This report highlights a sophisticated malware campaign targeting businesses through email phishing. The attackers are leveraging trusted brand names and professional collaboration offers as a cover to distribute malicious attachments. The email subject lines and contents are carefully crafted to appear as legitimate business opportunities, including promotions, partnership proposals, and marketing collaborations.

Key characteristics of the campaign include:

• Email Payload: The malware is hidden within attachments such as Word documents, PDFs, or Excel files, often masquerading as promotional materials, contracts, or business proposals.
• Delivery Method: The phishing emails are sent from spoofed or compromised email addresses, making them seem credible. Recipients are lured into downloading the attached files, believing they are legitimate business offers.
• Malware Behavior: Once the attachment is opened, the malware installs itself on the victim’s system. This malware is typically designed to steal sensitive data, including login credentials, financial information, and intellectual property, or to provide remote access to the attacker.
• Target Audience: Businesses and individuals in marketing, sales, and executive positions are the primary targets, given their propensity to engage in brand promotions and partnerships.