This notable Remote Access Trojan was first discovered in 2018 and has been used in campaigns every three months or so since its discovery, with a peak in activity in the fall of 2019. While it’s been deployed against high-profile targets, including telecommunications representatives, government entities, and contractors in MENA and the EU, there is not enough evidence to attribute the malware to any known APT group or activity.