🇰🇵
Contagious Interview
APT Group
ETDA ✓
Also Known As 6 names
Gwisin Gang
DeceptiveDevelopment
TAG-121
DEV#POPPER
PurpleBravo
Tenacious Pungsan
Target Countries 3
Countries highlighted in red
Honduras
India
United States
Sectors Targeted
Public Relations Agencies
54182
Employment Placement Agencies and Executive Search Services
56131
Computer Systems Design and Related Services
54151
Computer Systems Design Services
541512
Motion Picture and Video Production
51211
Photographic Services
54192
Human Resources Consulting Services
541612
Details
Origin
🇰🇵 KP
Last Updated
21 Mar 2026
Malware Families 1
forest_tiger
MITRE ATT&CK 94
T1005 - Data from Local System
T1027 - Obfuscated Files or Information
T1027.010
T1027.013
T1036 - Masquerading
T1036.005 - Match Legitimate Name or Location
T1041 - Exfiltration Over C2 Channel
T1048
T1048.003
T1056 - Input Capture
T1057 - Process Discovery
T1059 - Command and Scripting Interpreter
T1059.003 - Windows Command Shell
T1059.004
T1059.005
T1059.006 - Python
T1059.007 - JavaScript
T1070
T1070.004
T1071 - Application Layer Protocol
T1071.001 - Web Protocols
T1071.003
T1074 - Data Staged
T1074.001 - Local Data Staging
T1082 - System Information Discovery
T1083 - File and Directory Discovery
T1090
T1105 - Ingress Tool Transfer
T1106 - Native API
T1115 - Clipboard Data
T1119 - Automated Collection
T1134 - Access Token Manipulation
T1140 - Deobfuscate/Decode Files or Information
T1176 - Browser Extensions
T1195.001 - Compromise Software Dependencies and Development Tools
T1204 - User Execution
T1204.001
T1204.002 - Malicious File
T1204.004
T1204.005
T1217 - Browser Bookmark Discovery
T1219
T1219.002
T1480
T1486 - Data Encrypted for Impact
T1496 - Resource Hijacking
T1497 - Virtualization/Sandbox Evasion
T1543
T1543.001
T1546
T1546.004
T1547 - Boot or Logon Autostart Execution
T1547.001
T1547.013
T1555 - Credentials from Password Stores
T1555.001
T1555.003 - Credentials from Web Browsers
T1555.005 - Password Managers
T1562
T1562.001
T1566 - Phishing
T1566.003
T1567 - Exfiltration Over Web Service
T1567.002
T1571
T1573
T1573.001
T1583
T1583.001
T1583.003
T1583.006
T1585
T1585.001
T1585.002
T1587
T1587.001
T1588
T1588.002
T1588.007
T1589
T1593
T1593.001
T1593.003
T1608
T1608.001 - Upload Malware
T1656
T1657
T1681
T1683
T1683.001
T1683.002
T1684
T1684.001
T1685