2019-07-17 AveMaria InfoStealer/RAT with interesting UAC bypass
I came across this sample yesterday via my usual method – the email filters. The email is your pretty standard stuff acting as a proposal for an order. Once you open the zip file, there is an executable. From here, the fun began. For the artifacts/logs/PCAP from this analysis, pleaseā¦