Malware: DOGCALL

Description

[DOGCALL](https://attack.mitre.org/software/S0213) is a backdoor used by [APT37](https://attack.mitre.org/groups/G0067) that has been used to target South Korean government and military organizations in 2017. It is typically dropped using a Hangul Word Processor (HWP) exploit. (Citation: FireEye APT37 Feb 2018)

External References

• mitre-attack
• FireEye APT37 Feb 2018

Techniques Used by This Malware

• T1027.013 — Encrypted/Encoded File
• T1056.001 — Keylogging
• T1102.002 — Bidirectional Communication
• T1105 — Ingress Tool Transfer
• T1113 — Screen Capture
• T1123 — Audio Capture

APT Groups Using This Malware

• APT37