Often a signed application, such as a component of Adobe or a security tool, which is used to gain trust from the operating system.
A custom-crafted library named to match a dependency expected by the legitimate executable. ThanksGivingRecipe.7z
Uploading, downloading, and executing files. Often a signed application, such as a component
When the user runs the legitimate executable, it automatically searches for and loads the malicious DLL found in the same folder—a technique known as . 3. The PlugX Malware Payload Often a signed application