Threat Group – BatShadow Group
Threat Type – Multi-stage info-stealer and remote access bot
Exploited Vulnerabilities – Social engineering, Windows default “hide known file extensions,” LNK-launched encoded PowerShell, abuse of legitimate remote access software for persistence
Malware Used – Vampire Bot (Go-compiled)
Threat Score – 7.6 🔴 High — Multi-stage chain with LNK→PowerShell execution, behaviour-evasive