ESET: “Operation Spalax” targeted Colombian government institutions and private companies in the energy and metallurgical industries. The attacks began in 2020, with the modus operandi sharing some similarities to an APT group targeting the country since at least April 2018. The two campaigns diverge in the attachments used for phishing emails, the remote access trojans deployed, and the C2 infrastructure employed to fetch the malware dropped. The attack chain begins with the download of malicious files, which are RAR archives hosted on OneDrive or MediaFire.
Source: https://thehackernews.com/2021/01/experts-uncover-malware-attacks-against.html