Recently, I have accidentally found myself on a phishing website that looked extremely similar to another website. From there I downloaded a .rar file and proceeded to extract it. However, the .rar file was encrypted with a password, so after trying to extract it for a while, I gave up and removed the file.
Looking at that site again, I noticed that the domain is one letter off of the actual website I was trying to reach. So I am a little bit worried that the .rar file I downloaded earlier somehow exploited the .rar extraction software to execute some kind of malware.
I googled around and found that some extraction software may automatically run some sort of installation file after extraction, but in my case, the file was encrypted with a password, so I've only tried to extract it.
Is it possible to accidentally run a malware this way?
