Poolfun_2.7z 90%

: Distributed via social engineering, frequently through LinkedIn or WhatsApp messages offering fake job opportunities at high-profile firms [1, 3]. Execution Chain :

The .7z archive contains a decoy document (e.g., a PDF resume) and a malicious executable [2]. PoolFun_2.7z

Once extracted and run, it employs —using a legitimate application to load a malicious DLL—to bypass security software [4, 5]. : The file often uses password protection (e

: The file often uses password protection (e.g., password "123") to prevent automated sandbox scanning and email gateway detection [1, 6]. Risk Assessment It is designed for espionage and data theft

is widely identified as a malicious archive associated with targeted cyberattacks, specifically linked to the Lazarus Group (a North Korean state-sponsored threat actor) [1, 2].

If you have encountered this file, it should be treated as a . It is designed for espionage and data theft , specifically targeting aerospace, defense, and financial sectors [1, 2].