The Kimsuky group installs AppleSeed and AlphaSeed via spear phishing attacks, stealing user information by taking screenshots and keylogging, and using the malware to take control over the infected system. This article discusses the case in which the Kimsuky group’s spear phishing attack was detected using AhnLab EDR. These attacks have continued for several years, and AhnLab introduced the group’s attacks in detail in past articles: “Analysis Report on Kimsuky Group’s APT Attacks (AppleSeed, PebbleDash)” [3], and the recent article “Trend Analysis on Kimsuky Group’s Attacks Using AppleSeed” [4]. The malware also includes features such as a downloader that installs additional malware strains, a keylogging, screenshot features, and the ability to steal information by collecting and sending files from the user’s system.