DOGCALL

DOGCALL is a backdoor used by ScarCruft that has been used to target South Korean government and military organizations in 2017. It is typically dropped using a Hangul Word Processor (HWP) exploit. [1]

ID: S0213
Aliases: DOGCALL
Type: MALWARE
Platforms: Windows

Version: 1.0

Alias Descriptions

NameDescription
DOGCALL[1]

Techniques Used

DomainIDNameUse
EnterpriseT1056Input CaptureDOGCALL is capable of logging keystrokes.[1]
EnterpriseT1113Screen CaptureDOGCALL is capable of capturing screenshots.[1]
EnterpriseT1102Web ServiceDOGCALL is capable of leveraging cloud storage APIs such as Cloud, Box, Dropbox, and Yandex for C2.[1]

Groups

Groups that use this software:

APT37

References