VERY IMPORTANT

A sophisticated spear-phishing campaign targeting Argentina's judicial sector has been uncovered. The operation uses a multi-stage infection chain to deploy a stealthy Remote Access Trojan (RAT). Attackers exploit trust in court communications by using authentic-looking judicial decoy documents. The campaign employs a weaponized LNK file, a BAT-based loader script, and a covert Rust-based RAT to establish persistent access within judicial environments. The malware performs extensive anti-VM and anti-debug checks, collects system information, and establishes resilient C2 connections. It supports various malicious activities including persistence, file transfer, data harvesting, encryption, and privilege escalation. The campaign demonstrates high operational sophistication and aims to gain long-term access to sensitive legal and institutional data.