.. /.Rar

Phishing
File Archiver

Contributors:

mr.d0x

Description:

RAR files are archived files having multiple files inside. It also compresses the files inside. It is often used by attackers to deliver malware.

OS:

Windows
Mac
Linux

Recommendation:

Monitor RAR files that are delivered as email attachments, especially if they are encrypted.

Resources:

https://research.checkpoint.com/2019/extracting-code-execution-from-winrar/

File Samples: