Lazarus Group's ScoringMathTea RAT: Deep-Dive Analysis

A new technical analysis by malware researcher 0x0d4y reveals the inner workings of ScoringMathTea, a sophisticated RAT attributed to the Lazarus Group. The RAT features a modular architecture, advanced obfuscation techniques, and a reflective plugin loader designed to evade detection. The analysis builds on previous research uncovering a campaign targeting UAV technology developers. ScoringMathTea's capabilities include remote command execution, dynamic API resolution, and multi-layered C2 encryption. The malware's sophistication underscores the technical investment by state-aligned threat actors in pursuit of strategic intelligence.