NSHC's February 2024 ThreatRecon report records two North Korea-linked SectorA clusters, SectorA01 and SectorA05, among broader monthly threat actor activity. SectorA01 activity was observed in Vietnam, Germany, and the United States using PE malware disguised as the open-source UltraVNC remote administration tool. SectorA05 activity was observed in Hungary, South Korea, Singapore, Pakistan, and Germany using Windows LNK malware disguised as trading lecture material and relying on the Dropbox API. The final PE malware described for SectorA05 supports DDoS, keylogging, and remote-control functions that execute according to attacker server commands. NSHC assesses ongoing SectorA activity as focused on collecting sensitive information related to South Korean political, diplomatic, and government activity while also conducting financially motivated operations worldwide.