# [SANS ISC] CinaRAT Delivered Through HTML ID Attributes

**[blog.rootshell.be/2022/02/11/sans-isc-cinarat-delivered-through-html-id-attributes/](https://blog.rootshell.be/2022/02/11/sans-isc-cinarat-delivered-through-html-id-attributes/)**

February 11, 2022

I published the following diary on isc.sans.edu: “CinaRAT Delivered Through HTML ID
_Attributes“:_

A few days ago, I wrote a diary about a malicious ISO file being dropped via a simple HTML
file. I found another sample that again drops a malicious ISO file but this time, it is much
more obfuscated and the VT score is… 0! Yes, not detected by any antivirus solution…

[[Read more]](https://isc.sans.edu/forums/diary/CinaRAT+Delivered+Through+HTML+ID+Attributes/28330/)


-----