A bit of a strange one to start off today. The word doc doesn’t want to run or run properly in most of the online sandboxes available to me. An email with the subject of “Alert! Shipment Notification” pretending to come from DHL but actually coming from DhlExpress <dhl@paperattention.com> with a malicious word doc delivering Remcos Rat. The macro is quite different to many previous ones that I have seen and very highly obfuscated and encoded, making it difficult to manually analyse. To make sure you get the malware, the email has a word attachment and a link to download … Continue reading →
The post Fake DHL “Alert! Shipment Notification” delivers Remcos RAT appeared first on My Online Security.