Stan Ghouls targeting Russia and Uzbekistan with NetSupport RAT

Stan Ghouls (aka Bloody Wolf) conducted a targeted spear-phishing campaign (primarily in Uzbekistan, with victims in Russia, Kazakhstan and a few other countries) using malicious PDF decoys that direct victims to a Java loader which downloads and installs NetSupport RAT; the report provides technical details, persistence methods, approximately 60+ victims across finance, manufacturing and IT sectors, extensive IoCs (file hashes and domains), and notes Mirai IoT binaries hosted on infrastructure tied to the campaign.