SYMBOLCOMMON_NAMEaka. SYNONYMS
win.quan_pin_loader (Back to overview)

QuanPinLoader

Actor(s): Lazarus Group

According to ESET Research, this is a loader that has the Mandarin Chinese symbol (yang in the Pinyin transliteration) as an icon in the resources. It also contains the string SampleIMESimplifiedQuanPin.txt, which suggests that it is probably based on the open-source project Sample IME, a TSF-based input method editor demo.

References
2025-10-23ESET ResearchAlexis Rapin, Peter Kálnai
Gotta fly: Lazarus targets the UAV sector
QuanPinLoader ScoringMathTea

There is no Yara-Signature yet.