The Department of Homeland Security (DHS) and the FBI issued a joint Technical alert on two strain on malware, the Joanap backdoor Trojan and Brambul Server Message Block worm. Joanap malware provides HIDDEN COBRA actors with the ability to exfiltrate data, drop and run secondary payloads, and run proxy communications on a compromised Windows device. Brambul is used as a service dynamic link library file or a portable executable file often dropped and installed onto target networks by dropper malware.”]
Source: https://securityaffairs.co/wordpress/73062/malware/hidden-cobra-malware.html