The latest signed campaign uses SHOECORP LIMITED corporate certificates to trick anti-viruses and download malware.
Tehcnical analysis by the Malware Hunter JAMESWT
MassLogger hits again organizations in a international campaign. The attachments start the malware infection chain
The PowerShell Script to start the malware infection in the Italian chapter of the campaign
DNS HTTP/HTTPS requests / Connection