all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Malicious .crx file download

Add to bookmarks
Oct. 17, 2022, 12:59 p.m. | /u/DyingWorld72

Malware Analysis & Reports www.reddit.com

Over the past week we’ve seen a new TTP in our environment. There is a phish/download link that will download a .crx that contains a .zip that auto executes when the .crx file is opened.

The .zip mounts a .iso and executes a encrypted .bat.

The malware shares signatures of Qbot.

The interesting part is the file is downloaded from a Microsoft server and the c2 is behind a google api call out.

I’ll add more details later as I’m …

download malicious malware

Visit resource

More from www.reddit.com / Malware Analysis & Reports

Are hidden incoming SMS common for C&C? 2 days, 19 hours ago | www.reddit.com
account android android malware carrier +12
Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters 2 days, 22 hours ago | www.reddit.com
attackers clusters critical exploiting +5
A Powerful tracing engine based on Qemu 1 week ago | www.reddit.com
binary called can case +20
[Fixed] Coding The Rat King: A Multi-Family Malware Configuration Parser 1 week, 1 day ago | www.reddit.com
code coding configuration family +5
Dynamic Malware Analysis of Konni RAT Malware APT37 With Any.Run 2 weeks ago | www.reddit.com
advanced amp analysis any.run +22
All Youtube videos contain miniature windows of disruptive content 2 weeks, 2 days ago | www.reddit.com
goes interest malware play +7
Malware: Research shows that SpyLoan Apps have entered Tanzania and is exploiting Tanzanian Citizens. 2 weeks, 2 days ago | www.reddit.com
apps blackmail china cloud +15
⚠️ #Konni #APT LNK trickery: hiding multiple files in oversized LNK files 2 weeks, 3 days ago | www.reddit.com
apt files konni lnk +2
Advanced Topics For Malware Analysis and RE 2 weeks, 5 days ago | www.reddit.com
advanced analysis asm basics +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Network Security Engineer

@ Ørsted | Kuala Lumpur, MY
View on infosec-jobs.com

Senior Director of Foundation Relations, Johns Hopkins University & Medicine

@ Johns Hopkins University | Baltimore, MD, United States, 21209
View on infosec-jobs.com

Global Cybersecurity Head

@ CMA CGM | Marseille, FR
View on infosec-jobs.com

Cyber Security Analyst

@ QinetiQ US | Reston, VA, United States
View on infosec-jobs.com
View more jobs