Source |
Malwarebytes Labs |
Identifiant |
2148073 |
Date de publication |
2021-01-06 15:14:45 (vue: 2021-01-06 15:43:46) |
Titre |
Retrohunting APT37: North Korean APT used VBA self decode technique to inject RokRat |
Texte |
A North Korean threat group has swapped the usual Hangul Office lures for a cleverly packed Office macro.
Categories: Social engineeringThreat analysis
Tags: APT37HangulkoreaOfficerokratVBA
(Read more...)
|
Envoyé |
Oui |
Condensat |
analysis appeared apt apt37: apt37hangulkoreaofficerokratvba categories: cleverly decode engineeringthreat first group hangul has inject korean labs lures macro malwarebytes more north office packed post read retrohunting rokrat self social swapped tags: technique threat used usual vba |
Tags |
Threat
Cloud
|
Stories |
APT 37
|
Notes |
|
Move |
|