Bicho_curioso.rar -

Sends stolen data back to the attacker’s server via encrypted HTTP or FTP channels. 5. Indicators of Compromise (IoCs) Filenames: Bicho_curioso.rar , Bicho_curioso.exe , Bicho.exe .

Delete the .rar file and any extracted contents. Do not move them to the Recycle Bin; use Shift + Delete . Bicho_curioso.rar

Upon execution, a Downloader or Dropper is initiated. Sends stolen data back to the attacker’s server

Run a full system scan using reputable anti-malware software updated with the latest definitions. Bicho_curioso.rar

Unexpected entries in Run or RunOnce folders.