Security Affairs

JULY 14, 2021

Threat actors were able to spread to other hosts through the use of USB drives, experts also noticed the deployment of a signed, but fake version of the application Zoom, which was a data stealing malware. “The archive contains two malicious DLL libraries as well as two legitimate executables that sideload the DLL files.

Archiving 98

Archiving File names Government Libraries 98

Security Affairs

FEBRUARY 13, 2023

The attack chain starts with phishing emails or social media messages distributing a RAR archive. The archive contains two files, Interview questions.txt, and Interview conditions.word.exe. The files pose an interview for a fake cryptocurrency role or job opening. Stolen data are exfiltrated through Telegram.

Archiving 80

Archiving File names Libraries Phishing 80

Security Affairs

MARCH 15, 2019

The flaw is an “Absolute Path Traversal” issue in the library that could be exploited to execute arbitrary code by using a specially-crafted file archive. The issue affects a third-party library, called UNACEV2.DLL DLL that is used by WINRAR, it resides in the way an old third-party library, called UNACEV2.DLL,

Archiving 83

Archiving Libraries File names Security 83

Security Affairs

DECEMBER 4, 2018

The script execution pops up to the screen a harmless “ FedEx ” brochure in pdf format used to decoy the victim, in the meanwhile it downloads and extract a PE32 executable file from a CAB archive hosted on a compromised Chinese website. Figure 4: PDF downloaded to the internet and shown to the user. The second stage.

Archiving 73

Archiving File names Libraries Communications 73

Security Affairs

JUNE 5, 2020

The macro contained inside the document is quite minimal and does not contain dead code or other anti-analysis technique, a part of the random looking variable naming. The VBS macro snippet contacts the “cloudservices-archive.]best” Figure 3: Extracted Macro. Code Snippet 4. Figure 13: Track of the set registry key.

Manufacturing 97

Manufacturing File names IT Libraries 97

Security Affairs

MARCH 2, 2019

File name: patent-2019-02-20T093A283A05-1.xls Figure 7: Language used by crooks to name the visible xls sheet. XLS is a Compound Document File (CDF or CF) or Object Linking and Embedding (OLE) File. Figure 8 below shows the structure of the xls file. File name : 68131_46_20190219.doc

File names 84

File names Phishing Libraries IT 84

Unwritten Record

OCTOBER 5, 2021

It means the files themselves were created and exist only in digital form, taken by a digital camera. The Still Picture Branch at the National Archives and Records Administration (NARA) accessions new photographic records from various Government agencies every year. Accessing File Metadata on a PC.

Metadata 51

Metadata Archiving Access File names 51