Simultaneously, the page initiates the download of a WSF (Windows Script File), setting into motion a potentially perilous sequence of events. Upon unwittingly opening the HTML page, an automatic download of a Windows Script File (WSF) ensues.
Disclaimer: This article is part of X-Force OSINT Advisories automated collection to enable faster integration of open-source articles to client environments. All credit and copyright goes to the original authors.
Sample Indicators of Compromise:
909ec84dfa3f2a00431a20d4b8a241f2959cac2ea402692fd46f4b7dbf247e90http://142.202.240.40:222/1.txtdaee41645adcf22576def12cb42576a07ed5f181a71d3f241c2c14271aad308bhttp://142.202.240.40:222/r.jpga0c40aa214cb28caaf1a2f5db136bb079780f05cba50e84bbaeed101f0de7fb3
