New self extracting package created via iexpress.exe

Intel Name: New self extracting package created via iexpress.exe

Date of Scan: December 2, 2024

Impact: Medium

Summary:
Detects the use of the “iexpress.exe” utility to create self-extracting packages. Attackers have been observed leveraging “iexpress” to dynamically compile packages using “.sed” files. Investigate the command-line options passed to “iexpress,” and if a “.sed” file is involved, review its contents and verify its legitimacy.

More Details