MALWARE-CNC Win.Trojan.Autophyte RAT variant outbound connection
This event is generated when an infected internal machine accesses Autophyte's Command and Control servers outside the network.
Autophyte is a remote administration tool believed to be built and run by the Lazarus Group. It is used to collect victim data and potentially drop additional malware.
Ease of attack
Please follow corporate mitigation procedures.