Welcome to Source Code: Decipher’s behind the scenes look at the weekly news with input from our sources. Topping the news this week, researchers detailed a ransomware operator that has repeatedly rebranded itself in order to evade detection. Also making headlines is a threat group’s use of a unique RAT, which can communicate directly with other compromised hosts via a peer-to-peer network. Finally, researchers are warning of a new phishing attack technique that leverages a legitimate RTF template functionality.