Contopee

Description

(SecurityWeek) Aside from commonalities in the tools used to spread WannaCry, there are also a number of links between WannaCry itself and Lazarus. The ransomware shares some code with Backdoor.Contopee, malware that has previously been linked to Lazarus. One variant of Contopee uses a custom SSL implementation, with an identical cipher suite, which is also used by WannaCry. The cipher suite in both samples has the same set of 75 different ciphers to choose from (as opposed to OpenSSL where there are over 300).

Names

Name
Contopee
WHITEOUT

Type

Backdoor

Information

https://www.securityweek.com/wannacry-highly-likely-work-north-korean-linked-hackers-symantec-says

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.contopee

Other Information

Uuid

673de8e6-d8c0-4a01-882d-91f2007c751a

Last Card Change

2020-04-23

Threat Intelligence Garden

Explorer

Contopee

Contopee

Description

Names

Category

Type

Information

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks