I published the following diary on isc.sans.edu: “CinaRAT Delivered Through HTML ID Attributes“:
A few days ago, I wrote a diary about a malicious ISO file being dropped via a simple HTML file. I found another sample that again drops a malicious ISO file but this time, it is much more obfuscated and the VT score is… 0! Yes, not detected by any antivirus solution… [Read more]
![](https://blog.rootshell.be/wp-content/uploads/2022/02/isc-20220211-1-1024x225.png)