A spear phishing attack was conducted on some of the members of certain cryptocurrency exchanges in Korea. This attack, too , is an extension of the Lazarus campaign, disguised as a vocational document request, which was unveiled on the 20th, and is an extension of the attack vector.
Email screen used in a real attack
In the past, Lazarus threats are characterized by a lure of users with subjects and content that have nothing to do with the recipient, and can be seen as one of irregular social engineering techniques.
100 years dream greeting after 100 years.hwp
Malware Hash (MD5/SHA1/SH256)