RST TI Report Digest: 19 Jan 2026

The report details a ConvertMate malware campaign that distributes a dropper (ConvertMate.exe) via malvertising and fake converter apps; once installed it deploys RAT payloads, uses revoked code-signing certificates and scheduled tasks for persistence, employs timestomp for evasion, communicates with C2 servers, and includes a large set of IoCs (domains, URLs, and numerous SHA256 hashes) for detection.