2025-06-09
Sakai
대북관계자를 노리는 북한 해킹 단체 리퍼(Reaper)에서 만든 악성코드-국가정보와 방첩 원고.lnk(2025.6.3)
#APT37
#LNK
#RokRAT
APT37
"APT37 has likely been active since at least 2012 and focuses on targeting the public and private sectors primarily in South Korea. In 2017, APT37 expanded its targeting beyond the Korean peninsula to include Japan, Vietnam and the Middle East, and to a wider range of industry verticals, including chemicals, electronics, manufacturing, aerospace, automotive and healthcare entities"
- malpedia, https://malpedia.caad.fkie.fraunhofer.de/actor/apt37
Also known as
Name | Named by | AKA | First seen | Last seen |
---|---|---|---|---|
APT-C-28 | Qihoo360 | ScarCruft | 2019-06-01 | 2025-02-19 |
APT37 | Mandiant | ScarCruft | 2018-02-20 | 2025-06-27 |
ATK4 | ThalesGroup | APT37 | 2019-10-07 | 2022-05-31 |
BlackShoggoth | PWC | APT37 | 2020-03-03 | 2021-02-28 |
EarthManticore | TrendMicro | APT37 | 2025-03-18 | 2025-03-18 |
G0067 | MITRE | APT37 | 2018-04-18 | 2018-04-18 |
Group123 | CiscoTalos | ScarCruft | 2018-01-16 | 2025-05-14 |
ITG10 | IBM | ScarCruft | 2021-10-23 | 2023-06-06 |
InkySquid | Volexity | ScarCruft | 2021-08-17 | 2023-01-04 |
NickelFoxcroft | SecureWorks | ScarCruft | - | 2024-10-08 |
RedEyes | Ahnlab | ScarCruft | 2018-02-21 | 2024-05-07 |
RicochetChollima | CrowdStrike | ScarCruft | 2019-02-19 | 2025-03-17 |
ScarCruft | Kaspersky | - | 2016-06-17 | 2025-01-20 |
SquidWerewolf | BiZone | APT37 | 2025-03-12 | 2025-03-12 |
TEMP.Reaper | Mandiant | ScarCruft | 2018-02-03 | 2024-04-09 |
금성121 | ESTSecurity | ScarCruft | 2018-07-04 | 2023-09-19 |