OTX Bot

Phishing Campaign Delivers Fileless Remcos RAT Using JavaScript and PowerShell to Evade Detection

A phishing campaign distributes Remcos RAT using a fileless multi-stage execution chain involving JavaScript, PowerShell and a .NET injector.

Pulse ID: 69b5d44a49e28d19f3338d0b
Pulse Link: https://otx.alienvault.com/pulse/69b5d44a49e28d19f3338d0b
Pulse Author: cryptocti
Created: 2026-03-14 21:34:02

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #Java #JavaScript #NET #OTX #OpenThreatExchange #Phishing #PowerShell #RAT #Remcos #RemcosRAT #bot #cryptocti

LevelBlue - Open Threat Exchange

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

LevelBlue Open Threat Exchange
Mar 14 at 10:04pmWeb