{ "type": "bundle", "id": "bundle--0fc8bb72-766f-4b2c-a090-7a35da9529e3", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--58adf7e3-5f6b-4a47-b31f-faa83e05d2a8", "created": "2026-04-20T00:58:25.121722Z", "modified": "2026-04-20T00:58:25.121761Z", "name": "Excalibra", "identity_class": "organization" }, { "type": "url", "spec_version": "2.1", "id": "url--bcc986df-5e21-472a-9935-a0fe0c92c016", "value": "https://qugesr.online/m/bDw" }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--7097bf35-859f-46cb-bda4-ba12de81f462", "value": "qugesr.online" }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--d5c9ea3e-ac6a-48eb-93bf-98a4beb592c7", "value": "45.95.186.232" }, { "type": "threat-actor", "spec_version": "2.1", "id": "threat-actor--3cad7692-b5b4-565b-88b1-63998b3f44a1", "created": "2026-06-24T17:17:14.07226Z", "modified": "2026-06-24T17:17:14.07226Z", "name": "Kimsuky" }, { "type": "report", "spec_version": "2.1", "id": "report--01f05caf-47d4-4cdd-99cd-37c9780f9564", "created_by_ref": "identity--58adf7e3-5f6b-4a47-b31f-faa83e05d2a8", "created": "2026-06-24T17:17:14.076548Z", "modified": "2026-06-24T17:17:14.076548Z", "name": "Kimsuky Deploys Malicious LNK Files to Implant Python-Based Backdoor in Multi-Stage Attack", "published": "2026-04-14T00:00:00Z", "object_refs": [ "identity--58adf7e3-5f6b-4a47-b31f-faa83e05d2a8", "url--bcc986df-5e21-472a-9935-a0fe0c92c016", "domain-name--7097bf35-859f-46cb-bda4-ba12de81f462", "ipv4-addr--d5c9ea3e-ac6a-48eb-93bf-98a4beb592c7", "threat-actor--3cad7692-b5b4-565b-88b1-63998b3f44a1" ], "external_references": [ { "source_name": "source", "url": "https://medium.com/meetcyber/kimsuky-deploys-malicious-lnk-files-to-implant-python-based-backdoor-in-multi-stage-attack-2caa185b5361" } ] } ] }