This malware is a RAT written in PowerShell. It has the following capabilities: Downloading and Uploading files, loading and execution of a PowerShell script, execution of a specific command. It was observed by Malwarebytes LABS Threat Intelligence Team in a newly discovered campaign: this campaigns tries to lure Germans with a promise of updates on the current threat situation in Ukraine according to Malwarebyte LABS.
Custom PowerShell RAT targets Germans seeking information about the Ukraine crisis
Unidentified PS 003 (RAT)
There is no Yara-Signature yet.