Intel Name: Remcos rat activity
Date of Scan: March 12, 2025
Impact: High
Summary: Email continues to be a common method for malware distribution, with most malicious messages intercepted by spam traps and security filters. Threat actors constantly adapt their techniques to bypass these defenses, including altering file extensions for attached zip archives. In this case, the email contained a zip archive disguised with a 7-Zip file extension. On a Windows 11 system, File Manager successfully extracted the malware despite the archive using a .7z extension and 7-Zip not being installed.
