Worok is a cyber espionage group, mostly targeting Central Asia. The group toolset includes a C++ loader named CLRLoad, a PowerShell backdoor named PowHeartBeat, and a C# loader named PNGLoad.
There are currently no families associated with this actor.
|2022-09-06 ⋅ ESET Research ⋅ |
Worok: The big picture
MimiKatz PNGLoad reGeorg ShadowPad Worok