I published the following diary on isc.sans.org: “Malware Delivered via Windows Installer Files“:
For some days, I collected a few samples of malicious MSI files. MSI files are Windows installer files that users can execute to install software on a Microsoft Windows system. Of course, you can replace “software†with “malwareâ€. MSI files look less suspicious and they could bypass simple filters based on file extensions like “(com|exe|dll|js|vbs|…)â€. They also look less dangerous because they are Composite Document Files… [Read more]
2 comments