MSIX With Heavily Obfuscated PowerShell Script, (Fri, Feb 9th)

A few months ago, we saw waves of MSIX malicious packages&#;x26;#;x5b;1&#;x26;#;x5d; dropping malware once installed on victim&#;x26;#;39;s computers. I started to hunt for such files and saw a big decrease in interesting hints. Today, my YARA rule triggered a new sample. Called "Rabby-Wallet.msix", the file has a VT score of 8/58&#;x26;#;x5b;2&#;x26;#;x5d;