The Evilnum APT group mostly targets victims from the UK and EU, but this time they do attack some victims from Australia and Canada. The group mainly uses spear-phishing emails to bypass all the ill-disposed files as scans of service bills, credit cards, driving licenses, and driving licenses. Experts affirmed that Evilnum had been detected using attack elements that are scripted in JavaScript and C#; they also use various tools from malware-as-a-service provider Golden Chickens.”]
Source: https://gbhackers.com/evilnum-apt-used-python-based-rat-pyvil-tool/