Volexity cybersecurity experts: The North Korea’s APT uses a fake trading website, that mimic a legit one, and DLL Side-loading to distribute the malware.
Malware Hunter JAMESWT Technical Analysis
“RE: QUOTATION ORDER” spreads AveMaria/Warzone RAT. The rar attachment contains an exe file: the malware itself. Objective: to steal information from the victim
“RE: QUOTATION ORDER” is the subject of an email, used to spread a new global AveMaria / Warzone RAT campaign.
The rar attachment contains an exe file: the malware itself. The goal of cybercrime is to steal data from the victim, as AveMaria is a Remote Access Trojan (RAT) with the ability to provide remote access to the desktop, act as a keylogger, increase user privileges, steal passwords and more.