A complex ransomware campaign is utilizing custom malware and exploiting network vulnerabilities to infiltrate organizations and maintain persistent access. The attackers employ sophisticated techniques to evade security measures, including abusing legitimate tools and a vulnerable driver, and have recently broadened their targeting to include entities in a previously avoided region. This operation highlights the increasing adaptability and resourcefulness of threat actors.