NSHC ThreatRecon's April 2024 report identifies SectorA01, SectorA05, and SectorA07 activity during the March 21 to April 20 collection window. SectorA01 targeted India, Bangladesh, Singapore, and Hungary with LNK files disguised as job descriptions, then used malware that sent system information, added registry persistence, and executed attacker-supplied code. SectorA05 used a meeting-plan LNK lure in South Korea and downloaded follow-on malware through the Dropbox API, while SectorA07 used a document about internal North Korean affairs and launched additional AutoIt malware after execution. NSHC characterizes these SectorA campaigns as long-running collection against South Korea-related political and diplomatic activity, alongside financially motivated operations worldwide.