Windows Help File Distributes AsyncRAT
Microsoft Windows help files (*.chm) were used to distribute variants of the AsyncRAT remote access trojan.
The infection process started with the user executing the chm file causing a blank help window to pop-up while malicious scripts were executed, and the RAT was downloaded from a remote server.
The payload exfiltrated sensitive data over SMTP to the actor's command-and-control servers.
Featured Resources
Subscribe to Our Blog
Subscribe now to get the latest insights, expert tips and updates on threat exposure validation.
Subscribe