Reaper, also tracked as APT37, InkySquid, RedEyes, ScarCruft, and Group123, is described as using a malicious HWP-themed lure related to South Korea's twentieth presidential election and election-observer recruitment. The report frames the actor as a North Korea-linked espionage group focused on intelligence collection, reconnaissance, and cyber operations against government, military, enterprise, human-rights, and regional targets. The source provides malware-analysis context for defenders handling Korean document lures, HWP-themed filenames, and endpoint artifacts associated with the sample. Security teams should validate the hashes, execution behavior, and lure context in the archive before using the material for detection or response decisions.