indicatorfilename
\\attacker.com\share\payload.cpl
- First seen
- 2026-05-13
- Last seen
- 2026-05-13
- Sightings
- 1
Posts referencing this indicator
- A Shortcut to Coercion: Incomplete Patch of APT28's Zero-Day Leads to CVE-2026-32202
Conceptual UNC path used in the LNK file to point to the attacker's remote payload, triggering outbound SMB connections.