Researchers publish details of FIN7 Hacking Group’s JSSloader Remote Access Trojan. FIN7 is suspected of using JSS loader during several campaigns, but details about the malware have been elusive. The attack starts with a phishing email that downloads a VBScript, according to the Morphisec Labs report. JSSLoader can collect information about the compromised device, including hostname, domain name, username, running processes, and system information such as patches, desktop files, Active Directory information, logical drives and network information.”]
Source: https://www.cuinfosecurity.com/researchers-disclose-details-fin7-hacking-groups-malware-a-15703