New SPIKEDWINE APT group is targeting officials in Europe
Security Affairs
FEBRUARY 29, 2024
The PDF included a link to a fake questionnaire that redirects users to a mailcious ZIP archive hosted on a compromised site. The ZIP archive contains an HTA file named wine.hta that contains obfuscated JavaScript code. The JavaScript code retrieves an encoded ZIP archive containing WINELOADER from the same domain.
Let's personalize your content