Dissecting Multi-Stage Infection Chains with AsyncRAT at the Cor

Apr 28, 2025 · 4 min read · Summary CRIL came across a blog published by the Sekoia TDR team detailing a sophisticated phishing campaign that begins with malicious emails disguised as urgent invoices or orders. These emails contain .ms-library attachments that connect to remote...