A highly relevant and detailed article on this topic is: by The Hacker News. Key Highlights of the Campaign:
The goal is espionage, aiming to drop malware, including the HeadSign backdoor, to steal information from compromised systems. sc23902-IN.part2.rar
For detection and mitigation strategies, this blog post from SOC Prime offers useful information. If you're investigating this threat, I can help by finding: of the payload YARA rules for detection Information on the WinRAR vulnerability involved A highly relevant and detailed article on this