Hello,
I have a warning from a higher organization about the distribution of letters with a threat in the attachment.
There is a distribution of malicious e-mails with a disguised link to download the JAR file from the cloud service DROPBOX.
Malware refers to RAT Adwind.
Download hxxps: // www [.] dropbox.com/s/z6offdjjzr5mn4y/FULL%20ORIGINAL%20DOCUMENTS%202FC1.jar?dl=1
File FULL ORIGINAL DOCUMENTS 2FC1.jar
Themes of the letters Re: import wholsale
Details of the attachment on https://www.hybrid-analysis.com/sample/ae745fea5d6f51bd4ab5a913fe4fa08933bd78e9d04b5f2ce1e65cfe1b7f9c5c/5ac71a7f7ca3e1020e7b58b8
FULL ORIGINAL DOCUMENTS 2FC1.jar
Labeled as: Trojan.Java
Report generated by Falcon Sandbox v8.00 © Hybrid Analysis
I sent the file with a threat to the Symantec(Tracking #42360883). But I was told that this is an artifact. "FULL ORIGINAL DOCUMENTS 2FC1.jar is not malicious itself, but may be an artifact of a threat."
How can I be sure that Symantec detects a threat when employees will receive such a letter?