that is publicly available on GitHub. [Koadic](https://attack.mitre.org/software/S0250) has several options for staging payloads and creating implants, and performs …
Published 17/10/2018 02:14 · Modified 27/03/2026 01:07 -
Empire usesThe MITRE Corporation Confidence 100
[Empire](https://attack.mitre.org/software/S0363) is an open-source, cross-platform remote administration and post-exploitation framework that is publicly available on GitHub. While the tool itself is primarily written in Python, the post-exploitation agents …
Published 11/03/2019 15:13 · Modified 27/03/2026 01:07