TA402 Group using Weaponized XLL and RAR Files to Deliver Malware

Researchers have discovered a new phishing campaign that targets Middle Eastern and North African Government Entities to deliver a new initial access downloader termed “IronWind.” This downloader is followed by additional payload stages, which downloads a shellcode.  Most campaigns were using Dropbox links, which then evolved to using XLL and RAR file attachments to evade […]

The post TA402 Group using Weaponized XLL and RAR Files to Deliver Malware appeared first on GBHackers on Security | #1 Globally Trusted Cyber …

access campaign campaigns computer security deliver malware downloads dropbox entities files government initial access ironwind links malware north payload phishing phishing campaign rar rar files researchers shellcode ta402 xll