RedCurl Group Leverages Windows Component for Cyber Espionage

The attack chain involves phishing emails with malicious attachments, the use of curl and Program Compatibility Assistant (PCA) in Windows to deliver and execute malicious payloads, and unauthorized command execution using Impacket.