July 10, 2024, 12:21 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

1. Overview


AhnLab SEcurity intelligence Center (ASEC) covered cases of AsyncRAT being distributed via various file extensions (.chm, .wsf, and .lnk). [1] [2]


In the aforementioned blog posts, it can be seen that the threat actor used normal document files disguised as questionnaires to conceal the malware. In a similar vein, there have been cases recently where the malware was disguised as an ebook.



Figure 1. An ebook being distributed with the malware

2. Malware Executed via Scripts …

actor ahnlab asec asyncrat blog blog posts can cases center chm conceal disguised distributed distribution document ebook extensions file files intelligence lnk malware malware analysis normal posts security security intelligence threat threat actor vein wsf

Journeyman Software Developer

@ Leidos | 6314 Remote/Teleworker US

Customer Assurance Analyst

@ London Stock Exchange Group | POL-Gdynia-3T Office Park, Tower C

Risk Consulting - Protect Tech - Senior -ERP Controls

@ EY | Bengaluru, KA, IN, 560016

ITGC Senior

@ EY | Hyderabad, TG, IN, 500081

Technology Risk Officer

@ State Street | Quincy, Massachusetts

Sr. Risk Manager, Data Risk Governance

@ KeyBank | For Those Who Work At Home, OH