SYMBOLCOMMON_NAMEaka. SYNONYMS
win.mocky_lnk (Back to overview)

Mocky LNK

Actor(s): APT28


LNK files used to lure and orchestrate execution of various scripts, interacting with the Mocky API service.

References
2024-01-31Trend MicroFeike Hacquebord, Fernando Mercês
Pawn Storm Uses Brute Force and Stealth Against High-Value Targets
Mocky LNK Unidentified 114 (APT28 InfoStealer)
2023-10-26ANSSIANSSI
Attack Campaigns of APT28 since 2021
CredoMap DriveOcean Empire Downloader Graphite MimiKatz Mocky LNK reGeorg
2023-09-06ZscalerAvinash Kumar, Niraj Shivtarkar
Steal-It Campaign
Mocky LNK
2023-04-28Cert-UACert-UA
APT28 cyberattack: distribution of emails with "instructions" on "updating the operating system" (CERT-UA#6562)
Mocky LNK

There is no Yara-Signature yet.