LETS BURN SOME North Korean info
Contents
You know what ? Today I woke up strange.
So LETS BURN SOME North Korean info! Lets see how their backend works. Shall we ? I am going to yolo explain what is happening here (as with most of my research), and if my ADHD mind does not distrupt me it should take 10 minutes!
Vangelis tix Stykas
Vangelis tix Stykas
@evstykas
Jun 18
View on Twitter
Wannna see a magic trick ?
Show this thread
#apt #NorthKorea #DPRK and other scary hashtags apply!
https://gist.github.com/tix/a0c306c788c40271e1d3d523ee28bf6c… here is a gist with a gist of the backend server code that will serve the malware. Take your time and read the code (if you are bored like me feed it to chatgpt and it will mostly explain it to you).
GitHub Gist: instantly share code, notes, and snippets.
gist.github.com/tix/a0c306c788…
notlazarus.js
What are the interesting parts ?
1) We can see all the emails from threat actors. Those are emails that will receive emails (that we will see …
So LETS BURN SOME North Korean info! Lets see how their backend works. Shall we ? I am going to yolo explain what is happening here (as with most of my research), and if my ADHD mind does not distrupt me it should take 10 minutes!
Vangelis tix Stykas
Vangelis tix Stykas
@evstykas
Jun 18
View on Twitter
Wannna see a magic trick ?
Show this thread
#apt #NorthKorea #DPRK and other scary hashtags apply!
https://gist.github.com/tix/a0c306c788c40271e1d3d523ee28bf6c… here is a gist with a gist of the backend server code that will serve the malware. Take your time and read the code (if you are bored like me feed it to chatgpt and it will mostly explain it to you).
GitHub Gist: instantly share code, notes, and snippets.
gist.github.com/tix/a0c306c788…
notlazarus.js
What are the interesting parts ?
1) We can see all the emails from threat actors. Those are emails that will receive emails (that we will see …