Megalodon malware recently spreading via phishing email campaigns. An Microsoft Excel files is sent which on successful execution download and run a RAT/ key-logger.
tRat is a modular delphi remote access trojan from the threat actor TA505. TA505 was previously responsible for Dridex and Locky campaigns.
Lazarus Group, a team of cyber criminals reportedly based in North Korea, is believed to be targeting its southern neighbor with malicious documents. The files, recently reviewed by South Korean researchers and experts at AlienVault, pack Manuscrypt malware as the final payload.
FlawedAmmyy RAT is an uncommon piece of malware that target Microsoft Publisher. Phishing Email comes with a .pub attachment (Microsoft Office Publisher file) and the subject "Payment Advice".
NOKKI RAT is a politically motivated malware that targets politically motivated victims in Russia and Cambodia. It obscure itself by appearing a PDF file but the extension is Microsoft executable .scr file.