Threat Actors Weaponizing RAR Archives to Target Thailand’s Healthcare Sector

Authors: Vaibhav Krushna Billade, Dixit Panchal & Rumana Siddiqui. Table of Contents Introduction Key Targets Infection Chain Initial Campaign Findings Technical Analysis Stage 1: Initial Delivery (RAR Archive) Stage 2: Rouki-Obfuscated Batch Loader Stage 3: Startup Persistence Script Stage 4: Secondary Payload Execution Stage 5: Information Stealer Deployment (sim.py) Conclusion Seqrite Coverage Indicators of Compromise […] The post Threat Actors Weaponizing RAR Archives to Target Thailand’s Healthcare Sector appeared first on Seqrite Labs.