LazyScripter

Description

(Malwarebytes) Malwarebytes’ Threat Intelligence analysts are continually researching and monitoring active malware campaigns and actor groups as the prevalence and sophistication of targeted attacks rapidly evolves. In this paper, we introduce a new APT group we have named LazyScripter, presenting in-depth analysis of the tactics, techniques, procedures, and infrastructure employed by this actor group.

Names

Name	Name-Giver
LazyScripter	Malwarebytes

Country

Unknown

Motivation

Information theft and espionage

First Seen

2018

Observed Sectors

Aviation

Observed Countries

Canada

Tools

Adwind
EmpireProject
Empoder
Invoke-Ngrok
Koadic
KOCTOPUS
Luminosity RAT
Nishang
njRAT
Octopus
QuasarRAT
RemcosRAT
RMS

Information

https://resources.malwarebytes.com/files/2021/02/LazyScripter.pdf

Mitre Attack

https://attack.mitre.org/groups/G0140/

Other Information

Uuid

84510b1b-3499-4a9f-bbeb-90b391e3d2cf

Last Card Change

2022-12-30

Threat Intelligence Garden

Explorer

LazyScripter

LazyScripter

Description

Names

Country

Motivation

First Seen

Observed Sectors

Observed Countries

Tools

Information

Mitre Attack

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks