Forum Discussion
pbaratta
May 29, 2019Brass Contributor
Malware not detected (but it should)
Some days ago a colleague has received an email (O365 ATP protected) and clicked the link inside. The link caused a zip file to be downloaded the zip contained2 files, a shortcut and a xml file ...
rstgermain
May 29, 2019Copper Contributor
pbaratta Yea this is somewhat concerning. I half replicated what you posted. Created a shortcut with the scheduled task command line and zipped it up. Uploaded to google drive, downloaded it then executed.
-explorer.exe
-- chrome.exe
--- WinRAR.exe
----schtasks.exe
Uhh yea that does not look legitimate
pbaratta
May 30, 2019Brass Contributor
hopefully we'll have a feedback from Microsoft