sample: https://bazaar.abuse.ch/sample/fc9dd8a525e209d698272c1758b17ba02787d090052396d5871eea5aa7b03a9a/
来源
https://twitter.com/Arkbird_SOLG/status/1408199148294348801
Already seen it in the past (since 2013), the last time that against Bayer for COVID event, that's focus in majority China structures. Sometimes, the attacker just removes and changes the content and payload that make a new payload.