https://github.com/jpcertcc/lazarus-research

Lazarus analysis tools and research report
https://github.com/jpcertcc/lazarus-research

malware security

Last synced: about 1 year ago
JSON representation

Lazarus analysis tools and research report

Host: GitHub
URL: https://github.com/jpcertcc/lazarus-research
Owner: JPCERTCC
License: other
Created: 2021-11-24T01:51:07.000Z (over 4 years ago)
Default Branch: main
Last Pushed: 2023-12-22T05:40:27.000Z (over 2 years ago)
Last Synced: 2025-03-21T03:03:32.387Z (over 1 year ago)
Topics: malware, security
Language: Python
Homepage:
Size: 6.29 MB
Stars: 55
Watchers: 11
Forks: 11
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: License

Awesome Lists containing this project

README

# Lazarus Research

This repository publishes analysis reports and analysis tools for Operation Dream Job and Operation JTrack for Lazarus.

## Tools

Python tools for analyzing malware.

### blindingcan_rc4_post_decode.py

Python script to decode URL parameter for BLINDINGCAN_RC4.

![blindingcan_rc4_post_decode](images/blindingcan_rc4_post_decode.png)

### blindingcan_aes_post_decode.py

Python to decode POST data for BLINDINGCAN_AES.

![blindingcan_aes_post_decode](images/blindingcan_aes_post_decode.png)

## Research results

### Slides

* Hitcon 2021
- https://github.com/JPCERTCC/Lazarus-research/blob/main/slides/HITCON2021_Anatomy-of-COBRA.pdf

* CODE BLUE 2021
- https://github.com/JPCERTCC/Lazarus-research/blob/main/slides/CODEBLUE2021_The-Lazarus-Groups-Attack-Operations-Targeting-Japan.pdf

### TTPs

* MITRE ATT&CK® Mapping for Lazarus Group
- https://github.com/JPCERTCC/Lazarus-research/blob/main/TTP/MITRE_ATT%26CK_Mapping.md

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

https://github.com/jpcertcc/lazarus-research

Awesome Lists containing this project

README