Spг¤tzle.7z Review

If this file was downloaded or received, do not extract it. Isolate the affected workstation from the network immediately.

Initiation of wscript.exe , powershell.exe , or regsvr32.exe immediately after extracting the archive. Recommended Actions Spätzle.7z

Delete the email and the archive from all mail servers and local directories. If this file was downloaded or received, do not extract it

JavaScript or VBScript files designed to reach out to a Command & Control (C2) server. Indicators of Compromise (IoCs) " a traditional German dish

While specific hashes vary by campaign, the following behaviors are consistent with this file:

Distributed via phishing emails disguised as invoices, shipping notifications, or internal HR documents (often referencing "Spätzle," a traditional German dish, to appear localized and innocuous).