<\/a><\/figure>\n\n\n\n<\/p>\n\n\n\n
The three contained three files, a copy of the legitimate Windows calculator executable calc.exe that masquerades as an image file (“IMG-387470302099.jpg.exe”), a DLL (“WindowsCodecs.dll”), and a batch file (“zqtxmo.bat”).<\/p>\n\n\n\n