The Andariel threat group primarily targets South Korean corporations and institutions and is known to collaborate with or operate as a subsidiary organization of the Lazarus threat group. This pertains to the Infostealer utilized in the APT attacks orchestrated by the Andariel group. This malware targets and collects information from a variety of applications, including most web browsers, email/FTP clients, and VNC programs. They primarily target national defense, defense industries, media, diplomacy, government agencies, and academic fields via spear phishing attacks with the purpose of stealing internal information and technology [4].