Adds itself to the Windows Registry "Run" keys to ensure it starts every time the computer boots .
Sends the stolen data to a Command and Control (C2) server managed by the attacker. HotTubManual.rar
Based on similar campaigns, this file likely performs the following actions: Adds itself to the Windows Registry "Run" keys
Perform a full system scan using a reputable antivirus or Endpoint Detection and Response (EDR) tool. HotTubManual.rar
The subject line is a known indicator of a phishing campaign typically used to deliver malware, such as Information Stealers or Remote Access Trojans (RATs). Attackers use mundane, "helpful" file names to bypass a user's natural suspicion. Executive Summary