SYMBOLCOMMON_NAMEaka. SYNONYMS
win.magic_rat (Back to overview)

MagicRAT

Actor(s): Lazarus Group, Silent Chollima

There is no description at this point.

References
2023-05-25YouTube (BSidesCharm)Asheer Malhotra
@online{malhotra:20230525:its:a79abe4, author = {Asheer Malhotra}, title = {{it’s all Magic(RAT) – A look into recent North Korean nation-state attacks}}, date = {2023-05-25}, organization = {YouTube (BSidesCharm)}, url = {https://www.youtube.com/watch?v=nUjxH1gW53s}, language = {English}, urldate = {2023-08-28} } it’s all Magic(RAT) – A look into recent North Korean nation-state attacks
MagicRAT VSingle YamaBot
2023-02-09NSA, FBI, CISA, HHS, ROK, DSA
@techreport{nsa:20230209:stopransomware:87d3a94, author = {NSA and FBI and CISA and HHS and ROK and DSA}, title = {{#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities}}, date = {2023-02-09}, institution = {}, url = {https://media.defense.gov/2023/Feb/09/2003159161/-1/-1/0/CSA_RANSOMWARE_ATTACKS_ON_CI_FUND_DPRK_ACTIVITIES.PDF}, language = {English}, urldate = {2023-08-25} } #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
Dtrack MagicRAT Maui Ransomware SiennaBlue SiennaPurple Tiger RAT YamaBot
2023-01-05AttackIQFrancis Guibernau, Ken Towne
@online{guibernau:20230105:emulating:04eb5ed, author = {Francis Guibernau and Ken Towne}, title = {{Emulating the Highly Sophisticated North Korean Adversary Lazarus Group}}, date = {2023-01-05}, organization = {AttackIQ}, url = {https://www.attackiq.com/2023/01/05/emulating-the-highly-sophisticated-north-korean-adversary-lazarus-group/}, language = {English}, urldate = {2023-01-10} } Emulating the Highly Sophisticated North Korean Adversary Lazarus Group
MagicRAT Tiger RAT
2022-09-08Cisco TalosJung soo An, Asheer Malhotra, Vitor Ventura
@online{an:20220908:lazarus:236b4b4, author = {Jung soo An and Asheer Malhotra and Vitor Ventura}, title = {{Lazarus and the tale of three RATs}}, date = {2022-09-08}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2022/09/lazarus-three-rats.html}, language = {English}, urldate = {2023-01-19} } Lazarus and the tale of three RATs
MagicRAT MimiKatz VSingle YamaBot
2022-09-07Cisco TalosJung soo An, Asheer Malhotra, Vitor Ventura
@online{an:20220907:magicrat:efb6a3d, author = {Jung soo An and Asheer Malhotra and Vitor Ventura}, title = {{MagicRAT: Lazarus’ latest gateway into victim networks}}, date = {2022-09-07}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2022/09/lazarus-magicrat.html}, language = {English}, urldate = {2022-09-16} } MagicRAT: Lazarus’ latest gateway into victim networks
MagicRAT Tiger RAT

There is no Yara-Signature yet.