The Reveal Platform
Intel Name: Dcrat impersonating the colombian government
Date of Scan: July 2, 2025
Impact: Medium
Summary: A recent investigation uncovered a new email-based attack distributing a Remote Access Trojan known as DCRAT. The attacker is posing as a Colombian government entity to target organizations within Colombia. To evade detection, the threat actor employs several techniques, including password-protected archives, obfuscation, steganography, base64 encoding, and multiple file drops.
