SOFTWARE
SOFTWARE
A-B
C-D
E-F
G-H
I-J
K-L
M-N
O-P
Q-R
S-T
U-V
W-X
HAPPYWORK
HAPPYWORK is a downloader used by APT37 to target South Korean government and financial victims in November 2016. [1]
ID: S0214
Type: MALWARE
Platforms: Windows
Version: 1.0
Techniques Used
Domain | ID | Name | Use |
---|---|---|---|
Enterprise | T1105 | Remote File Copy |
can download and execute a second-stage payload.[1] |
Enterprise | T1082 | System Information Discovery |
can collect system information, including computer name, system manufacturer, IsDebuggerPresent state, and execution path.[1] |
Enterprise | T1033 | System Owner/User Discovery |
can collect the victim user name.[1] |
Groups That Use This Software
ID | Name | References |
---|---|---|
G0067 | APT37 | [1] |