<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">

<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>

</head>

<body dir="ltr">

<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

</div>

<div style="margin:0px;font-size:12pt;color:black;background-color:rgb(255, 255, 255)">

<span style="margin:0px;background-color:white"><span style="margin:0px;background-color:white"><span style="margin:0px;background-color:white"><span style="margin:0px;background-color:white"><span style="margin:0px;font-size:14.67px">Hello,</span></span></span></span></span><span style="margin:0px;background-color:white"></span>

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;font-size:15px;color:rgb(32, 31, 30);background-color:white">

<div style="margin:0px;font-size:12pt;color:black">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;font-size:15px;color:rgb(32, 31, 30);background-color:white">

<div style="margin:0px;font-size:12pt;color:black">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;font-size:15px;color:rgb(32, 31, 30);background-color:white">

<div style="margin:0px;font-size:12pt;color:black">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;font-size:15px;color:rgb(32, 31, 30);background-color:white">

<div style="margin:0px;font-size:12pt;color:black">

<div style="margin:0px;background-color:white">

<div style="margin:0px;font-size:15px;color:rgb(32, 31, 30);background-color:white">

<div style="margin:0px;font-size:12pt;color:black">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;background-color:white">

<div style="margin:0px;font-size:15px;color:rgb(32, 31, 30);background-color:white">

<div style="margin:0px;font-size:12pt;color:black"><span style="margin:0px;background-color:white"></span>

<div style="margin:0px;background-color:white">

<div style="margin:0px;font-size:14.67px;background-color:white">I hope everyone is doing well!</div>

<div style="margin:0px;font-size:14.67px;background-color:white"><br>

</div>

<div style="margin:0px;font-size:14.67px;background-color:white">Below is the entry for today.</div>

<div style="margin:0px;font-size:14.67px;background-color:white"><br>

</div>

<div style="margin:0px;font-size:14.67px;background-color:white">07/16/2021 - Diary entry #306<br>

<br>

</div>

<blockquote style="font-size:14.67px;background-color:white;margin-top:0px;margin-bottom:0px">

<div style="margin:0px"></div>

<div style="margin:0px"></div>

This week a new campaign from the Chinese APT group known as LuminousMoth was disclosed using fake Zoom apps to spy on South East Asian high-profile targets.

<div><br>

</div>

<div>The infection chain starts with a spear phishing email campaign, containing a URL to download a RAR archive from Dropbox. The RAR file contains two legitimates executables and two malicious DLLs that are loaded in the process memory through a technique

 known as side-loading (covered in our Daily Diary #47).</div>

<div><br>

</div>

<div>This threat has the capability to spread itself to other devices through USB drives following by a signed fake Zoom software. The malware impersonating Zoom is used to exfiltrate data from the infected systems as a post exploitation tool. After collecting

 the data, the malware sends the files as RAR archives to its C2 server.</div>

<div><br>

</div>

Also, the malware can deploy a tool to steal cookies from the Chrome Browser. The attackers can use those to impersonate social media and e-mail sessions of the targets to spread their malware to other contacts.

<div style="margin:0px"><br>

</div>

</blockquote>

<span style="margin:0px;font-size:14.67px;background-color:white">Kind Regards,</span></div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

<div style="margin:0px;font-size:15px;font-family:"Segoe UI", "Segoe UI Web (West European)", "Segoe UI", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica Neue", sans-serif;color:rgb(32, 31, 30);background-color:rgb(255, 255, 255)">

<div style="margin:0px;font-size:12pt;font-family:Calibri, Arial, Helvetica, sans-serif;color:black">

<br>

</div>

<div style="margin:0px">

<div style="margin:0px">

<div style="margin:0px"></div>

<div style="margin:0px"></div>

<div style="margin:0px"></div>

<div style="margin:0px"></div>

<div style="margin:0px;font-size:12pt;font-family:Calibri, Arial, Helvetica, sans-serif;color:black">

<table style="font-size:medium;font-family:"Times New Roman"">

<tbody>

<tr>

<td align="left" style="width:180px">

<table align="left" width="120">

<tbody>

<tr>

<td align="center" colspan="3"><a href="https://www.appgate.com/" target="_blank" rel="noopener noreferrer" data-auth="NotApplicable" data-linkindex="0" style="margin:0px"><img width="120" height="30" style="margin:0px" src="https://d3aafpijpsak2t.cloudfront.net/images/Signature/logo@2x.png"></a></td>

</tr>

<tr>

<td align="center" colspan="3"> </td>

</tr>

<tr>

<td align="center" width="37%"><a href="https://www.linkedin.com/company/appgate-security/" target="_blank" rel="noopener noreferrer" data-auth="NotApplicable" data-linkindex="1" style="margin:0px"><img width="18" height="18" style="margin:0px" src="https://d3aafpijpsak2t.cloudfront.net/images/Signature/likedin@2x.png"></a></td>

<td width="28%"><a href="https://twitter.com/AppgateSecurity" target="_blank" rel="noopener noreferrer" data-auth="NotApplicable" data-linkindex="2" style="margin:0px"><img width="20" height="18" style="margin:0px" src="https://d3aafpijpsak2t.cloudfront.net/images/Signature/twitter@2x.png"></a></td>

<td width="35%"><a href="https://www.youtube.com/channel/UC-8GvxcZbm-R3EJNl8jYjiQ" target="_blank" rel="noopener noreferrer" data-auth="NotApplicable" data-linkindex="3" style="margin:0px"><img width="26" height="18" style="margin:0px" src="https://d3aafpijpsak2t.cloudfront.net/images/Signature/youtube@2x.png"></a></td>

</tr>

</tbody>

</table>

<p style="margin-top:0px;margin-bottom:0px"> </p>

</td>

<td colspan="2" rowspan="2" style="width:350px">

<p style="color:rgb(12, 12, 12);font-size:13px;font-family:Arial, Helvetica, sans-serif;margin-top:0px;margin-bottom:0px">

<strong>Felipe Tarijon de Almeida</strong><br>

Malware Analyst<br>

<strong>Appgate</strong></p>

<p style="color:rgb(12, 12, 12);font-size:13px;font-family:Arial, Helvetica, sans-serif;margin-top:0px;margin-bottom:0px">

E:<span style="margin:0px"> </span><font color="#228EBE"><a href="mailto:felipe.duarte@appgate.com" target="_blank" rel="noopener noreferrer" data-auth="NotApplicable" title="mailto:felipe.duarte@appgate.com" data-linkindex="4" style="margin:0px">felipe.tarijon@appgate.com</a></font><br>

O:<span> </span><span style="margin:0px;background-color:white">+55 11 97467 9549</span></p>

</td>

</tr>

</tbody>

</table>

</div>

</div>

</div>

</div>

<div>

<div id="Signature">

<div>

<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">

<br>

</div>

</div>

</div>

</div>

</body>

</html>