AgentTesla Being Distributed Through Windows Help File (*.chm)
The ASEC analysis team recently discovered AgentTesla being distributed with a new method. Previously, AgentTesla discussed in multiple ASEC blog posts was distributed by the malicious VBA macro inside PowerPoint files (*.ppt). However, the new method uses Windows Help files (*.chm) to run powershell commands. AgentTesla Being Distributed via More
Malicious Help File Disguised as COVID-19 Infectee Notice Being Distributed in Korea
The ASEC analysis team introduced readers to malware that takes the form of a Windows help file (*.chm) about two weeks ago. The malicious CHM file that was recently discovered is disguised as a notice for people infected with COVID-19 and is being distributed to Korean users. The attacker is
APT Attack Being Distributed as Windows Help File (*.chm)
The ASEC analysis team has recently discovered the distribution of malware disguised as a Windows Help File (*.chm), specifically targeting Korean users. The CHM file is a compiled HTML Help file that is executed via the Microsoft® HTML help executable program. The recently discovered CHM file downloads additional malicious files
