Iron Castle Systems

Search

Skip to content

VMware
AWS
Powershell
Security
Projects
Misc.
Client Access
About

Search for:

Infostealer Malware with Double Extension, (Sun, Dec 18th)

December 18, 2022 David Leave a comment

This post was originally published on this site

Got this file attachment this week pretending to be from HSBC Global Payments and Cash Management. The attachment payment_copy.pdf.z is a rar archive, kind of unusual with this type of file archive but when extracted, it comes out as a double extension with pdf.exe. The file is a trojan infostealer and detected by multiple scanning engines.

Post navigation

Previous PostCyberChef & Entropy, (Sat, Dec 17th)Next PostHunting for Mastondon Servers, (Mon, Dec 19th)

Leave a Reply Cancel reply

You must be logged in to post a comment.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

VMware

Moving VM between different ESXi versions March 23, 2023
Driver of RAID controller March 22, 2023
Authentication issues (SSH works but not ESXi direct web client) March 22, 2023
configure CPU Mask March 22, 2023
Unable to download ESXI 7.0 March 22, 2023

SANS Security

ISC Stormcast For Thursday, March 23rd, 2023 https://isc.sans.edu/podcastdetail.html?id=8422, (Thu, Mar 23rd) March 23, 2023
Windows 11 Snipping Tool Privacy Bug: Inspecting PNG Files, (Wed, Mar 22nd) March 22, 2023
ISC Stormcast For Wednesday, March 22nd, 2023 https://isc.sans.edu/podcastdetail.html?id=8420, (Wed, Mar 22nd) March 22, 2023
String Obfuscation: Character Pair Reversal, (Tue, Mar 21st) March 21, 2023
ISC Stormcast For Tuesday, March 21st, 2023 https://isc.sans.edu/podcastdetail.html?id=8418, (Tue, Mar 21st) March 21, 2023

AWS

AWS Clean Rooms Now Generally Available — Collaborate with Your Partners without Sharing Raw Data March 21, 2023
AWS Week in Review – March 20, 2023 March 21, 2023
AWS Chatbot Now Integrates With Microsoft Teams March 16, 2023
Amazon Linux 2023, a Cloud-Optimized Linux Distribution with Long-Term Support March 15, 2023
Celebrate Amazon S3’s 17th birthday at AWS Pi Day 2023 March 14, 2023

Microsoft

Microsoft creates new opportunities for partners through AI offerings and expansion of Microsoft Cloud Partner Program March 22, 2023
Create images with your words – Bing Image Creator comes to the new Bing March 21, 2023
Breaking new ground in healthcare with the next evolution of AI March 20, 2023
Prompts for communicators using the new AI-powered Bing March 16, 2023
Introducing Microsoft 365 Copilot – your copilot for work March 16, 2023

Iron Castle Systems

Tag Cloud

AWS
Microsoft
Powershell
SANS
Security
Virtualization
VMware

Recent Posts

Cropping and Redacting Images Safely, (Thu, Mar 23rd) March 23, 2023
Windows 11 Snipping Tool Privacy Bug: Inspecting PNG Files, (Wed, Mar 22nd) March 22, 2023
AWS Clean Rooms Now Generally Available — Collaborate with Your Partners without Sharing Raw Data March 21, 2023
String Obfuscation: Character Pair Reversal, (Tue, Mar 21st) March 21, 2023
From Phishing Kit To Telegram… or Not!, (Mon, Mar 20th) March 20, 2023

Archives

Iron Castle System info@ironcastle.net Proudly powered by WordPress Theme - twentyfourteen

Manage Cookie Consent

To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.

Functional Functional Always active

The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.

Preferences Preferences

The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.

Statistics Statistics

The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.

Marketing Marketing

The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.

Manage options Manage services Manage vendors Read more about these purposes

View preferences

{title} {title} {title}