BLINDINGCAN
Essential information
- Confidence
- 100/100
- Is family
- Yes
- Published
- 27/10/2020 19:45
- Modified
- 27/03/2026 01:02
- Revoked
- No
- Author / Source
- The MITRE Corporation
- Related entities
- 53 attack patterns (mitre), 2 intrusion sets (apt), 8 sectors, 6 countries, 45 indicators, 1 vulnerabilities (cve), 1 reports
Description
Marking (TLP)
TLP:CLEAR Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.
External references
Related entities
Attack patterns, malware, vulnerabilities, indicators, intrusion sets and other entities linked to this malware.
Attack patterns (MITRE) (53)
Intrusion sets (APT) (2)
-
The MITRE Corporation Confidence 100
[Lazarus Group](https://attack.mitre.org/groups/G0032) is a North Korean state-sponsored cyber threat group attributed to the Reconnaissance General Bureau (RGB). (Citation: US-CERT HIDDEN COBRA June 2017) (Citation: Treasury North Korean Cyber…
First seen 01/01/1970 · Last seen 16/11/5138 · -
Lazarus usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
Sectors (8)
-
Defense targets
-
Road transport targets
-
Universities targets
-
Government targets
-
Media targets
-
Air transport targets
-
Political parties targets
-
Technology targets
Countries (6)
-
Taiwan targets
-
Belgium targets
-
Hong Kong targets
-
Cyprus targets
-
United States of America targets
-
Netherlands targets
Indicators (45)
-
stix 100/100 Revoked
SHA256 of b23b0de308e55cbf14179d59adee5fcb
· Valid until 15/07/2024 · Source: AlienVault -
stix 100/100 Revoked
SLF:SCPT:OffRelAttachedTemplateHttp.A SHA256 of 56470e113479eacda081c2eeead153bf
· Valid until 15/07/2024 · Source: AlienVault -
stix 100/100 Revoked
SHA256 of 5f4fbd57319bd0d2df31131e864fdda9590a652d
· Valid until 07/01/2024 · Source: AlienVault -
stix 100/100 Revoked
LZMA SHA256 of 075fba0c098d86d9f22b8ea8c3033207
· Valid until 15/07/2024 · Source: AlienVault -
stix 100/100 Revoked
TELPER:Trojan:Win32/ShortWick.B!dha SHA256 of dd185e2bb02b21e59fb958a4e12689a7
· Valid until 15/07/2024 · Source: AlienVault -
stix 100/100 Revoked
SLF:SCPT:OffRelAttachedTemplateHttp.A SHA256 of 4c239a926676087e31d82e79e838ced1
· Valid until 15/07/2024 · Source: AlienVault -
stix 100/100 Revoked
SLF:SCPT:OffRelAttachedTemplateHttp.A SHA256 of 2449f61195e39f6264d4244dfa1d1613 SHA256 of 2449f61195e39f6264d4244dfa1d1613
· Valid until 15/07/2024 · Source: AlienVault -
stix 100/100 Revoked
LZMA SHA256 of e9d89d1364bd73327e266d673d6c8acf
· Valid until 15/07/2024 · Source: AlienVault -
stix 100/100 Revoked· Valid until 20/11/2022 · Source: AlienVault
Vulnerabilities (CVE) (1)
Dell dbutil driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial-of-service (DoS), or information disclosure.
- Published
- 31/03/2022
- Modified
- 29/05/2026
Reports (1)
-
Confidence 100 18 CVEs 200 MITREs 200 Malwares 20 APTs 26 Tools