New APT organization Saaiwc Group targeting the military, finance and other departments in Southeast Asia
released on 2023-01-09 @ 07:31:38 PM
This attack mainly uses the ISO file as the initial malicious payload. After running, the Powershell command is added to the local registry, and finally the Powershell backdoor PowerDism is loaded to steal local information and execute arbitrary commands.