Kimsuky is believed to be a North Korean-based threat group who have been operating since the latter half of 2013 with many campaigns being attributed to the group. The group is also known by other names including Velvet Chollima and Black Banshee. The group is using filename of autoupdate.dll is to push the users to download the malicious file which will install the malicious dll to gain access of the victim’s system.
This particular document is about the South Korea-U.S. summit held at the White House on May 21 and this keeps on leveraging to the users to keep them interested about the happenings within the region and with all the sanctions and details put up by US towards North Korea and for the stability of the region. These type of campaigns are often by threat actors to gain any sort of advantage towards their rivals and keep them interested about the happenings between US, South Korea and North Korea.
한미 정상회담(5[.]21) 참고 자료 (수정본)[.]pif