Medusa-skeet.zip

Malicious ZIP files are often uploaded via webshells or sent through spear-phishing campaigns to install persistence tools like ConnectWise. 🛠️ Common File Characteristics

Opening or decompressing the ZIP can trigger scripts that establish a permanent foothold for attackers. Medusa-SKEET.zip

Disconnect the machine from the network to prevent the ransomware from spreading laterally. Malicious ZIP files are often uploaded via webshells

Tools like Advanced IP Scanner or SoftPerfect Network Scanner are often bundled in these archives. Medusa-SKEET.zip

The name "Medusa" refers to a high-impact variant active since 2021.