A Peculiar MS-DOS Legacy Downloader Used in Phishing and Adware Campaigns
released on 2021-01-21 @ 05:33:18 PM
In a recent investigation K7 Security Labs discovered a sample that is almost archaic and considered "legacy" in terms of the Tactics, Techniques and Procedures (TTP) used, but surprisingly executes fine on modern systems. This blog post is about one such sample that we noticed in our queue and analyzed. The sample was submitted to VirusTotal (VT) from South Korea, which is a compiled MS-DOS executable, self-deletes, connects to a malicious site and downloads a file to infect the victim's system.