CinaRAT Delivered Through HTML ID Attributes, (Fri, Feb 11th)

A few days ago, I wrote a diary about a malicious ISO file being dropped via a simple HTML file[1]. I found another sample that again drops a malicious ISO file but this time, it is much more obfuscated and the VT score is… 0! Yes, not detected by any antivirus solution! (SHA256:ef579d9bf2dba387c3be9effa09258902c4833dfb7634f4ed804d96e8849da74)

Article Link: https://isc.sans.edu/diary/rss/28330