Blog | G5 Cyber Security

Malicious PNGs: What You See Is Not All You Get!

One of the latest Graftor variants is delivering a Malware DLL via a PNG file delivery mechanism. Hiding executables and DLLs in PNG files is yet another attempt to avoid detection and deliver malicious content to user systems. This download occurs in the background without user interaction and hiding the malicious content at the end of the valid PNG file is an attempt to bypass security detection on the system and the network. The toopu.png file (b4cb0490afa7da7da6647dc7f255a6c742b649fe4ff853b83f7dd2f948b8686be) has a DLL appended to the end.”]

Source: https://blog.talosintelligence.com/2015/02/malicious-pngs-what-you-see-is-not-all.html

Exit mobile version