Malicious ISO Embedded in an HTML Page, (Fri, Jan 28th)

I spotted an interesting phishing email. As usual, the message was delivered with a malicious attachment that is a simple HTML page called “Order_Receipt.html” (SHA256:a0989ec9ad1b74c5e8dedca4a02dcbb06abdd86ec05d1712bfc560bf209e3b39) with a low VT score of 5/59[1]! This is a text file and, therefore, looks less suspicious. When the page is opened in the victim’s browser, it displays a simple message and offers the victim to download an ISO file:

Article Link: Malicious ISO Embedded in an HTML Page