Attackers have targeted precision engineering companies in Italy with phishing that is difficult to spot. The final payload is a fileless trojan that harvests credentials. The spearphishing email was sent on October 26 to individuals in the sales department of the precision company. It had attached an Excel spreadsheet containing a list of spare parts identified with real catalog codes, quantities, and shipping addresses. The malware has a large list of locations to check, including registry keys for SSH clients (PuTTY, KiTTY) and email clients (IncrediMail, PostBox)
Source: https://www.bleepingcomputer.com/news/security/phishing-campaign-targets-precision-engineering-company/