TA505 is a prolific cybercriminal group known for its attacks against multiple financial institutions and retail companies using malicious spam campaigns and different malware. In the group’s latest campaign, they deploy the Get2 Downloader via Office Template Macros which leads to the malware. This also allow threat actors to gain access to the compromised network, providing opportunities to steal financial data or install ransomware. This is an active campaign expected to target financial institutions around the world. This threat actor has been highly active in the wild since the second quarter of 2020. TA505 aka EvilCorp is found consistently targeting financial institutions around the world. Every week, fresher IoCs are discovered related to this threat group.