Social Engineering / Potential Info-Stealer or Downloader. 3. Delivery & Social Engineering (The Lure) The attacker uses a "double-hook" strategy:
This report covers the analysis of a suspicious archive file, PayPal-Zolii-FinalFantasy (1).zip . The file is part of a social engineering campaign that uses trusted brand names (PayPal) and popular media (Final Fantasy) to trick users into executing malicious content. File Name: PayPal-Zolii-FinalFantasy (1).zip Format: Compressed ZIP Archive PayPal-Zolii-FinalFantasy (1).zip
A local .html file that mimics a PayPal login screen to harvest credentials. 5. Recommended Actions Social Engineering / Potential Info-Stealer or Downloader
If executed, scan the system for new registry keys in HKCU\Software\Microsoft\Windows\CurrentVersion\Run . The file is part of a social engineering
If you have not done so, avoid opening the archive.
Targets gamers or individuals interested in digital goods, possibly mimicking a purchase confirmation for a game or DLC.