© All rights reserved.
Cyber Struggle Cyber Struggle
  • Home
  • Company
    • About Us
    • CS Manifesto
    • Open Letter for Ranger Grads
    • Careers
    • Press and Media
    • Contact Us
    • GDPR Notification
  • Certifications
    • Ranger Certification
      • Ranger Certification
      • Ranger Grad Feedbacks
    • Aegis Certification
    • Contemporary Certifications
      • Cyber Struggle Tactical Pistol Operator
  • For Corporates
  • Resources
    • Articles
    • Threat Reports
    • Tools
    • Announcements
  • Community
    • Community Programs
      • Ribbon Program
    • Delta Group
0
Cyber Struggle

APT37 New Year Attack

By cyberstruggle inArticles, Delta Group

Executive Summary

This is the analysis report of a sample which is tied to a campaign conducted against South Korean Unification Ministry – 1 January 2019. We have identified that aforementioned malware possess information collection capabilities. We also suspect that the malware possesses remote command execution capabilities. Anti analysis techniques are employed. Considering this information, we are confident that the implant functions as a spyware. Although having several distinctive features, tradecraft of this implant is similar to those from “Operation Kimsuky”.

You can download the report here

Download Report
apt37cyber strugglecyber struggle rangerdelta groupmalwaremalware analysisthreat intelligence
  • WannaCry Dropper Analysis
    Previous PostWannaCry Dropper Analysis
  • Next PostBankshot Dropper Analysis
    WannaCry Dropper Analysis

Related Posts

Ratelimit Bypass Tool: Whitepass
Announcements Articles Delta Group

Ratelimit Bypass Tool: Whitepass

Credential Dumping Tool: Chalumeau
Announcements Articles Delta Group

Credential Dumping Tool: Chalumeau

Microsoft ATA Evasion (Over PTH, Golden Ticket)
Articles Delta Group

Microsoft ATA Evasion (Over PTH, Golden Ticket)

Microsoft SMBv3 Remote Code Execution Vulnerability Overview CVE-2020-0796
Articles Delta Group

Microsoft SMBv3 Remote Code Execution Vulnerability Overview CVE-2020-0796

Leave a Reply (Cancel reply)

Your email address will not be published. Required fields are marked *

*
*

eight + fourteen =

image
F.A.Q
Support Forum
Video Tutorials

Search panel can contain any widgets and shortcodes.

Call us: 0 800 255 22 55
Copy