all InfoSec news
TA402 Group using Weaponized XLL and RAR Files to Deliver Malware
GBHackers On Security gbhackers.com
Researchers have discovered a new phishing campaign that targets Middle Eastern and North African Government Entities to deliver a new initial access downloader termed “IronWind.” This downloader is followed by additional payload stages, which downloads a shellcode. Most campaigns were using Dropbox links, which then evolved to using XLL and RAR file attachments to evade […]
The post TA402 Group using Weaponized XLL and RAR Files to Deliver Malware appeared first on GBHackers on Security | #1 Globally Trusted Cyber …
access campaign campaigns computer security deliver malware downloads dropbox entities files government initial access ironwind links malware north payload phishing phishing campaign rar rar files researchers shellcode ta402 xll