Hackers Target Middle East Governments with Evasive “CR4T” Backdoor

The starting point of the attack is a dropper, which comes in two variants — a regular dropper that’s either implemented as an executable or a DLL file and a tampered installer file for a legitimate tool named Total Commander.