.. /.Rar

Phishing
Exploit
External
File Archiver

Author:

mr.d0x

Description:

RAR files are archived files having multiple files inside. It also compresses the files inside. It is often used by attackers to deliver malware.

OS:

Windows
Mac
Linux

Recommendation:

Monitor RAR files that are delivered as email attachments, especially if they are encrypted.

Resources:

https://research.checkpoint.com/2019/extracting-code-execution-from-winrar/

File Samples:

Contributions: