Raspberry Robin and Dridex: Two Birds of a Feather
released on 2022-09-06 @ 02:49:25 PM
Raspberry Robin, also known as the QNAP worm, is typically delivered by a USB device, which contains a malicious Microsoft shortcut (.LNK) file. Once the user clicks on the .LNK file, it spawns a malicious command referencing msiexec.exe, a legitimate Windows system utility, to download and execute an MSI installer from a command and control (C2) domain