A series of phishing emails is directing recipients to packed executable files containing the BlotchyQuasar malware variant, allegedly developed by a threat group known as Hive0129. Several features of it were found to overlap with a malware called ProyectoRAT. IOCs associated with the attack campaign will help organizations in eliminating or blocking the threat.