C75.bin High Quality -

Several Reddit threads and Malwarebytes forums documented a trojan that dropped c75.bin into %APPDATA%\Microsoft\Windows\ . It was a downloader for or QakBot families. The trojan used c75.bin as a decoy to distract analysts while deploying ransomware prep modules.