Create malicious .LNK file

APT29 spearphishing used .LNK files to trick a user into executing malware. This procedure executes SeaDuke, a UPX packed Python malware.
View Command

To view this TTPs command, you must be logged in with a professional or enterprise license.


Test this TTP

Download Operator (1.7.1)
Test this TTP using one of our Operator chains
APT29 Democratic National Committee


Emulating Cozy Bear's 2016 Democratic National Committee hack.