Creation of new, suspicious entries in "Run" or "RunOnce" folders. Recommended Actions
The user manually extracts the file, often prompted by a social engineering lure in the email body. sc22965-IEv1915341.rar
A high-level info-stealer that captures keystrokes, screenshots, and credentials from web browsers and email clients [2]. Creation of new, suspicious entries in "Run" or
Data stealers focused on harvesting sensitive information and form data. Indicators of Compromise (IOCs) Filename: sc22965-IEv1915341.rar Creation of new
A tool used by attackers to gain full remote control of the victim's machine.
The extracted file acts as a "dropper," which connects to a Command and Control (C2) server to download the final payload.
If you received this file in an unsolicited email, delete it immediately without extracting the contents.