Malware
EagerBee
aka Thumtais
According to Elastic, EagerBee loads additional capabilities using remotely-downloaded PE files, hosted in C2.
EagerBee, also known as Thumtais, is a Windows malware family.
Background
Elastic reports that EagerBee extends its functionality by pulling in PE files downloaded from its C2 at runtime. Its code and implementation, however, point to a less skilled author who leans on rudimentary techniques. Elastic's analysis also found string formatting and behavior consistent with earlier work attributed to the Chinese-speaking actor known as LuckyMouse (APT27, EmissaryPanda).
Source: Malpedia (Fraunhofer FKIE).