0xToxin🕷️ on Twitter: "APT-C-36 (#BlindEagle) strikes again with @DIANColombia theme Phishing. 🇨🇴 .eml -> .pdf -> password protected .uue archive downloaded from #Discord -> .vbs -> .ps1 -> fetch DLL loader from Opendir -> fetch #LimeRAT payload from Discord (Injection to RegSvcs.exe) 🏹 URL's: ◾️… https://t.co/iXD4b6LU75" / Twitter

https://twitter.com/i/web/status/1656555358142226432