We detected a JS, PS & C2 related to Earth Bogle campaign uploaded from Libya. The PowerShell impersonating a jpg file is downloaded from OneDrive deploying NJRat. MD5: a8ce4c623dd429775c6c7c6dc5abe139 MD5: 02396c40edfba07ff8e9f3b7c8541505 C2: 2626[.]libya2020[.]com[.]ly
0
5
72
46K
0