A newly discovered APT spear-phishing attack implements several evasion techniques to drop Cobalt Strike toolkit. The lure document was probably distributed through spear phishing emails as a resume from a person allegedly named Anadia Waleed At first, we believed it was targeting India but it is possible that the intended victims could be more widespread. The document uses template injection to download a remote template from the following URL:https://yenile[.]asia/YOOMANHOWYOUDARE/indexb.dotm.”]