SOFTWARE
SOFTWARE
A-B
C-D
E-F
G-H
I-J
K-L
M-N
O-P
Q-R
S-T
U-V
W-X
HAPPYWORK
HAPPYWORK is a downloader used by APT37 to target South Korean government and financial victims in November 2016. [1]
ID: S0214
Type: MALWARE
Platforms: Windows
Version: 1.0
Techniques Used
| Domain | ID | Name | Use |
|---|---|---|---|
| Enterprise | T1105 | Remote File Copy |
can download and execute a second-stage payload.[1] |
| Enterprise | T1082 | System Information Discovery |
can collect system information, including computer name, system manufacturer, IsDebuggerPresent state, and execution path.[1] |
| Enterprise | T1033 | System Owner/User Discovery |
can collect the victim user name.[1] |
Groups That Use This Software
| ID | Name | References |
|---|---|---|
| G0067 | APT37 | [1] |