Mocky LNK (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

win.mocky_lnk (Back to overview)

Mocky LNK

Actor(s): APT28

LNK files used to lure and orchestrate execution of various scripts, interacting with the Mocky API service.

References

2024-01-31 ⋅ Trend Micro ⋅ Feike Hacquebord, Fernando Mercês
Pawn Storm Uses Brute Force and Stealth Against High-Value Targets
Mocky LNK Unidentified 114 (APT28 InfoStealer)

2023-10-26 ⋅ ⋅ ANSSI ⋅ ANSSI
Attack Campaigns of APT28 since 2021
CredoMap DriveOcean Empire Downloader Graphite MimiKatz Mocky LNK reGeorg

2023-09-06 ⋅ Zscaler ⋅ Avinash Kumar, Niraj Shivtarkar
Steal-It Campaign
Mocky LNK

2023-04-28 ⋅ ⋅ Cert-UA ⋅ Cert-UA
APT28 cyberattack: distribution of emails with "instructions" on "updating the operating system" (CERT-UA#6562)
Mocky LNK

There is no Yara-Signature yet.

Mocky LNK Propose Change

References

Mocky LNK