Intezer - Intezer Analyze Community Roundup

Intezer Analyze community roundup

Written by Intezer
Join our free communityGet started
Share Article

Maze ransomware, APT41 and Lazarus highlight this month’s community samples

1. More_eggs variant with low Antivirus detections has modified string encoding mechanisms and other code changes

2. Penguin Turla sample shares 75 percent of its code with a sample first reported by Kaspersky in 2014

3. DragonOK (Chinese APT group) sample compiled in 2016 with no clear classification in VirusTotal shares 90 percent of its code with previously reported samples

4. Mozi malware sample first reported by CenturyLink. Like most IoT botnets this sample shares code with Mirai

5. Maze ransomware gets creative with its PDB paths “C:\Wuhan\Lab\coronashit.pdb”

6. Domestic Kitten first reported by Blackberry shares code with previous Dalvik samples from the same Iranian APT group

7. Carbanak variant unclassified on VirusTotal. Shares over 90 percent of its code with previous samples

8. Destover malware used by Lazarus group

Not an Intezer Analyze community user? Sign up for free at to detect and classify malicious software in seconds.


Revealing the “genetic" origins of software, Intezer introduces a new way to detect and respond to cyber threats. Intezer offers enterprises advanced solutions to detect modern cyber attacks, while providing deep context for effective response.

© 2020 All rights reserved