Public Policy Blog |
RSS Feed
|
|
%!s(int=2026) © %!d(string=New Lantern)
Public Policy Blog |
: Often contains a single executable ( .exe ), a shortcut ( .lnk ), or a script ( .vbs , .ps1 ) designed to look like a document (e.g., Astronaut_Mission_Briefing.pdf.exe ).
Initial inspection of a .rar file of this nature usually reveals the following: Download Astronaut rar
Below is a write-up of how such a file would typically be analyzed if it were encountered as a suspicious payload. 1. Delivery and Social Engineering : Often contains a single executable (
: Participate in workshops like the Cyber Security Workshop to recognize the signs of social engineering. a shortcut ( .lnk )
: Writing entries to the Windows Registry (e.g., HKCU\Software\Microsoft\Windows\CurrentVersion\Run ) to ensure it launches upon every reboot.
|
|
%!s(int=2026) © %!d(string=New Lantern)