all InfoSec news
Malware Being Distributed Disguised as a Job Application Letter
Malware Analysis, News and Indicators - Latest topics malware.news
AhnLab Security Emergency response Center (ASEC) has identified that malware disguised as a job application letter is continuously being distributed. This malware is equipped with a feature that checks for the presence of various antivirus processes including a process with AhnLab’s product name (V3Lite.exe) and is being distributed through malicious URLs designed to resemble a Korean job-seeking website. Below are the discovered download URLs.
- hxxps://manage.albamon[.]info/download/20230201good001/%EC<omitted>_%EC%9E%85%EC%82%AC%EC%A7%80%EC%9B%90%EC%84%9C.hwp.scr
- hxxps://manage.albamon[.]live/23_05_15_05/%EC%<omitted>_%EC%9E%85%EC%82%AC%EC%A7%80%EC%9B%90%EC%84%9C.hwp.scr
- hxxps://manage.albamon[.]live/23_05_22_Fighting_ok/%EC<omitted>_%EC%9E%85%EC%82%AC%EC%A7%80%EC%9B%90%EC%84%9C.hwp.scr
Figure 1. Downloaded file
The malicious file downloaded from the above URLs has …
ahnlab antivirus application asec center distributed emergency job job application letter letter malicious malicious urls malware malware analysis name process processes product response security urls