S0349 · threatengine.sh

Home/Tool / Malware/LaZagne

Tool / Malware

LaZagne

S0349 · Linux, macOS, Windows

LaZagne is a post-exploitation, open-source tool used to recover stored passwords on a system. It has modules for Windows, Linux, and OSX, but is mainly focused on Windows systems. LaZagne is publicly available on GitHub.

ATT&CK S0349 22 actors documented 1 indicators

Sigma rules3 YARA rules3 Live IOCs1

◆

Actors Using This

chinaMustang Panda
chinaFlax Typhoon
chinaGALLIUM
russiaGamaredon Group
north_koreaKimsuky
iranMuddyWater
chinaSalt Typhoon
chinaSilk Typhoon
chinaToddyCat
chinaAPT10
chinaAPT31
iranAPT35
north_koreaAPT37
chinaTropic Trooper
north_koreaAndariel
iranAPT33
iranAPT39
north_koreaContagious Interview
chinaNaikon
iranOilRig
north_koreaAPT38
chinaAPT40

⚊

Live Indicators

1 total

Indicators are defanged for safe handling. Newest first.

Show indicators (1)

urlhxxp://195.16.44.75:8080/LaZagne.exe2026-02-23 07:12:20 UTC

Aliases

LaZagne

Intelligence Graph · click any node to traverse

CVETechnique ActorTool Family

drag to reposition · click any node to traverse · button top-right enlarges

External lookups - second-class, for what we don’t hold ourselves

MITRE ATT&CK Malpedia MalwareBazaar ThreatFox

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin