Lazarus Group Targets Crypto-Wallets and Financial Data while employing new Tradecrafts
Contents
Computer Science > Cryptography and Security
[Submitted on 27 May 2025 (v1), last revised 30 Jun 2025 (this version, v2)]
Title:Lazarus Group Targets Crypto-Wallets and Financial Data while employing new Tradecrafts
View PDF HTML (experimental)Abstract:This report presents a comprehensive analysis of a malicious software sample, detailing its architecture, behavioral characteristics, and underlying intent. Through static and dynamic examination, the malware core functionalities, including persistence mechanisms, command-and-control communication, and data exfiltration routines, are identified and its supporting infrastructure is mapped. By correlating observed indicators of compromise with known techniques, tactics, and procedures, this analysis situates the sample within the broader context of contemporary threat campaigns and infers the capabilities and motivations of its likely threat actor.
Building on these findings, actionable threat intelligence is provided to support proactive defenses. Threat hunting teams receive precise detection hypotheses for uncovering latent adversarial presence, while monitoring systems can refine alert logic to detect anomalous activity in real time. …
[Submitted on 27 May 2025 (v1), last revised 30 Jun 2025 (this version, v2)]
Title:Lazarus Group Targets Crypto-Wallets and Financial Data while employing new Tradecrafts
View PDF HTML (experimental)Abstract:This report presents a comprehensive analysis of a malicious software sample, detailing its architecture, behavioral characteristics, and underlying intent. Through static and dynamic examination, the malware core functionalities, including persistence mechanisms, command-and-control communication, and data exfiltration routines, are identified and its supporting infrastructure is mapped. By correlating observed indicators of compromise with known techniques, tactics, and procedures, this analysis situates the sample within the broader context of contemporary threat campaigns and infers the capabilities and motivations of its likely threat actor.
Building on these findings, actionable threat intelligence is provided to support proactive defenses. Threat hunting teams receive precise detection hypotheses for uncovering latent adversarial presence, while monitoring systems can refine alert logic to detect anomalous activity in real time. …