Redaman is banking malware first noted in 2015 that targets recipients who conduct transactions using Russian financial institutions. We have found versions of Redaman in Russian language mass-distribution campaigns during the last four months of 2018. In this campaign, the Russian language malspam is addressed to Russian email recipients, often with email addresses ending in.ru. These emails have file attachments with. archive files disguised as a PDF document. The messages all have a common theme: they refer to a document or file for an alleged financial issue the recipient needs to resolve.”]
Source: https://unit42.paloaltonetworks.com/russian-language-malspam-pushing-redaman-banking-malware/

