SYMBOLCOMMON_NAMEaka. SYNONYMS
win.spygrace (Back to overview)

SpyGrace

aka: SpyGlace

Actor(s): APT-C-60

A backdoor, capable of providing shell access, loading additional payloads, interacting remotely with the file system and processes, and taking screenshots.

References
2024-12-11JPCERT/CCTomoya Kamei
Attack Exploiting Legitimate Service by APT-C-60
SpyGrace
2024-08-28ESET ResearchESET Research
ESET Research: Spy group exploits WPS Office zero day; analysis uncovers a second vulnerability
SpyGrace
2024-08-28ESET ResearchRomain Dumont
Analysis of two arbitrary code execution vulnerabilities affecting WPS Office
SpyGrace
2022-12-20ThreatBookThreatBook
Analysis of APT-C-60 Attack on South Korea
SpyGrace

There is no Yara-Signature yet.