GetSmoked: UAC-0006 Returns With SmokeLoader Targeting Ukraine's Largest State-Owned Bank
Feb. 10, 2025, 8:57 p.m.
Description
UAC-0006, a financially motivated cyber threat group, has resurfaced with a sophisticated phishing campaign targeting customers of Ukraine’s largest state-owned bank, PrivatBank.
Tags
Date
- Created: Feb. 10, 2025, 8:44 p.m.
- Published: Feb. 10, 2025, 8:44 p.m.
- Modified: Feb. 10, 2025, 8:57 p.m.
Indicators
- f72f2e0f0873885313dbde954f26acd1c02ed963512111b3f00cf7e9cd6e5e6d
- f4222b240f88d43e6c63b9d9c09d93c10ba882b91fc4a61c0cd833f7c79b4c44
- f1d97e23cb0820e851d457dbb930576890e5bc6313cdf30d09f160cbdcdac90f
- ee5a55588bbdfe6749da1962a9b7d1b29a87a10a324347070edd9e8ec33f7c82
- e8b08cb0774145ac432406f5e579aabaddb485ad29ba7d1eb1c5fb3000c5eefa
- e0c57518aeef787bcf7cc13484486cfa48458bdf6b0baee02598e777a3ef83f2
- dada50182ca98f75e0055f9b4a47d8ef3a6dda5c126cac309467c02257f3c1c0
- d35cd24668474580161008eb655ce979400e382a58f0e6967b10a4d86343b6ec
- d143873322c13496b2fc580c07fead99c1679afe831202913cee522d88ff7795
- cd8dc77de5811a6a215e74cf61b3c34fcf28d5a05df5e4fc26fc9ad2ee72868b
- bfc7164ed334044c780f0f15b56b559dfabbb0007ba268c180a281ac5bcc1f19
- ca90047f4c8b5c6628e38f11c1b3411ac8f0040a2d72e35c1a37de1d9a127131
- b815638024caac8bb7e482465564ec2a091f2af52cbf635be268e9093cbc4e92
- a3aac43dd6a592c9ec58121a09c8cd22fb1b2d05ca1ff91259e43565d5e33022
- b62d21ec1f54e7f7d343bc836e87a13adf9f40f87fc54a7d3788baea9a2c2b08
- a2b10deef491ec1430f65157a411a47de0e9ad1431518b2fa4fe5f18a4f3e2bd
- 993518e45c78f9cc19daefbabef980e2e16a5e2fa11036f1e98c6446efb38676
- 9aad92a2d4b310a344f102436f12d29c7ac635478918874181a18182e4f530b4
- 97fe6b08d8a40c1f6990ca5c7405fdc98e014cf1fdfc2646580bffd34c1160ec
- 8a6466093bc38a5d075148fde75952372ab5d7bb991b74773d5e019e0e0145f0
- 80c450570cd338a594546f9e6c189ffc2a849d3bac3759c53592af30840ffb90
- 7c3a1bbbcbd2a328d8fb70efbdc55efaeb23b8511955109facef5c6c20350afb
- 7722151293bdc50640c719a55438ffd663a3d2bccc70392cdce8052b651afea0
- 75f20c4171c699a991c45671b46174b0879e1fcf83ee4cdc63af8d6a833698b3
- 6d29acbbaf0c75eca458e3936dea7d20fceca415b897573b704d151c7e9261b8
- 5b259a3ce6c0ce88690eb15d71162a930f267d960e26e88d37c92403d747f44a
- 5a0b48ccc1a353c4ace5e9626f17622611432a016577797d4c891ca945ffa7f8
- 527a4b00fc95ecb9c1308ccc4ebd6bac7c03053e8ed11cdeb08ac3a6af8775c3
- 4abf59022d70abac175ddd896e4d709d256ca56a7a9dd8a9805eb5f2af490576
- 4a559be38d60d64cb378643cc4332f40fe94d5f6c4f71a4f593e4efcd918349c
- 476a8e2d8eae4d2315e719bf67be312c5e88476509bdbac2dffee48986ad54c1
- 3998a0d2e96417ce234a79897df8bcb879295043ce3d7f188c7b3de7375b26e5
- 3bfb1a880ea62bb4ad24e98a3a641b85e2392942af59727701c57ed094e5554e
- 31ba8ceffe689b570dc696c97291780288f16a15f91d3e55bf13d7dcdf3858a9
- 3216f4728788cc9a0416290d31a2fdc97bcd3f028582efc52dc1cd8208f0cebd
- 38eb41eebbc889d046d354de345cf7c073971f62c2aaf53163ecefb7914273cc
- 21bbe1929d20c5525349dabe58748798f9cdaa1abd25f13dc98b4c0b8ffdde23
- 119b79b9cdb773dc951c36fe35ea0237e5f035bda6493103399e3697dc929c3d
- 107190bb8f28ed2bb2f0883ae1fbfe0e50cacc54c17dc526c865f6f46f40107a
- 1043ce610dd6e8b0cda635dbe1f15524c25d816f89ad22f9bc34403ef8e771cc
- 0a898f1df135d52ef5006f8dba9e9fce4ab4a85e07a9417f39c7612113eb6210
- 9833cbd22fd50181f8939114920e883bacf8d727337f5dcdf4450d0312eca188
- 89.23.107.219
- 109.70.26.37
- 94.156.177.51
- http://spotcarservice.ru/fdjskf88cvt/yumba/putty.exe
- http://spotcarservice.ru/fdjskf88cvt/putty1.exe
- http://spotcarservice.ru/fdjskf88cvt/invoce2.pdf
- http://spotcarservice.ru/fdjskf88cvt/invoce.pdf
- http://cityutl.ru/download/putty.exe
- http://cityutl.ru/download/pax.pdf
- http://89.23.107.219/privat.exe
- http://89.23.107.219/invoce.pdf
- http://89.23.107.219/final.mp4
- http://3-zak-media.de/krayer-buergerschaft/Web/bilder/putty1.exe
- http://3-zak-media.de/temp/paxynok_privatbank_06_01_2025p.zip
- http://3-zak-media.de/temp/gate.php
- spotcarservice.ru
- cityutl.ru
- restructurisationservice.ru
- constractionscity1991.lat
- connecticutproperty.ru
Additional Informations
- Critical Systems
- Financial
- Ukraine