Security researchers at firms like Trellix or Trend Micro frequently analyze these campaigns, noting that they often use "v2.0" or similar versioning to signal updates to their obfuscation or evasion techniques. If you have a specific sample or a source for this file, on a live system; instead, use a sandbox environment for further inspection.
These types of ZIP files typically contain malicious executables or scripts designed to: File: STHELL.v2.0.zip ...
: Bypassing multi-factor authentication (MFA) by hijacking active login sessions. Security researchers at firms like Trellix or Trend
Bored BeaverTail & InvisibleFerret Yacht Club – A Lazarus Lure Pt.2 on a live system
: Gathering details about the victim's hardware and network configuration.