We have been monitoring a wave of spear-phishing attacks targeting the government, academic, foundations, and research sectors around the world, which is initiated since 2022 March. The seemingly wide outbreak of targeted attacks includes but not limited to Myanmar, Australia, the Philippines, Japan and Taiwan. The observed malware families, such as TONEINS, TONESHELL and PUBLOAD, could be attributed to a notorious advanced persistent threat (APT) group called Earth Preta (also known as Mustang Panda and Bronze President). Since 2023 January, we found more undisclosed malware was used in this campaign, and we also observed that the actors were actively changing their TTPs to bypass security solutions. Especially, we also found some interesting tools used for exfiltration. In this presentation, we will introduce the technical details of this campaign.