A spate of malicious emails with attachments delivering the NanoCore remote access trojan evading anti-malware and email scanners by abusing the.ZIPX file format. In reality, the appended file is an Icon image file wrapped inside a.RAR package. NanoCore is a modular trojan that can be modified to include additional. plugins, expanding its functionality and performance based on the user s. needs to be extracted by an unzip tool that can extract the. executable file.
Source: https://threatpost.com/nanocore-rat-email-defenses-zipx/164701/