HOMETHREATSAllaKore
APT / THREAT GROUP

AllaKore

2
aliases
Last seen:Mar 17, 2026

Intelligence Profile

AllaKore is a simple Remote Access Tool written in Delphi, first observed in 2015 but still in early stages of development. It implements the RFB protocol which uses frame buffers and thus is able to send back only the changes of screen frames to the controller, speeding up the transport and visualization control.

Threat Analysis

AllaKore is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.

External References

Quick Facts

TypeAPT / Threat Group
Aliases2

Also Known As

AllaKorewin.allakore

External Intelligence

Malpedia: win.allakore

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.