An APT actor that uses a customized backdoor to carry out cyberespionage activities. The malware is spread using extremely effective social engineering attacks, which involve sending malicious PDF documents to their targets. They also make use of IE and Java vulnerabilities. There are 59 known victims across 23 countries.