RAT Distributed as UUEncoding (UUE) File

June 11, 2024, 10:31 a.m.


This intelligence report describes a malicious operation where the Remcos Remote Access Trojan (RAT) is being disseminated through phishing emails containing an attachment exploiting the Unix-to-Unix Encoding (UUE) technique. The encoded file loads an obfuscated VBScript that fetches additional malicious components, leading to the deployment of the Remcos RAT on compromised systems. The report outlines the multi-stage infection process, providing technical details and indicators of compromise (IOCs) related to this campaign.


Published Created Modified
June 11, 2024, 10:11 a.m. June 11, 2024, 10:11 a.m. June 11, 2024, 10:31 a.m.


Attack Patterns