MB-d5e2866de8ebd72ae91800af1b4abed22c825b8bb23e450c027e91734428a857 high

Description

File type: lnk. Size: 97649 bytes. Tags: Kimsuky, lnk, orange-bizarre-lynx-526-mypinata-cloud, uni-site-je--mort-php. Reporter: JAMESWT_WT. First seen: 2026-06-16 10:47:05.

• MalwareBazaar | SHA256 ...
  web:bazaar.abuse.ch

  You are currently viewing the MalwareBazaar entry for SHA256 d5e2866de8ebd72ae91800af1b4abed22c825b8bb23e450c027e91734428a857 . While MalwareBazaar tries to identify ...

  2026-06-19 00:39 UTC
• AD CS Domain Escalation - HackTricks
  web:hacktricks.wiki

  AD CS Domain Escalation Tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Browse the full HackTricks Training catalog for the assessment tracks (ARTA/GRTA/AzRTA) and Linux Hacking Expert (LHE). Support ...

  2026-06-19 00:39 UTC
• Kerberos Generates KDC_ERR_S_PRINCIPAL_UNKNOWN or KDC_ERR_PRINCIPAL_NOT ...
  web:learn.microsoft.com

  The KDC_ERR_S_PRINCIPAL_UNKNOWN and KDC_ERR_PRINCIPAL_NOT_UNIQUE errors indicate that the client is requesting access to a service that Kerberos can't identify.

  2026-06-19 00:39 UTC
• Monitoring Secure Boot certificate status with Microsoft Intune ...
  web:support.microsoft.com

  The detection script collects Secure Boot and certificate status from each device and reports it back to the Intune portal — no remediation action is taken on devices. This gives administrators a centralized, exportable view of certificate update progress across their Intune enrolled Windows devices. Why use this approach?

  2026-06-19 00:39 UTC
• Intune error codes // Tom Plant
  web:tplant.com.au

  Microsoft Intune can manage a wide range of features across multiple operating systems - and when things go wrong, it can produce some pretty obscure error codes. I ...

  2026-06-19 00:39 UTC
• Joomla JCE CVE-2026-48907 Exploited — Patch Now
  web:vulert.com

  CISA warns Joomla JCE CVE-2026-48907 is actively exploited. Learn impact, affected versions, patch steps, and mitigation guidance.

  2026-06-19 00:39 UTC
• CVE-2026-4827 Schneider Power Session Entropy Flaw: OT Risk & Fix Plan
  web:windowsforum.com

  On June 18, 2026, CISA published ICS advisory ICSA-26-169-07 for Schneider Electric Easergy, EcoStruxure, PowerLogic, Saitel, and related power-automation products affected by CVE-2026-4827, an insufficient-entropy flaw that can enable unauthorized access through weakened session management. The...

  2026-06-19 00:39 UTC
• YellowKey: Alleged BitLocker Bypass via WinRE USB on Windows 11 ...
  web:windowsforum.com

  On May 12, 2026, a researcher using the name Nightmare-Eclipse published "YellowKey," a proof-of-concept BitLocker bypass affecting Windows 11 and Windows Server 2022/2025 that can reportedly be triggered from Windows Recovery Environment with a prepared USB stick and a held CTRL key. The claim...

  2026-06-19 00:39 UTC
• File Identifier - Identify unknown files instantly - Toolsley
  web:www.toolsley.com

  Free browser tool to identify unknown files based on their contents. Recognizes over 2000 file formats using libmagic. No installation necessary. Just drag & drop!

  2026-06-19 00:39 UTC
• How to Allow App From Unknown Publisher to Run in Windows 10/11
  web:www.windowsdigitals.com

  Can't install or run an app from unknown publisher? Here's how to allow unknown publisher in Windows 11/10, and how to disable the warning.

  2026-06-19 00:39 UTC

Indicators of Compromise (3)

Each indicator is enriched from the IOC database, threat-intel feed corroboration (Threat Hunt) and VirusTotal. Click one to expand.

References (1)

• MalwareBazaar sample page Abuse.ch

  File type: lnk. Size: 97649 bytes. Tags: Kimsuky, lnk, orange-bizarre-lynx-526-mypinata-cloud, uni-site-je--mort-php. Reporter: JAMESWT_WT. First seen: 2026-06-16 10:47:05.

Only Available for Registered Users. Sign in to view.