Domain | ID | Name | Use | |
---|---|---|---|---|
Enterprise | T1189 | Drive-by Compromise |
KARAE was distributed through torrent file-sharing websites to South Korean victims, using a YouTube video downloader application as a lure.[1] |
|
Enterprise | T1105 | Ingress Tool Transfer |
KARAE can upload and download files, including second-stage malware.[1] |
|
Enterprise | T1082 | System Information Discovery | ||
Enterprise | T1102 | .002 | Web Service: Bidirectional Communication |
KARAE can use public cloud-based storage providers for command and control.[1] |
ID | Name | References |
---|---|---|
G0067 | APT37 |