Intel Name: Cascading shadows: an attack chain approach to avoid detection and complicate analysis
Date of Scan: April 18, 2025
Impact: High
Summary: In December 2024, we identified a multi-stage attack chain used to deliver malware such as Agent Tesla variants, Remcos RAT, and XLoader. Attackers are increasingly adopting layered delivery tactics to bypass detection tools and traditional sandboxes. The phishing campaign we examined disguised itself as an order release request, delivering a malicious attachment. The attack chain used several execution paths to evade defenses and hinder analysis.
