Rule Info
Name
SUSP_LNK_AWS_Jun25
Author
X__Junior
Description
Detects LNK that downloads a file from an AWS S3 bucket
Score
80
Date
2025-06-04
Modified
2026-03-19
Minimum Yara
3.5.0
Rule Hash
d6dffb53a54c651f56ad105a0c8a3925
Tags
['SUSP', 'FILE', 'T1210', 'T1547_009']
Required Modules
[]
Virustotal Matches
Antivirus Verdicts
Rating
Number of Samples
Malicious (>= 10 engines)
17
Suspicious (< 10 engines)
11
Clean (0 engines)
0
Rule Matches
Timestamp
Positives
Total
Hash
VT
