CUCKOO SPEAR Part 1: Analyzing NOOPDOOR from an IR Perspective

**Cuckoo Spear (Cybereason):** This report analyzes a sustained APT10 cyber-espionage campaign targeting Japanese and regional organizations, detailing the use of loaders (NOOPLDR variants, GOSICLoader, DOWNJPIT), backdoors (NOOPDOOR, LODEINFO), DGA-based C2 with internal pivoting, persistence via MSBuild scheduled tasks/WMI event consumers/service DLLs, exploited CVEs, observed IOCs, and provides detection guidance plus links to Yara rules and scripts.