LNK Files and SSH Commands: A Stealthy Playbook for Advanced Cyber Attacks
Common Information
Type Value
UUID 576783ce-1495-451e-ba5a-f86cf6687c9c
Fingerprint a421099b811d6f4b
Analysis status IN_PROGRESS
Considered CTI value 0
Text language
Published Dec. 19, 2024, 9:35 a.m.
Added to db Dec. 21, 2024, 3:38 a.m.
Last updated Dec. 24, 2024, 2:02 a.m.
Headline LNK Files and SSH Commands: A Stealthy Playbook for Advanced Cyber Attacks
Title LNK Files and SSH Commands: A Stealthy Playbook for Advanced Cyber Attacks
Detected Hints/Tags/Attributes 38/1/14
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 158 Malware Analysis, News and Indicators - Latest topics https://malware.news/latest.rss 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 14
www.google.ca
Details Domain 8
goo.su
Details Domain 63
cyble.com
Details File 3
christmas-sale.exe
Details File 2
c:\users\public\ this command downloads a malicious file named christmas-sale.exe
Details File 545
mshta.exe
Details File 12
'mshta.exe
Details File 2336
cmd.exe
Details File 40
ssh.exe
Details sha256 3
8bd210b33340ee5cdd9031370eed472fcc7cae566752e39408f699644daf8494
Details sha256 6
5b6dc2ecb0f7f2e1ed759199822cb56f5b7bd993f3ef3dab0744c6746c952e36
Details sha256 3
0016e1ec6fc56e4214e7d54eb7ab3d84a4a83b4befd856e984d77d6db8fc221d
Details Url 5
https://www.google.ca/amp/s/goo.su/iwpqjp
Details Url 1
https://cyble.com/blog/a-stealthy-playbook-for-advanced-cyber-attacks