Stealthy Cyber Attacks: LNK Files & SSH Commands Playbook
Common Information
Type Value
UUID 4c3d0242-18e9-43c6-9204-aa05943578cd
Fingerprint a4210b9b811d6f4b
Analysis status DONE
Considered CTI value 2
Text language
Published Dec. 19, 2024, 4:27 a.m.
Added to db Dec. 21, 2024, 3:38 a.m.
Last updated Dec. 24, 2024, 2:02 a.m.
Headline LNK Files and SSH Commands: A Stealthy Playbook for Advanced Cyber Attacks
Title Stealthy Cyber Attacks: LNK Files & SSH Commands Playbook
Detected Hints/Tags/Attributes 35/1/12
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 98 Cyble https://cyble.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 14
www.google.ca
Details Domain 8
goo.su
Details File 3
christmas-sale.exe
Details File 2
c:\users\public\ this command downloads a malicious file named christmas-sale.exe
Details File 545
mshta.exe
Details File 2336
cmd.exe
Details File 40
ssh.exe
Details sha256 3
8bd210b33340ee5cdd9031370eed472fcc7cae566752e39408f699644daf8494
Details sha256 6
5b6dc2ecb0f7f2e1ed759199822cb56f5b7bd993f3ef3dab0744c6746c952e36
Details sha256 3
0016e1ec6fc56e4214e7d54eb7ab3d84a4a83b4befd856e984d77d6db8fc221d
Details IPv4 2
17.43.12.31
Details Url 5
https://www.google.ca/amp/s/goo.su/iwpqjp