Initial compromise is the method that is adopted by intruders to enter into the targetted networks. Generally APTI\'s use spear phishing attack for this purpose. Spear phishing is an email that appears to be from an individual or business that is well known to us. But infact it is not. It is from some criminal hackers who want your confidential information such as: credit card and bank account numbers, passwords, and other financial information on your PC. Spear phishing can be used by the attacker to target any individual by sending him a malicious mail that contains content which relates to his recent happenings in life. This mail will appear to the receiver as if it has come from the legitimate friend or relative of him. This might also resemble as a mail sent by the recipient\'s boss who demands him to submit a file immediately. Composing mails in such a way would tempt the receiver in responding before suspecting. Thus, allowing himself to be a victim. Responding to those mails might allow some backdoors to enter into his machine and silently monitors his financial transactions in order to capture the bank account details, passwords etc. According to the refered document, malicious ZIP file named “Internal_Discussion_Press_Release_In_Next_Week8.zip” is the payload. This file contained a malicious executable that installs a custom APT1 backdoor that we call WEBC2-TABLE Solution Initial compromise is the method that is adopted by intruders to enter into the targetted networks. Generally APTI\'s use spear phishing attack for this purpose. Spear phishing is an email that appears to be from an individual or business that is well known to us. But infact it is not. It is from some criminal hackers who want your confidential information such as: credit card and bank account numbers, passwords, and other financial information on your PC. Spear phishing can be used by the attacker to target any individual by sending him a malicious mail that contains content which relates to his recent happenings in life. This mail will appear to the receiver as if it has come from the legitimate friend or relative of him. This might also resemble as a mail sent by the recipient\'s boss who demands him to submit a file immediately. Composing mails in such a way would tempt the receiver in responding before suspecting. Thus, allowing himself to be a victim. Responding to those mails might allow some backdoors to enter into his machine and silently monitors his financial transactions in order to capture the bank account details, passwords etc. According to the refered document, malicious ZIP file named “Internal_Discussion_Press_Release_In_Next_Week8.zip” is the payload. This file contained a malicious executable that installs a custom APT1 backdoor that we call WEBC2-TABLE.