SYMBOLCOMMON_NAMEaka. SYNONYMS
win.blindtoad (Back to overview)

BLINDTOAD

Actor(s): Lazarus Group


BLINDTOAD is 64-bit Service DLL that loads an encrypted file from disk and executes it in memory.

References
2020-05-04ADEO DFIRADEO DFIR
APT38 Lazarus Threat Analysis Report
BLINDTOAD ELECTRICFISH
2018-11-20Trend MicroJoelson Soares, Lenart Bermejo
Lazarus Continues Heists, Mounts Attacks on Financial Organizations in Latin America
BLINDTOAD
2018-01-01FireEyeFireEye
APT38
Bitsran BLINDTOAD BOOTWRECK Contopee DarkComet DYEPACK HOTWAX NESTEGG PowerRatankba REDSHAWL WORMHOLE Lazarus Group
2017-10-16BAE SystemsHirman Muhammad bin Abu Bakar, James Wong, Sergei Shevchenko
Taiwan Heist: Lazarus Tools and Ransomware
BLINDTOAD Lazarus Group

There is no Yara-Signature yet.