Lucy Awareness
Visit our WebsiteContact Support
  • Wiki Overview
  • Guides
    • Quick Guides
      • Create Your First Campaign
        • Adding a New Client
        • Register an Attack Domain
        • Campaign Setup
          • Selecting an Attack
          • Attack Settings
          • Awareness Settings
          • Recipients
          • Review
        • Whitelisting
    • Installing Lucy
      • On-Premise vs Cloud Installation
      • Architecture
      • Hardware Requirements
      • Network Communication
      • Installing Lucy
      • Post Installation
    • Manage Blacklisted Domains
      • Managing Google SafeBrowsing Alerts
    • Whitelisting a Lucy Server
      • Google Workspace Whitelisting
      • Microsoft O365 Whitelisting
      • File Attack Whitelisting
    • Attack Simulations
      • Attack Types
        • Data Entry Attack
        • Hyperlink Attack
        • File Attack
        • Portable Media
        • Smishing
        • Lures
        • QR Codes
        • Ransomware Emulation
        • Technical Malware Test
          • Malware Toolkit Test Suite
        • Mail & Web Filter Test
        • Email Spoofing Test
      • Attack Template Customization
      • Firewall Protection Interval
      • Email Tracking Technologies
      • Advanced Information Gathering
      • Regular Expressions in Login Fields
      • Copy a Website
      • Redirecting Users
    • Awareness Training
      • Awareness Template Customization
      • Awareness Only Campaigns
        • Using Multiple Awareness Trainings
      • Use extended method of tracking the end of the quiz
    • Reporting Plugin
      • Deploying Office 365
      • Deploying Outlook Native
      • Deploying Gmail
  • Application Screens Reference
    • Statistics Dashboard
    • Campaigns Dashboards
    • Campaigns
      • New Campaign
        • Wizard Mode
          • Selecting an Attack
          • Attack Settings
          • Awareness Settings
          • Recipients
          • Review
        • Expert Mode
      • Campaign Settings
        • Configuration
          • Base Settings
          • Awareness Settings
          • Attack Settings
          • Schedule
            • Schedule Plan
          • Recipients
        • Advanced Settings
          • User Settings
          • Filters
          • Custom Fields
          • Reminders
        • Campaign Checks
        • Logs
        • Results
          • Summary
          • Statistics
          • Reports
          • Exports
    • Templates
      • Attack Templates
      • Awareness Templates
      • File Templates
      • Report Templates
      • Campaign Templates
      • Training Diploma
      • Download templates
      • Variables in Lucy
    • Users
      • Recipient Groups
      • End Users
      • End User Portal Settings
      • Administrative Users
      • Reputation Levels
    • Settings
      • Common System Settings
        • Domains
          • Supported TLDs
        • Firewall
        • Web Proxy
        • Mail Settings
        • SMTP Servers
        • SSL Settings
          • SSL for Campaigns
        • SMS Settings
        • Filter Settings
        • API Whitelist
        • LDAP Servers
          • LDAP Sync Tool
        • LDAP Settings
        • Azure Applications
        • Azure AD Settings
        • SSO Configuration
      • Advanced System Settings
        • Advanced Settings
        • SSH Password
      • Submitted Email Settings
        • Custom Rules & Score Factors
        • Abuse Reports
        • Incident Autoresponder
        • Plugin Settings
      • Clients
        • Client Invoices
        • Client Invoice Settings
      • Backup and Restore
        • Backup Settings
      • Benchmark Sectors
      • Whitelabeling
      • File Browser
    • Incidents
    • Support
      • Status
        • Status
        • System Monitoring
        • System Health Check
        • Notifications
      • System Tests
        • Test Email
        • Performance Test
        • Spam Test
        • Mail Spoofing Test
        • Mail and Web Filter Test
      • System Logs
      • Manual
      • Update
      • Reboot
      • Mail Manager
      • Terms & Conditions
    • Account Settings
      • Two Factor Authentication
      • License
      • Invoices
    • Notifications
  • Release Notes
    • 5.4
    • 5.3.5
    • 5.3.4
    • 5.3.3
    • 5.3.2
    • 5.3.1
    • 5.3
    • 5.2.1
    • 5.2
    • 5.1
    • 5.0
    • Version 4
      • 4.14
      • 4.13
      • 4.12.1
      • 4.11
      • 4.10.1
      • 4.9.5
      • 4.9.2
      • 4.9.1
  • Legal
    • EULA
    • Privacy Policy
    • DPA, Customer and Partner Info
    • Service Level Agreement
    • Confidentiality of Campaign Data
  • When to Contact Us
    • Contact Technical Support
Powered by GitBook
On this page
  • Introduction
  • Configuration
  • New File-based Template
  • FILE-BASED ATTACK SIMULATION TEMPLATES

Was this helpful?

  1. Application Screens Reference
  2. Templates

File Templates

PreviousAwareness TemplatesNextReport Templates

Last updated 11 months ago

Was this helpful?

Introduction

This section focuses on how you can utilize our diverse range of customizable File-based templates to conduct simulated phishing campaigns. By incorporating these templates into your training modules, users are exposed to realistic scenarios involving phishing emails with malicious attachments or downloadable links.

The goal is to educate and test users on how to identify and react appropriately to potential security threats. Each template here is tailored to mimic various types of File-based attacks, providing a practical and effective approach to enhancing your organization’s security posture.


Configuration

Navigate to Templates -> File Templates

This button allows you to remove the selected file from your server.

This option enables you to create a duplicate of the selected file.

Creating duplicates is a good practice to always have the original as a reference. If you lose the original, you can use the "Download" option to search for and re-download the template.

The backup option is used to save a copy of the selected file. This is useful for safeguarding data against potential loss or corruption. Additionally, it allows you to move a customized file-based template to another LUCY instance. You can then use the "Restore" option to import the template.

This feature is used to bring a file back to a previous state from a backup. It's particularly useful if you need to revert changes or recover from a template from another Lucy instance.

Typically represented by a "+" icon, this button is used to create a new File-based attack template within the application.


New File-based Template

Select "New" to create a newly created File-based template.

When creating a new file-based attack template in LUCY, several fields and options need to be configured. Here’s a detailed explanation of each option, along with the dropdown selections provided:

General options for a new File-based temaplate

Name:

  • Enter a unique name for the new template. This is a required field.

Client:

Description:

  • Optional to provide a detailed description of the template. This helps in understanding the template's purpose and contents.

Scenario Type:

  • Web Based: Templates designed for web-based phishing scenarios.

  • Hyperlink: Templates that involve malicious hyperlinks.

  • File-Based: Templates focusing on file-based attacks (e.g., malicious attachments).

  • Mixed: Templates combining multiple types of attacks.

  • Technical Malware Test: Templates designed for testing malware resilience.

  • Portable Media Attack: Templates involving attacks via portable media (e.g., USB drives).

  • Awareness Only: Templates aimed at raising awareness without actual malicious payloads.

  • Mail & Web Test: Combined email and web-based attack simulations.

Convert HTML to PDF

  • Description: If checked, this option converts the provided HTML content into a PDF file, allowing you to create more polished and standardized attachments for your campaign.

Add Attachment:

  • Attach a file or payload that will be included in the template. Click "Choose File" to upload the file.

Configurations:

  • Additional configurations for the template can be added here.

Variables:

  • Define variables that will be used in the template. You can add multiple variables with the following fields:

    • Name: The variable name.

    • Internal Name: The name used internally in the template.

    • Type: The type of input for the variable (Text, Checkbox, Selectbox).

    • Value: The default value for the variable.

Practical Example:

When creating a file-based attack template in LUCY, such as the "Ransomware (Screen Locker)" template, you simulate a ransomware attack by locking the user's PC. You can define this template's variables in the settings as follows:

The above example prompts the user to enter a password, as defined in the first variable line. This line allows you to set the actual password needed to unlock the screen, which in this case is "123".

Additionally, in the second variable, you can define the message the user will see when they execute the file. In this case, the message is "YOUR PC IS LOCKED WITH RAN$OMWARE - CALL IT SUPPORT FOR HELP."


FILE-BASED ATTACK SIMULATION TEMPLATES

LUCY allows for the customization of various malware simulations:

Setting Name
Description
Success Action
Preferable Delivery Method

Console Interactive

Establishes a reverse HTTP/HTTPS channel to LUCY upon file execution, visible under “Sessions”. This tool operates solely in memory and supports commands via the Windows shell.

File download

Landing page

Console Outlook

Executes commands and sends results back via Outlook using MAPI, including retrieving the subject line from the last received email.

File download

Landing page

Console post

Executes limited command set within the Windows shell and sends output to LUCY. Direct command line access is available for built-in commands.

File download

Landing page

Console (POST-only)

Pings back to Lucy upon file opening without data collection.

File download/File open

Landing page

Excel Macros (Various)

Various macros templates that ping back to Lucy without data transfer. Note: For campaign settings, select "Click" as the Success Action for accurate metrics.

Click/File download/File open

Email/Landing page

Keylogger

Records keystrokes.

File download/Data submit

Email/Landing page

Macros (Various)

Various macros templates either ping back to Lucy or run specific commands. Supports scenarios with or without data collection.

File download/File open

Email/Landing page

Malware Testing Toolkit

Checks if the system is susceptible to various malware techniques.

File download/File open

Email/Portable device (USB)

Microphone

Captures audio via the microphone.

File download/Data submit

Portable device (USB)

Ransomware (Screen Locker)

Locks the PC screen, requiring a backend-set password for unlocking to simulate a real ransomware attack scenario.

File download/Data submit

Email/Portable device (USB)

Recent Documents

Retrieves a set number of documents from the recent document cache.

File download/Data submit

Email/Portable device (USB)

Screen Recorder

Captures screenshots and webcam footage as proof of concept.

File download/Data submit

Email/Portable device (USB)

SVG (Redirect)

Redirects to a phishing website when the SVG file is opened, without data transfer.

File download/Click/Data submit

Email/Portable device (USB)

There is a high likelihood of email-delivered files being blocked by mail server security policies. Admins should adjust filters to ensure delivery.

This option is used to access the , where you can re-download file-based templates from the central template repository.

Select the for whom this template is being created from the dropdown list.

See our Ransomware File-based attack in action .

Downloads page
client
\
here