SYMBOLCOMMON_NAMEaka. SYNONYMS
osx.manuscrypt (Back to overview)

Manuscrypt

Actor(s): Lazarus Group

There is no description at this point.

References
2021-03-21BlackberryBlackberry Research
2021 Threat Report
Bashlite FritzFrog IPStorm Mirai Tsunami elf.wellmess AppleJeus Dacls EvilQuest Manuscrypt Astaroth BazarBackdoor Cerber Cobalt Strike Emotet FinFisher RAT Kwampirs MimiKatz NjRAT Ryuk SmokeLoader TrickBot
2020-12-11PWC UKTwitter (@BitsOfBinary)
Tweet on macOS Manuscypt samples
Manuscrypt
2020-11-27Microstep Intelligence BureauMicrostep online research response team
钱包黑洞:Lazarus 组织近期在加密货币方面的隐蔽攻击活动
Manuscrypt
2020-10-28Twitter (@BitsOfBinary)John
Tweet on macOS version of Manuscrypt
Manuscrypt
Yara Rules
[TLP:WHITE] osx_manuscrypt_w0 (20201203 | No description)
rule osx_manuscrypt_w0 {

    meta:
        author = "AT&T Alien Labs"
        sha256 = "ccb5dc3a0e55e640fab5d6b6ac823328700836bcbe6423632428a0ead7436caf"
        tlp = "WHITE"
        malpedia_reference = "https://malpedia.caad.fkie.fraunhofer.de/details/osx.manuscrypt"
        malpedia_rule_date = "20201203"
        malpedia_hash = ""
        malpedia_version = "20201203"
        malpedia_sharing = "TLP:WHITE"
        malpedia_license = ""

   	strings:   
     		$s = { 436f6f6b69653a205f67613d25732530326425642564253032642573 }   
       condition:   
           all of them   
   }
Download all Yara Rules