2024-11-04
Rewterz
APT37 aka ScarCruft or RedEyes – Active IOCs
#APT37
#RokRAT
APT37
"APT37 has likely been active since at least 2012 and focuses on targeting the public and private sectors primarily in South Korea. In 2017, APT37 expanded its targeting beyond the Korean peninsula to include Japan, Vietnam and the Middle East, and to a wider range of industry verticals, including chemicals, electronics, manufacturing, aerospace, automotive and healthcare entities"
- malpedia, https://malpedia.caad.fkie.fraunhofer.de/actor/apt37
Also known as
Name | Named by | AKA | First seen | Last seen |
---|---|---|---|---|
APT-C-28 | Qihoo360 | ScarCruft | 2019-06-01 | 2024-04-23 |
APT37 | Mandiant | ScarCruft | 2018-02-20 | 2024-11-06 |
ATK4 | ThalesGroup | APT37 | 2019-10-07 | 2022-05-31 |
BlackShoggoth | PWC | APT37 | 2020-03-03 | 2021-02-28 |
G0067 | MITRE | APT37 | 2018-04-18 | 2018-04-18 |
Group123 | CiscoTalos | ScarCruft | 2018-01-16 | 2023-07-11 |
ITG10 | IBM | ScarCruft | 2021-10-23 | 2023-06-06 |
InkySquid | Volexity | ScarCruft | 2021-08-17 | 2023-01-04 |
NickelFoxcroft | SecureWorks | ScarCruft | - | 2024-10-08 |
RedEyes | Ahnlab | ScarCruft | 2018-02-21 | 2024-05-07 |
RicochetChollima | CrowdStrike | ScarCruft | 2019-02-19 | 2019-02-19 |
ScarCruft | Kaspersky | - | 2016-06-17 | 2024-11-08 |
TEMP.Reaper | Mandiant | ScarCruft | 2018-02-03 | 2024-04-09 |
금성121 | ESTSecurity | ScarCruft | 2018-07-04 | 2023-09-19 |