ValleyRAT malware spread via bogus software installers

Threat actors leveraged a phishing webpage luring targets into downloading a legitimate software-spoofing Microsoft Installer package that conceals its malicious nature by launching the app while executing a malicious DLL to deploy the multi-stage PNGPlug loader, a report from Intezer showed.

Go to Source