Attackers delivered phishing emails with a ZIP file attachment with an executable Rust-based loader, which prompts Windows batch scripts that not only open lure documents but also facilitate the deactivation of antivirus software prior to the deployment of the Python-based information-stealing malware, an analysis from Cisco Talos showed.
Article Link: Novel PXA Stealer leveraged by Vietnamese hackers | SC Media