Rus-129.7z Apr 2026

: Inside the archive, there is often a double-extension file (e.g., RUS-129_Report.pdf.exe ) or a malicious LNK (shortcut) file. Payload Delivery :

: Typically delivered via spear-phishing emails with subjects referencing official Russian military or government documentation to lure targets into opening the attachment. Malware Analysis & Behavior RUS-129.7z

The contents of RUS-129.7z generally follow a specific infection chain designed to bypass traditional security filters: : Inside the archive, there is often a

Based on current threat intelligence and technical indicators, is a malicious compressed archive identified as part of targeted phishing or cyber-espionage campaigns, often associated with geopolitical themes involving Russia and Eastern Europe. Technical Summary File Name : RUS-129.7z Extension : .7z (7-Zip compressed archive) Primary Threat Category : Trojan / Stealer / Downloader Technical Summary File Name : RUS-129

: Once the user clicks the file, it executes a malicious script (PowerShell or VBScript) or a compiled binary.

: Add the specific filename RUS-129.7z to your email security blocklist.

: The user is prompted to extract the .7z file, which may be password-protected to prevent automated sandbox analysis by email gateways.