RemcosRat goes from industrial engines. The exe attachment of the email from a French spare parts company is the malware

RemcosRat uses a new bait for its new campaign: a French company specialized in spare parts for industrial engines. The “doc2023020199888890001.pdf.exe” attachment of the “Re:YOUR INQUIRY” email is directly the malware.

Remcos is a cybercrime Remote Access Trojan (RAT), mainly associated with courier-themed phishing campaigns and with a wide range of functions: such as closely monitoring user activities, recording audio and video content, capturing of credentials, stealing digital currency, downloading additional payloads, and exfiltrating confidential data by avoiding detection and sandboxes.

Malware C2