Stealthy Cyber Attacks: LNK Files & SSH Commands Playbook
Tags
Common Information
Type | Value |
---|---|
UUID | 4c3d0242-18e9-43c6-9204-aa05943578cd |
Fingerprint | a4210b9b811d6f4b |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Dec. 19, 2024, 4:27 a.m. |
Added to db | Dec. 21, 2024, 3:38 a.m. |
Last updated | Dec. 24, 2024, 2:02 a.m. |
Headline | LNK Files and SSH Commands: A Stealthy Playbook for Advanced Cyber Attacks |
Title | Stealthy Cyber Attacks: LNK Files & SSH Commands Playbook |
Detected Hints/Tags/Attributes | 35/1/12 |
Source URLs
Redirection | Url | |
---|---|---|
Details | Source | https://cyble.com/blog/a-stealthy-playbook-for-advanced-cyber-attacks/ |
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 98 | ✔ | Cyble | https://cyble.com/feed/ | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 14 | www.google.ca |
|
Details | Domain | 8 | goo.su |
|
Details | File | 3 | christmas-sale.exe |
|
Details | File | 2 | c:\users\public\ this command downloads a malicious file named christmas-sale.exe |
|
Details | File | 545 | mshta.exe |
|
Details | File | 2336 | cmd.exe |
|
Details | File | 40 | ssh.exe |
|
Details | sha256 | 3 | 8bd210b33340ee5cdd9031370eed472fcc7cae566752e39408f699644daf8494 |
|
Details | sha256 | 6 | 5b6dc2ecb0f7f2e1ed759199822cb56f5b7bd993f3ef3dab0744c6746c952e36 |
|
Details | sha256 | 3 | 0016e1ec6fc56e4214e7d54eb7ab3d84a4a83b4befd856e984d77d6db8fc221d |
|
Details | IPv4 | 2 | 17.43.12.31 |
|
Details | Url | 5 | https://www.google.ca/amp/s/goo.su/iwpqjp |