Analysis of APT37 NarwhalRAT Leveraging MS-Themed Phishing and Dead-drop C2 (opens in new tab)

Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Note: Affiliate link – your enrollment helps support this platform at no extra cost to you. ◈ Key Findings Initial access was performed through spear phishing disguised as messages from the Microsoft account team and cybersecurity advisories. Malicious LNK files were used to induce the installation of NarwhalRAT based on compiled Python script. Performed...