The system became vulnerable due to the fact that Microsoft stopped updating Windows 7. One of the viruses that attack an old operating system because of its popularity is simply Qbot.
The Trojan is “delivered” via email in emails with an attached HTML file that downloads a ZIP archive with a password. After unzipping the file, the user finds an ISO image with the calc.exe file, which replaces the actual Calendar program built into Windows 7, as well as two libraries with DLLs (WindowsCodecs.dll and 7533.dll).
In addition to these files, there is an “lnk.” inside the image, which looks like a PDF file with important information or a file opened in the Microsoft Edge browser. extension shortcut. However, when this file is opened, the computer is infected with a virus.
This happens by installing calc.exe with the WindowsCodecs.dll library – it has the same name as the original library, as a result the fake library replaces the system library.
As stated, there is no such vulnerability in next-gen Windows.
Source: Ferra
