A new version of the remote access Trojan targets Microsoft Anti-Malware Software Interface to bypass endpoint detection.