Malware: TYPEFRAME

Description

[TYPEFRAME](https://attack.mitre.org/software/S0263) is a remote access tool that has been used by [Lazarus Group](https://attack.mitre.org/groups/G0032). (Citation: US-CERT TYPEFRAME June 2018)

External References

• mitre-attack
• US-CERT TYPEFRAME June 2018

Techniques Used by This Malware

• T1027.011 — Fileless Storage
• T1027.013 — Encrypted/Encoded File
• T1059.003 — Windows Command Shell
• T1059.005 — Visual Basic
• T1070.004 — File Deletion
• T1082 — System Information Discovery
• T1083 — File and Directory Discovery
• T1090 — Proxy
• T1105 — Ingress Tool Transfer
• T1112 — Modify Registry
• T1140 — Deobfuscate/Decode Files or Information
• T1204.002 — Malicious File
• T1543.003 — Windows Service
• T1562.004 — Disable or Modify System Firewall
• T1571 — Non-Standard Port

APT Groups Using This Malware

• Lazarus Group