Unnamed malware. Delivered as remote template that drops a VBS file, which uses LOLBINs to crawl the disk and exfiltrate data zipped up via winrar.
There is no Yara-Signature yet.
If your designated proposal does not fit in any other category,
feel free to write a free-text in the comment field below.
Please propose all changes regarding references on the Malpedia library page
Your suggestion will be reviewed before being published.
Thank you for contributing!