.. /.Appxbundle

Executable
Phishing
Native
Double Click

Author:

@TalenceSecurity

Description:

An .appxbundle is a collection of app and resource packages

OS:

Windows

Recommendation:

Monitor and / or disallow the use of "appxbundle" files

Resources:

https://github.com/executemalware/Malware-IOCs/blob/main/2021-11-04%20BazarLoader%20IOCs
https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/dism-app-package--appx-or-appxbundle--servicing-command-line-options?view=windows-11

File Samples:

Contributions: