A newly discovered modular loader uses PDF files and sophisticated social engineering lures to deliver ransomware-linked payloads. The malware employs multiple execution methods, advanced domain generation algorithms, and specifically targets domain-joined systems for maximum impact. It establishes persistence through scheduled tasks and registry keys while hiding its activity in user directories.
Latest mentioned: 09-19
Earliest mentioned: 09-18