Rule Info
Name
APT_NK_APT37_LNK_Jul22_1
Author
Florian Roth
Description
Detects malicious link files as used by APT34
Score
95
Date
2022-07-27
Minimum Yara
3.5.0
Rule Hash
8e78616fe2a3c4f59b46f2665e7bfc9a
Tags
['G0049', 'NK', 'FILE', 'T1547_009', 'G0067', 'MIDDLE_EAST', 'G0057', 'APT', 'T1210']
Required Modules
[]
Virustotal Matches
Antivirus Verdicts
Rating
Number of Samples
Malicious (>= 10 engines)
1
Suspicious (< 10 engines)
0
Clean (0 engines)
0
Rule Matches
Rule Matches per Month (last 24 months)
Scan your endpoints, forensic images or collected files with our portable scanner THOR