Use the infected machine as a bridge to launch further attacks within a network.
: The use of the .7z extension (7-Zip) is a common tactic for evading legacy email security filters that may only scan standard .zip files. Canadian_Maple.7z
: Upon extraction, the archive usually contains a malicious executable or a script (such as a .vbs or .js file). In documented cases, this file drops or executes AsyncRAT , a powerful Trojan that allows attackers to: Remotely monitor the infected computer's screen. Exfiltrate sensitive data and files. Record keystrokes (keylogging). Use the infected machine as a bridge to
: Check the sender's email address for inconsistencies or "look-alike" domains. this file drops or executes AsyncRAT