![]() Once the target user clicks on the attached ARJ file, it will decompress it and then reveal the contents, “ “.įile “” is an executable file disguising as a PDF. It was a moderately well known archiver during the 90s. ARJ stands for Archived by Robert Jung, which is a file archiver created by Robert K. The email sample contains an ARJ attachment. ![]() This domain is currently registered, and probably used for spamming purposes. ![]() It also uses more convincing social engineering tactics to lure the target.īased on the received header, the email originally came from petrostandingferpo.top. We recently came across spam samples disguised as a human resource (HR) email pertaining to employee’s benefits.Īnalyzing the email sample, the threat actor forged the sender’s email address so that it would look like the sample is an internal email.
0 Comments
Leave a Reply. |