April_10-04-2022.7z Info

: Used "thread hijacking" (replying to old email chains). File Name : Followed the pattern [Month]_[Date]-[Year].7z . Lure : Contained a malicious .lnk or .vbs file inside. 📝 Recommended Blog Coverage

The most detailed technical breakdown of this specific file naming convention and campaign can be found on these cybersecurity blogs: 1. SANS Internet Storm Center (ISC) APRIL_10-04-2022.7z

: The password was usually provided in the email body, making the user feel "secure" while actually helping the malware bypass the gateway. : Used "thread hijacking" (replying to old email chains)