https://www.bleepingcomputer.com/news/security/hacker-uses-new-rat-malware-in-cuba-ransomware-attacks/

A member of the Cuba ransomware operation is employing previously unseen tactics, techniques, and procedures (TTPs), including a novel RAT (remote access trojan) and a new local privilege escalation tool.

The threat actor was named ‘Tropical Scorpius’ by researchers at Palo Alto Networks Unit 42 and is likely an affiliate of the Cuba ransomware operation.