S0681Windows

S0681Lizar

Platforms
1
ATT&CK
14.1
References
4

Description

[Lizar](https://attack.mitre.org/software/S0681) is a modular remote access tool written using the .NET Framework that shares structural similarities to [Carbanak](https://attack.mitre.org/software/S0030). It has likely been used by [FIN7](https://attack.mitre.org/groups/G0046) since at least February 2021.(Citation: BiZone Lizar May 2021)(Citation: Threatpost Lizar May 2021)(Citation: Gemini FIN7 Oct 2021)

Platforms· 1

Windows

References

  1. https://attack.mitre.org/software/S0681
  2. https://bi-zone.medium.com/from-pentest-to-apt-attack-cybercriminal-group-fin7-disguises-its-malware-as-an-ethical-hackers-c23c9a75e319
  3. https://geminiadvisory.io/fin7-ransomware-bastion-secure/
  4. https://threatpost.com/fin7-backdoor-ethical-hacking-tool/166194/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
DRATzarus
Software
JSS Loader
Software
Torisma
Software
Elise
Software
Zox
Software
QuasarRAT
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.