I published the following diary on isc.sans.edu: “CinaRAT Delivered Through HTML ID Attributes“:
A few days ago, I wrote a diary about a malicious ISO file being dropped via a simple HTML file. I found another sample that again drops a malicious ISO file but this time, it is much more obfuscated and the VT score is… 0! Yes, not detected by any antivirus solution… [Read more]