NSHC’s December 2022 monthly report observed SectorA activity as one of the two most prominent threat categories during the collection period from November 21 to December 20, 2022. The DPRK-relevant SectorA section identifies SectorA02, SectorA05, SectorA06, and SectorA07 activity against South Korea, Switzerland, France, Poland, and the United States. Reported tradecraft included template-injection Word documents against media and NGO targets, phishing pages used to steal credentials from media-communications and university personnel, CHM lures disguised as cryptocurrency job or project material that used msiexec to fetch MSI payloads, and Word malware that downloaded CAB files from C2 infrastructure. NSHC assessed continuing SectorA operations as serving both South Korean political/diplomatic intelligence collection and global financial-resource acquisition.