BLINDINGCAN
Essential information
- Confidence
- 100/100
- Is family
- Yes
- Published
- 27/10/2020 19:45
- Modified
- 27/03/2026 01:02
- Revoked
- No
- Author / Source
- The MITRE Corporation
- Related entities
- 53 attack patterns (mitre), 2 intrusion sets (apt), 8 sectors, 6 countries, 45 indicators, 1 vulnerabilities (cve), 1 reports
Description
Marking (TLP)
TLP:CLEAR Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.
External references
Related entities
Attack patterns, malware, vulnerabilities, indicators, intrusion sets and other entities linked to this malware.
Attack patterns (MITRE) (53)
Intrusion sets (APT) (2)
-
The MITRE Corporation Confidence 100
[Lazarus Group](https://attack.mitre.org/groups/G0032) is a North Korean state-sponsored cyber threat group attributed to the Reconnaissance General Bureau (RGB). (Citation: US-CERT HIDDEN COBRA June 2017) (Citation: Treasury North Korean Cyber…
First seen 01/01/1970 · Last seen 16/11/5138 · -
Lazarus usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
Sectors (8)
-
Defense targets
-
Road transport targets
-
Universities targets
-
Government targets
-
Media targets
-
Air transport targets
-
Political parties targets
-
Technology targets
Countries (6)
-
Taiwan targets
-
Belgium targets
-
Hong Kong targets
-
Cyprus targets
-
United States of America targets
-
Netherlands targets
Indicators (45)
-
stix 100/100 Revoked
SHA256 of 9fd35bad075c2c70678c65c788b91bc3 SHA256 of 9fd35bad075c2c70678c65c788b91bc3
· Valid until 15/07/2024 · Source: AlienVault -
stix 100/100 Revoked
SHA256 of 11fdc0be9d85b4ff1faf5ca33cc272ed
· Valid until 15/07/2024 · Source: AlienVault -
stix 100/100 Revoked
LZMA SHA256 of 59cb8474930ae7ea45b626443e01b66d
· Valid until 15/07/2024 · Source: AlienVault -
stix 100/100 Revoked
TEL:Trojan:Win32/MeterLoad SHA256 of 14d79cd918b4f610c1a6d43cadeeff7b
· Valid until 15/07/2024 · Source: AlienVault -
stix 100/100 Revoked
stack_string SHA256 of eb2dc282ad3ab29c1853d4f6d09bec4f SHA256 of eb2dc282ad3ab29c1853d4f6d09bec4f
· Valid until 15/07/2024 · Source: AlienVault -
stix 100/100 Revoked· Valid until 20/11/2022 · Source: AlienVault
-
stix 100/100 Revoked
Win32:Evo-gen\ [Susp] SHA256 of 64e5acf43613cd10e96174f36cb1d680
· Valid until 15/07/2024 · Source: AlienVault -
stix 100/100 Revoked
SHA256 of f6d6f3580160cd29b285edf7d0c647ce
· Valid until 15/07/2024 · Source: AlienVault -
stix 100/100 Revoked
stack_string SHA256 of 2b02465b65024336a9e15d7f34c1f5d9 SHA256 of 2b02465b65024336a9e15d7f34c1f5d9
· Valid until 15/07/2024 · Source: AlienVault -
stix 100/100 Revoked
Zeppelin_37 SHA256 of 84cd4d896748e2d52e2e22d1a4b9ee46
· Valid until 15/07/2024 · Source: AlienVault -
stix 100/100 Revoked· Valid until 20/11/2022 · Source: AlienVault
-
stix 100/100 Revoked
SHA256 of 25b37c971fd7e9e50e45691aa86e5f0a
· Valid until 15/07/2024 · Source: AlienVault
Vulnerabilities (CVE) (1)
Dell dbutil driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial-of-service (DoS), or information disclosure.
- Published
- 31/03/2022
- Modified
- 29/05/2026
Reports (1)
-
Confidence 100 18 CVEs 200 MITREs 200 Malwares 20 APTs 26 Tools