| Â |
|
|||||||
|
||||||||||||||||||||||
| Â |
|
Â
|
Îïöèè òåìû |
While the filename suggests a guide on poker tactics, it is actually a designed to deliver malware to specific targets, often in the cryptocurrency or online gambling sectors [2, 3]. Summary of the Threat Threat Actor: Lazarus Group (APT38) [1].
Once active, the malware connects to a Command and Control (C2) server to download further payloads, such as: Trojanized Downloader: To fetch more specialized tools.
The user downloads and extracts Poker Stratigy.7z . It contains a legitimate-looking but malicious application [2].
When the user runs the "poker" application, the legitimate program automatically loads the malicious DLL from the same directory—a technique called DLL Side-Loading [2].
While the filename suggests a guide on poker tactics, it is actually a designed to deliver malware to specific targets, often in the cryptocurrency or online gambling sectors [2, 3]. Summary of the Threat Threat Actor: Lazarus Group (APT38) [1].
Once active, the malware connects to a Command and Control (C2) server to download further payloads, such as: Trojanized Downloader: To fetch more specialized tools.
The user downloads and extracts Poker Stratigy.7z . It contains a legitimate-looking but malicious application [2].
When the user runs the "poker" application, the legitimate program automatically loads the malicious DLL from the same directory—a technique called DLL Side-Loading [2].
|
|
|
|
