: During this period, Vietnamese organizations were frequently targeted by groups like Mustang Panda or OceanLotus (APT32), using tools like PlugX , Cobalt Strike , or custom infostealers .
: Phishing emails with "Official Document" themes, often written in Vietnamese, designed to trick recipients into opening the archive. (VN)[2023-01-24]THANG_vanth.zip
: Check if this specific tag has been indexed by the research community. : "Thang" is a common Vietnamese name, and
: "Thang" is a common Vietnamese name, and "vanth" may be a shorthand for "Văn thư" (meaning "clerical" or "official document"), which is a frequent theme in social engineering lures targeting government or corporate employees. Common Characteristics of such Samples : During this period
: The ZIP file often contains a malicious .LNK file disguised as a document or a sideloading chain involving a legitimate executable and a malicious DLL. Search and Verification
While the exact contents depend on the specific analysis, files shared under this format in January 2023 often shared these traits:
: Search for the filename to find associated reports and behavior graphs.