New Avalon Malware Framework Packs CrownX Ransomware Capabilities
Blackpoint says Avalon uses Proton Drive, ISO images, LNK files, and MSBuild to disable ETW, steal credentials, and deploy CrownX ransomware.
More info
