HackDig : Dig high-quality web security articles for hackers

ZIP With Comment, (Mon, Nov 21st)

2016-11-22 08:35

I got hold of a malicious document e-mailed inside a password protected ZIP file.

This time Im not going to write about the maldoc, but about the ZIP file. The password for the ZIP file was mentioned with instructions in the e-mail spammed to many recipients. Obviously this is done in an attempt to bypass detection by e-mail scanners, but with the hope that the recipients would follow the instructions and provide the password when the ZIP application asks for it.

Now I" />

And I hope you can help me with my question: what Windows application does display the ZIP comment by default when a ZIP file is opened?

I tried Windows Explorer, WinZip and 7-Zip, but without success.

If you have an idea, please post a comment.

Didier Stevens
Microsoft MVP Consumer Security
blog.DidierStevens.com DidierStevensLabs.com
NVISO

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.


Source: ssr;pma&73712=diyrots?lmth.yraid/ude.snas.csi

Read:4523 | Comments:0 | Tags:No Tag

“ZIP With Comment, (Mon, Nov 21st)”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Tools

Tag Cloud