LD-Deceptive Mail DetectedMarch 17, 2026SOC SIEM EDR Log Analysis Phishing AsyncRAT Escalation to L2 True Positive VirusTotal AbuseIPDBA phishing email with a password-protected ZIP delivered AsyncRAT via a SILENTBUILDER dropper. The victim executed the payload, establishing an active C2 channel and triggering full host reconnaissance before containment.