A widespread malware campaign is leveraging compromised WhatsApp accounts to distribute malicious VBScript files disguised as financial documents. The multi-stage infection chain abuses legitimate Windows utilities to download payloads, attempts to bypass UAC via registry modifications, and ultimately deploys a preconfigured ManageEngine Endpoint Central RMM agent to establish persistent remote access.