Bloody Wolf: A Blunt Crowbar Threat To Justice

Bloody Wolf is an active APT targeting Central Asian government and commercial organizations using spear-phishing PDFs that host malicious JAR loaders which download and install legacy NetSupport RAT; Group-IB reports on the infection chain, JAR loader internals, persistence methods, MITRE mapping, and provides extensive IOCs (file hashes and malicious domains) along with defensive recommendations.