Infostealer Disguised as Adobe Reader Installer
A sophisticated malware campaign has been uncovered in which threat actors are tricking users into downloading malware disguised as an Adobe Reader installer. The malware prompts users to download a fake PDF file that claims Adobe Reader is required leading to the download of an executable masquerading as the Reader installer. This executable employs various techniques like DLL hijacking and UAC bypass to evade detection collect system information and exfiltrate data to attacker-controlled servers.