InvisiMole has been active at least since 2013 in connection with targeted cyber-espionage operations in Ukraine and Russia. ESET researchers conducted an investigation of these attacks in cooperation with the affected organizations. The feature-rich spyware, dubbed RC2FM and RC2CL, was found to be capable of making system changes, scanning wireless networks to track the geolocation of victims, gathering user information, and uploading sensitive files located in the compromised machine. The malware leverages a new TCS downloader to download additional modules and a DNS downloader.
Source: https://thehackernews.com/2020/06/invisimole-hackers.html