ESET cyber security experts: The malware is a dynamic-link library that is installed and loaded by two earlier-stage components, and it’s periodically implemented to avoid detection.
Trend Micro cyber security experts: The first malicious code abuses user account control (UAC) bypass and works as a loader for other threats. The second is a dangerous backdoor.
Symantec cyber security experts: The group, aka Turla, launched 3 campaigns: one with Neptun malware, another with Meterpreter and the last one with custom RPC backdoor.
Microsoft cyber security experts: the goal is to spread a backdoor Trojan, exploiting an old vulnerability. Probably there will be new malspam campaigns with same characteristics.
Trend Micro cyber security experts: The Iranian state-sponsored APT is using new tools and payloads, which indicates that it’s continuously developing the schemes.