.. /.Mht

Phishing
Script
Double Click

Contributors:

mr.d0x

Description:

MHT is a webpage saved by a browser. They are often used by attackers to spoof a webpage or execute JavaScript.

OS:

Windows

Recommendation:

Block the download of MHT files when delivered through email and change the default application for MHT files to a text editor such as Notepad.

Resources:

https://isc.sans.edu/forums/diary/Malware+Delivered+Through+MHT+Files/24096/

File Samples: