Source |
SANS Institute |
Identifiant |
7818720 |
Date de publication |
2022-11-04 07:08:23 (vue: 2022-11-04 09:05:48) |
Titre |
Remcos Downloader with Unicode Obfuscation, (Fri, Nov 4th) |
Texte |
I spotted a malicious RAR archive that contained a VBS script. It was called “Unidad judicial citacion pendiente Fiscalia.rar†and protected with a simple 4-numbers password to defeat automatic scanning. Inside, the VBS script has the same name. Both are unknown to VT.
|
Envoyé |
Oui |
Condensat |
“unidad 4th archive are automatic both called citacion contained defeat downloader fiscalia fri has inside judicial malicious name nov numbers obfuscation password pendiente protected rar rar†remcos same scanning script simple spotted unicode unknown vbs |
Tags |
|
Stories |
|
Notes |
|
Move |
|