VERY IMPORTANT

A recent wave of large-scale StrelaStealer email campaigns was observed targeting over 100 organizations across the EU and U.S. The campaigns distribute spam emails with attachments that launch the malware's DLL payload. The malware steals email login credentials and sends them to the attacker's command and control server. The malware author frequently updates the malware to evade detection. Technical analysis revealed the malware is now delivered via a zipped JScript employing updated obfuscation in the DLL payload.