Advanced persistent threats (APTs) exploit vulnerabilities in cyber defenses daily and update their tactics, techniques, and procedures (TTPs) to remain one step ahead of the defenders. Four prominent nation-state threats targeting the United States that continually appear in headlines include North Korea, Russia, Iran, and China. To identify how to start defending against threat actors, it is necessary to understand where and how threats are getting into networks. This study aims to identify similarities, patterns, and themes across four nation-states in the initial access and custom malware used. The goal of this research is to allow network defenders to make decisions based on what the adversary has previously done, what they are currently doing, and some new techniques the threat actors have been seen using. This information could prove vital to resource decisions, network appliances, social engineering training, and other network defense initiatives and strategies. The malware sampling and analysis will give insight into what languages the adversaries use, their typical functionalities, and some of the campaigns in which the malware has been used. This research can be a first look into what is currently being done by the adversary threat groups of the four most prominent national security threats. From initial access methods, this study will discover what the most prominent vector is being used to gain access to networks. Malware analysis will try to find the commonalities that the threat actors are using. Investigating these two prominent areas could lead to discovering the actual root cause of how these attackers remain successful in their endeavors and could give the defenders a chance to narrow their attack surface and make themselves harder targets for these attackers.