It’s worth noting that the use of SVG files inside HTML containing base64-obfuscated code isn’t new. The same technique was observed in malspam delivering Qbot malware in December 2022.