APT 그룹 허브
APT37 G0067
이 그룹을 다룬 REVELARE 한국어 분석 3편 · 사용 기법 29개 · 별칭 InkySquid, ScarCruft, Reaper
이 그룹을 다룬 분석
주요 사용 기법
- T1005Data from Local System
- T1027Obfuscated Files or Information
- T1033System Owner/User Discovery
- T1055Process Injection
- T1057Process Discovery
- T1059Command and Scripting Interpreter
- T1082System Information Discovery
- T1105Ingress Tool Transfer
- T1106Native API
- T1120Peripheral Device Discovery
- T1123Audio Capture
- T1189Drive-by Compromise
- T1203Exploitation for Client Execution
- T1529System Shutdown/Reboot
MITRE 공식 정의
[APT37](https://attack.mitre.org/groups/G0067) is a North Korean state-sponsored cyber espionage group that has been active since at least 2012. The group has targeted victims primarily in South Korea, but also in Japan, Vietnam, Russia, Nepal, China, India, Romania, Kuwait, and other parts of the Middle East. [APT37](https://attack.mitre.org/groups/G0067) has also been linked to the following campaigns between 2016-2018: Operation Daybreak, Operation Erebus, Golden Time, Evi…