PwC describes Black Banshee, also known as Kimsuky, as a North Korea-based espionage actor that ran multiple 2019 campaigns spanning broad credential harvesting, spear-phishing, targeted espionage, and data exfiltration. The report focuses on infrastructure tradecraft: domains impersonating government, academic, and policy organisations; C2 domains resolving into the 185.224.137[.]0/23 and 185.224.138[.]0/23 ranges; and repeated use of 185.224.137[.]164 across at least 24 malicious domains. It also notes kakao-check[.]esy[.]es as C2 for MyDogs, a RAT associated with Black Banshee, and highlights recurring parent domains, adversary-registered naming patterns, and server-side folder conventions. These shared infrastructure habits allowed PwC to connect otherwise separate 2019 Black Banshee campaign clusters and prepare a follow-on analysis of their targeting, tradecraft, and objectives.