.. /.7z

Phishing
Exploit
External
File Archiver

Author:

mr.d0x

Description:

7Z files are archived files having multiple files inside. It can be used to hide and encrypt malware files within. The 7-Zip utility is notably known for the serious remote code execution vulnerability CVE-2018-10115.

OS:

Windows
Mac
Linux

Recommendation:

Ensure the 7-Zip software is patched for CVE-2018-10115. And monitor incoming 7Z files that are delivered as email attachments, especially if they are encrypted.

Resources:

https://borncity.com/win/2018/02/21/security-risk-avoid-7-zip/

File Samples:

Contributions: