Threat Landscape Dashboard

Assessing today's threats and the relationships between them

Operation Hidden Python

The operation targets victims with a compressed file containing a malicious .hwp document and an executable that attempt to take advantage of a flaw in WinRAR. The archive file is labeled "North America Second Summit .rar" and is password protected to avoid detection. Once executed by the victim the malware creates a startup task and is active once the infected system is rebooted.
Name Modified Date Sources
Operation Hidden Python 2019-04-25