Countercept by MWR has discovered a new RAT dubbed Luminosity – that leverages the use of the AutoIt script tool. The malware was first seen in 2015 and contains features from a tool provided by the company LuminosityLink. Its key features include key logging, password recovery, RDP and the ability to manage files on the infected system. A reflective DLL load had been observed in the legitimate Microsoft regsvcs.exe process, which had been launched by the. AutoIt is a legitimate. script binary that is not malicious by nature.”]

