Spring Exacerbation: UAC-0006 increased cyberattacks

May 22, 2024, 8:24 a.m.

Description

This report aims to provide insights into the ongoing cyber operations targeting Ukraine. It analyzes the tactics, techniques, and procedures employed by threat actors in their malicious campaigns. The document offers a comprehensive overview of the cybersecurity landscape in Ukraine, highlighting the challenges faced and the measures taken to counter these threats.

Date

  • Created: May 22, 2024, 7:56 a.m.
  • Published: May 22, 2024, 7:56 a.m.
  • Modified: May 22, 2024, 8:24 a.m.

Indicators

  • a546e49506f7144ff08c824c0503f8625d17f760d8ac20074aac870b0a3941d7
  • 9c9df8669f1b07ec66e7b82ac97e188412f82ce549fb3552cca84413005fec9f
  • 96e1fc4906cb79eab198dc76dbed47afc5855d26be0ca37910f8359b2683aef0
  • 84a02a761c545b0cc9753a74f9820dd39adfe54c635fc00fe21c2989d03874f7
  • 82c78f76eabaab176b69b671865d3605d6af7e66a06bbc57d58d1494d44475b4
  • 5713b230f0aa6e8a78c655494c40885b606a5ed2e2ba5a1c8729974158e683fd
  • 4c9b55906b1d9774cb3a43f3ca11cde266b6ebec0afdcab2dd1bcffa1bd99ec3
  • 49127fcef058750578d87b6a4a25c8da77185cdd8796bc589dc5cf31f884c171
  • 41bfd96d49bf35bf4ca946b9a51fa8784baf683d634f7ce9e068f6bded979fa2
  • 31.44.6.84
  • 31.44.5.98
  • 188.68.222.151
  • 188.68.221.35
  • 185.68.93.139
  • 162.19.139.184
  • http://vivianstyler.ru/index.php
  • http://vikompalion.ru/index.php
  • http://sephoraofficetz.ru/index.php
  • http://rafraystore.ru/index.php
  • http://picwalldoor.ru/index.php
  • http://monopoliafromyou.ru/download/1.exe
  • http://ccbaminumpot.ru/index.php
  • http://agentsuperpupervinil.ru/index.php
  • vivianstyler.ru
  • vikompalion.ru
  • sephoraofficetz.ru
  • rafraystore.ru
  • picwalldoor.ru
  • monopoliafromyou.ru
  • ccbaminumpot.ru
  • agentsuperpupervinil.ru

Attack Patterns

  • Trojan:Win32/SmokeLoader
  • taleshot
  • uac-0006
  • T1109
  • T1087.001
  • T1003.001
  • T1490
  • T1070.004
  • T1489
  • T1486
  • T1498
  • T1485
  • T1112