KGH_SPY-lazarusholic

#KGH_SPY

Tool/Malware

KGH_SPY is a modular suite of tools used by Kimsuky for reconnaissance, information stealing, and backdoor capabilities. KGH_SPY derived its name from PDB paths and internal names found in samples containing "KGH".

https://attack.mitre.org/software/S0526/

Reports

2020-11-02
Cybereason
Back to the Future: Inside the Kimsuky KGH Spyware Suite
#Kimsuky #KGH_SPY