Spear-phishing with malicious ZIP/LNK attachments
DLL Sideloading (specifically targeting on-screen keyboard processes)
Trident Side-loading
Cloud Service C2 (OneDrive, Dropbox, Yandex)
Supply Chain Compromise
Custom Backdoors (ANEL, LODEINFO, NOOPDOOR)
Credential Stealing (MirrorStealer)
Wiper Malware (PathWiper)
Privilege Escalation