DarkCloud Stealer is targeting financial firms via phishing emails with malicious RAR attachments, using MSBuild.exe injection and a PowerShell-downloaded JPG to decrypt an embedded .NET file and steal credentials from email, FTP, and browsers. More https://www.cyberproof.com/blog/darkcloud-stealer-targets-financial-organizations/
