MalwareLab on Nostr: LNK file with "Copy" command used as simple downloader for #Xworm #RAT and #AsyncRAT ...
LNK file with "Copy" command used as simple downloader for #Xworm #RAT and #AsyncRAT The source argument of copy command is the network location in this case, which effectively means that the remote BAT file is downloaded to the victim computer.
LNK files are often used for malicious purposes. For example, they can be the delivered as email attachments and can run malicious PowerShell commands. However, this one is demonstration of KISS principle - simple and stupid (or actually smart) usage of essential utility.
Ref: https://app.any.run/tasks/1cbca783-8323-474e-aa6a-ca655ed6637e/
#malware #malwareanalysis #lolbin #sandbox #AnyRun
LNK files are often used for malicious purposes. For example, they can be the delivered as email attachments and can run malicious PowerShell commands. However, this one is demonstration of KISS principle - simple and stupid (or actually smart) usage of essential utility.
Ref: https://app.any.run/tasks/1cbca783-8323-474e-aa6a-ca655ed6637e/
#malware #malwareanalysis #lolbin #sandbox #AnyRun