GOLDDRAGON (170c57a6-326b-4d6a-9f3f-158a0e29abf2)
GOLDDRAGON is a downloader written in C that retrieves a payload from a remote server via HTTP. The downloaded payload is written to disk and executed. GOLDDRAGON also extracts a payload from a Hangul Word Processor document and writes it to a startup directory. As a result, the new file is executed when the current user logs in. Availability: Non-public
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| GOLDDRAGON (170c57a6-326b-4d6a-9f3f-158a0e29abf2) | Tool | APT43 (aac49b4e-74e9-49fa-84f9-e340cf8bafbc) | Threat Actor | 1 |
| GOLDDRAGON (170c57a6-326b-4d6a-9f3f-158a0e29abf2) | Tool | GoldDragon (2297799c-f93c-4903-b9af-32b6b599912c) | Malpedia | 1 |