What malware does Lazarus Group use?

Lazarus Group is known to utilize WannaCry, AppleJeus, Brambul, Joanap, Fallchill in their campaigns.

Where is Lazarus Group located?

Lazarus Group originates from North Korea and is classified as State-Sponsored (General Bureau).

Legal Disclaimer:

This platform is for authorized security research and educational purposes ONLY. Scanning assets without explicit permission is illegal.

State-Sponsored APT

Advanced Persistent Threat

Lazarus Group

Origin: North Korea | Active Since: 2009

// AI Dossier Summary

Lazarus Group (also known as APT38 or Hidden Cobra) is a highly sophisticated, state-sponsored advanced persistent threat (APT) originating from North Korea.

// Group Fingerprint

Primary Name: Lazarus Group
Known Aliases: APT38, Hidden Cobra, Zinc, Diamond Sleet
State Sponsor: State-Sponsored (General Bureau)
Motivations: Espionage, Financial Theft, Data Destruction
Primary Targets: Financial Institutions, Cryptocurrency Exchanges, Defense Contractors
Active Since: 2009

// Tradecraft & Arsenal

Known Malware Arsenal

WannaCry
AppleJeus
Brambul
Joanap
Fallchill

Target Industries

Financial Institutions
Cryptocurrency Exchanges
Defense Contractors

MITRE ATT&CK Mapping

T1190Exploit Public-Facing Application
T1059Command and Scripting Interpreter
T1486Data Encrypted for Impact