Volgmer
Essential information
- Confidence
- 100/100
- Is family
- Yes
- Published
- 16/01/2018 17:13
- Modified
- 27/03/2026 01:03
- Revoked
- No
- Author / Source
- The MITRE Corporation
- Related entities
- 27 attack patterns (mitre), 2 intrusion sets (apt), 13 indicators, 1 reports
Description
Marking (TLP)
TLP:CLEAR Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.
External references
Related entities
Attack patterns, malware, vulnerabilities, indicators, intrusion sets and other entities linked to this malware.
Attack patterns (MITRE) (27)
-
-
T1566 usesPhishing MITRE
-
T1547 usesBoot or Logon Autostart Execution MITRE
-
T1012 usesQuery Registry MITRE
-
T1112 usesModify Registry MITRE
-
T1070.004 usesFile Deletion MITRE
-
T1070 usesIndicator Removal MITRE
-
T1083 usesFile and Directory Discovery MITRE
-
T1106 usesNative API MITRE
-
T1059.003 usesWindows Command Shell MITRE
-
T1057 usesProcess Discovery MITRE
-
T1573.002 usesAsymmetric Cryptography MITRE
Intrusion sets (APT) (2)
-
Lazarus usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
The MITRE Corporation Confidence 100
[Lazarus Group](https://attack.mitre.org/groups/G0032) is a North Korean state-sponsored cyber threat group attributed to the Reconnaissance General Bureau (RGB). (Citation: US-CERT HIDDEN COBRA June 2017) (Citation: Treasury North Korean Cyber…
First seen 01/01/1970 · Last seen 16/11/5138 ·
Indicators (13)
-
stix 100/100 Revoked
Armadillov1xxv2xx SHA256 of 9a5fa5c5f3915b2297a1c379be9979f0
· Valid until 18/01/2025 · Source: AlienVault -
stix 100/100 Revoked
SHA256 of 570a4253ae80ee8c2b6b23386e273f3a
· Valid until 18/01/2025 · Source: AlienVault -
stix 100/100 Revoked
Armadillov1xxv2xx SHA256 of 64965a88e819fb93dbabafc4e3ad7b6c
· Valid until 18/01/2025 · Source: AlienVault -
stix 100/100 Revoked
SHA256 of 5dd1ccc8fb2a5615bf5656721339efed
· Valid until 18/01/2025 · Source: AlienVault -
stix 100/100 Revoked
SHA256 of b1225fa644eebafba07f0f5e404bd4fd
· Valid until 18/01/2025 · Source: AlienVault -
stix 100/100 Revoked
Backdoor:Win32/Joanap.I!dha SHA256 of 35f9cfe5110471a82e330d904c97466a
· Valid until 18/01/2025 · Source: AlienVault -
stix 100/100 Revoked
Backdoor:Win32/Joanap.I!dha SHA256 of e3d03829cbec1a8cca56c6ae730ba9a8
· Valid until 18/01/2025 · Source: AlienVault -
stix 100/100 Revoked
SHA256 of 5473fa2c5823fbab2b94e8d5c44bc7b4
· Valid until 18/01/2025 · Source: AlienVault -
stix 100/100 Revoked
SHA256 of b517e7ad07d1182feb4b8f61549ff233
· Valid until 18/01/2025 · Source: AlienVault -
stix 100/100 Revoked
SHA256 of 1ecd83ee7e4cfc8fed7ceb998e75b996
· Valid until 18/01/2025 · Source: AlienVault -
stix 100/100 Revoked
SHA256 of 4753679cef5162000233d69330208420
· Valid until 18/01/2025 · Source: AlienVault -
stix 100/100 Revoked
SHA256 of 72756e6ebb8274d9352d8d1e7e505906
· Valid until 18/01/2025 · Source: AlienVault
Reports (1)
-
Confidence 100 18 CVEs 200 MITREs 200 Malwares 20 APTs 26 Tools