SUSP_LNK_AWS_Jun25

Rule Info

Name
SUSP_LNK_AWS_Jun25
Author
X__Junior
Description
Detects LNK that downloads a file from an AWS S3 bucket
Score
80
Date
2025-06-04
Modified
2026-03-19
Minimum Yara
3.5.0
Rule Hash
d6dffb53a54c651f56ad105a0c8a3925
Tags
['SUSP', 'FILE', 'T1210', 'T1547_009']
Required Modules
[]

Antivirus Verdicts

Rating
Number of Samples
Malicious (>= 10 engines)
17
Suspicious (< 10 engines)
11
Clean (0 engines)
0

Rule Matches

Timestamp
Positives
Total
Hash
VT
2026-06-13 20:19:24
26
63
69e1bbf2a0dce4dedd7cad1c281f7ae3d22cac7271363379cd8bbbea80fb188f
2026-06-13 20:18:24
13
63
a7ac7ff90c20bfe6d4d8bb69dc4e911fd049b40ad1401639bd28bc61c6a8da25
2026-06-13 19:51:45
13
63
b44c49b138b4c1631a1148e6020fa4a4e011fe47babfdebdac1beff24042d472
2026-06-12 21:13:30
29
62
01fb2ed8480209ceb1ab86d662388f6e7d4bd0821f6e013c650b0d7073025774
2026-06-12 17:17:50
29
62
219d071b711bc26afbb07c18ac4af448e10ef388d80b60791c69a1c1456bdae4
2026-06-11 02:44:38
11
63
757ce1c82fef69ff7d05b6313f97cdf483ac85d5aa2fbae5defd6d3dbd416bd8
2026-06-09 12:14:44
20
62
a993ca659c0b81682e0a86838b1339d5119f6f3dc592d7f309b899dd0c8c32bb
2026-06-09 12:13:24
9
62
472f4a19a3014b44c6528e7b03cbadcd6fa4189624cb51f091a0cce2789de075
2026-06-08 21:05:56
9
62
aaf7a815943120e3313b91de231e44199aa0b540b2ac6b84bbc6c5edf0306791
2026-06-08 17:39:04
9
63
aef4d282a1ae360cebc370e8751bc6854820906ab5026091a064952fcd81f817
2026-06-08 17:31:24
9
62
7b4589f22e21a9a0ac9e16305b6a013a6879d082970b7874769c9390405e389d
2026-06-08 17:31:24
9
63
c30e4fed130c875a0bdcb02010940938fb4903cd3e567e033dd2ef385894613a
2026-06-08 17:22:05
9
63
b986c2a4b56e5b1f49894923768a44a37bf80d0692e06d98ada5f7b954f68219
2026-06-08 17:18:35
9
61
5a6013aa7f526f91471aa1bc75f3fa6b067d62599fcf4d6ee0a4a4c2ec3a0aad
2026-06-08 17:18:24
9
62
b71f3f7c170ddfbb52326a57b6869435c9ae74c2783327b9de633c6f75d55d31
2026-06-08 17:11:44
9
62
2aa127bc896330918ba5807b053d7f46530b1857e36d496f4b98d30cdf56ecc4
2026-06-08 17:10:44
9
63
da1c3fbdf58bf4c4fa905a608f14235b6d300cbc21196765d4e8fef61b38ebff
2026-06-07 18:09:04
17
62
621cf582adf26b734a9bfc29506024c9cca1102a8d4c79e7e49294bcde07240e
2026-06-06 21:53:44
15
61
dcb3777c510ff88a007aa71eb3058c2e610dbbf536a260567f93217251a8810f
2026-06-06 21:53:34
15
61
2a1a5409c9f0f3d466dd47590eff2986fcb5990d1943204a5b04f14ec150f95f
2026-06-04 16:07:34
10
61
5423593bc7b48829cc154f2f7ee9d95e8b4b072dbdaa38670f6629084fd00c3f
2026-06-04 15:43:15
9
63
6b9ca9db3b8ebae94cd0dbcf13c7d03503615e89594b806a3f89e04290ee0629
2026-06-04 14:19:15
13
63
8e522d567673cb986a51f0310ea6f4680d326c1f2741b8648b4408d4cc4812e2
2026-06-04 14:13:18
16
63
daf2524dc01d3026b152ee248e1dae91b6e04d631659decb942e0575688299e2
2026-06-03 17:54:46
31
62
7c0b380f8fe90222ce095e4040b6819d031d9fbfe1396f8065b3c354710210db
2026-06-03 17:53:07
25
61
b1f79bfd5097b13be56f052a3453f878b3a159d3e5baae48328d996766b9d46f
2025-09-23 01:04:23
24
64
2a643cb3232793e345ffddbd2918bb7899093bbe36f802e99d6e4e9424a2dd59
2025-06-11 13:31:34
34
63
c7b3edb4ac469044fac6e277e8d44c17ddefb6c0574bea48172cfca93ed6b726

Rule Matches per Month (last 24 months)