SYMBOLCOMMON_NAMEaka. SYNONYMS
py.lazagne (Back to overview)

LaZagne

The author described LaZagne as an open source project used to retrieve lots of passwords stored on a local computer. It has been developed for the purpose of finding these passwords for the most commonly-used software. It is written in Python and provided as compiled standalone binaries for Linux, Mac, and Windows.

References
2023-04-03MandiantJASON DEYALSINGH, NICK SMITH, Eduardo Mattos, Tyler McLellan, Nick Richard
@online{deyalsingh:20230403:alphv:04f0dfa, author = {JASON DEYALSINGH and NICK SMITH and Eduardo Mattos and Tyler McLellan and Nick Richard}, title = {{ALPHV Ransomware Affiliate Targets Vulnerable Backup Installations to Gain Initial Access}}, date = {2023-04-03}, organization = {Mandiant}, url = {https://www.mandiant.com/resources/blog/alphv-ransomware-backup}, language = {English}, urldate = {2023-04-22} } ALPHV Ransomware Affiliate Targets Vulnerable Backup Installations to Gain Initial Access
LaZagne BlackCat MimiKatz
2022-10-03Kaspersky LabsGReAT
@online{great:20221003:defttorero:da8a03c, author = {GReAT}, title = {{DeftTorero: tactics, techniques and procedures of intrusions revealed}}, date = {2022-10-03}, organization = {Kaspersky Labs}, url = {https://securelist.com/defttorero-tactics-techniques-and-procedures/107610/}, language = {English}, urldate = {2022-10-07} } DeftTorero: tactics, techniques and procedures of intrusions revealed
Nightrunner Tunna ASPXSpy LaZagne ExplosiveRAT reGeorg Volatile Cedar
2022-06-20Infinitum ITinfinitum IT
@online{it:20220620:charming:b356ff2, author = {infinitum IT}, title = {{Charming Kitten (APT35)}}, date = {2022-06-20}, organization = {Infinitum IT}, url = {https://www.infinitumit.com.tr/apt-35/}, language = {Turkish}, urldate = {2022-06-22} } Charming Kitten (APT35)
LaZagne DownPaper MimiKatz pupy
2022-05-17Trend MicroTrend Micro Research
@online{research:20220517:ransomware:7b86339, author = {Trend Micro Research}, title = {{Ransomware Spotlight: RansomEXX}}, date = {2022-05-17}, organization = {Trend Micro}, url = {https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-ransomexx}, language = {English}, urldate = {2022-05-25} } Ransomware Spotlight: RansomEXX
LaZagne Cobalt Strike IcedID MimiKatz PyXie RansomEXX TrickBot
2022-05-09The DFIR ReportThe DFIR Report
@online{report:20220509:seo:cc8b1c2, author = {The DFIR Report}, title = {{SEO Poisoning – A Gootloader Story}}, date = {2022-05-09}, organization = {The DFIR Report}, url = {https://thedfirreport.com/2022/05/09/seo-poisoning-a-gootloader-story/}, language = {English}, urldate = {2022-06-09} } SEO Poisoning – A Gootloader Story
GootLoader LaZagne Cobalt Strike GootKit
2021-01-09Marco Ramilli's BlogMarco Ramilli
@online{ramilli:20210109:command:d720b27, author = {Marco Ramilli}, title = {{Command and Control Traffic Patterns}}, date = {2021-01-09}, organization = {Marco Ramilli's Blog}, url = {https://marcoramilli.com/2021/01/09/c2-traffic-patterns-personal-notes/}, language = {English}, urldate = {2021-05-17} } Command and Control Traffic Patterns
ostap LaZagne Agent Tesla Azorult Buer Cobalt Strike DanaBot DarkComet Dridex Emotet Formbook IcedID ISFB NetWire RC PlugX Quasar RAT SmokeLoader TrickBot
2020-11-30YoroiLuigi Martire, Antonio Pirozzi, Luca Mella
@online{martire:20201130:shadows:2ef4813, author = {Luigi Martire and Antonio Pirozzi and Luca Mella}, title = {{Shadows From The Past Threaten Italian Enterprises}}, date = {2020-11-30}, organization = {Yoroi}, url = {https://yoroi.company/research/shadows-from-the-past-threaten-italian-enterprises/}, language = {English}, urldate = {2021-06-16} } Shadows From The Past Threaten Italian Enterprises
Rekoobe LaZagne Responder MimiKatz win.rekoobe
2020-11-20Trend MicroAbraham Camba, Bren Matthew Ebriega, Gilbert Sison
@online{camba:20201120:weaponizing:e15699d, author = {Abraham Camba and Bren Matthew Ebriega and Gilbert Sison}, title = {{Weaponizing Open Source Software for Targeted Attacks}}, date = {2020-11-20}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/20/k/weaponizing-open-source-software-for-targeted-attacks.html}, language = {English}, urldate = {2020-11-23} } Weaponizing Open Source Software for Targeted Attacks
LaZagne Defray PlugX
2020-09-14Github (AlessandroZ)AlessandroZ
@online{alessandroz:20200914:lazagne:b0b9e44, author = {AlessandroZ}, title = {{The LaZagne Project !!!}}, date = {2020-09-14}, organization = {Github (AlessandroZ)}, url = {https://github.com/AlessandroZ/LaZagne}, language = {English}, urldate = {2020-10-28} } The LaZagne Project !!!
LaZagne
2020-08Group-IBGroup-IB
@techreport{groupib:202008:redcurl:f95e316, author = {Group-IB}, title = {{RedCurl: The pentest you didn’t know about}}, date = {2020-08}, institution = {Group-IB}, url = {https://edu.anarcho-copy.org/Against%20Security%20&%20%20Self%20Security/Group-IB%20RedCurl.pdf}, language = {English}, urldate = {2021-03-02} } RedCurl: The pentest you didn’t know about
LaZagne
2020-05-08MITREMITRE ATT&CK
@online{attck:20200508:inception:a4454ac, author = {MITRE ATT&CK}, title = {{Inception}}, date = {2020-05-08}, organization = {MITRE}, url = {https://attack.mitre.org/groups/G0100/}, language = {English}, urldate = {2022-07-05} } Inception
PowerShower LaZagne
2020-05-08MITREMITRE ATT&CK
@online{attck:20200508:inception:354e1e3, author = {MITRE ATT&CK}, title = {{Inception}}, date = {2020-05-08}, organization = {MITRE}, url = {https://attack.mitre.org/groups/G0100}, language = {English}, urldate = {2022-08-26} } Inception
PowerShower LaZagne Inception Framework

There is no Yara-Signature yet.