: If the file was executed, assume credentials may be compromised. Reset passwords for sensitive accounts, especially banking and email, from a different, clean device .
: Run a deep scan using a reputable antivirus or mobile security suite (e.g., Malwarebytes, Bitdefender).
: Deploys overlay screens over legitimate banking or social media apps to steal login details. Indicators of Compromise (IOCs) Filename : sc23901-SMS.rar
: Scrapes the victim's contact list to spread the link further via automated SMS.
