Spring Exacerbation: UAC-0006 increased cyberattacks
May 22, 2024, 8:24 a.m.
Description
This report aims to provide insights into the ongoing cyber operations targeting Ukraine. It analyzes the tactics, techniques, and procedures employed by threat actors in their malicious campaigns. The document offers a comprehensive overview of the cybersecurity landscape in Ukraine, highlighting the challenges faced and the measures taken to counter these threats.
Tags
Date
- Created: May 22, 2024, 7:56 a.m.
- Published: May 22, 2024, 7:56 a.m.
- Modified: May 22, 2024, 8:24 a.m.
Indicators
- a546e49506f7144ff08c824c0503f8625d17f760d8ac20074aac870b0a3941d7
- 9c9df8669f1b07ec66e7b82ac97e188412f82ce549fb3552cca84413005fec9f
- 96e1fc4906cb79eab198dc76dbed47afc5855d26be0ca37910f8359b2683aef0
- 84a02a761c545b0cc9753a74f9820dd39adfe54c635fc00fe21c2989d03874f7
- 82c78f76eabaab176b69b671865d3605d6af7e66a06bbc57d58d1494d44475b4
- 5713b230f0aa6e8a78c655494c40885b606a5ed2e2ba5a1c8729974158e683fd
- 4c9b55906b1d9774cb3a43f3ca11cde266b6ebec0afdcab2dd1bcffa1bd99ec3
- 49127fcef058750578d87b6a4a25c8da77185cdd8796bc589dc5cf31f884c171
- 41bfd96d49bf35bf4ca946b9a51fa8784baf683d634f7ce9e068f6bded979fa2
- 31.44.6.84
- 31.44.5.98
- 188.68.222.151
- 188.68.221.35
- 185.68.93.139
- 162.19.139.184
- http://vivianstyler.ru/index.php
- http://vikompalion.ru/index.php
- http://sephoraofficetz.ru/index.php
- http://rafraystore.ru/index.php
- http://picwalldoor.ru/index.php
- http://monopoliafromyou.ru/download/1.exe
- http://ccbaminumpot.ru/index.php
- http://agentsuperpupervinil.ru/index.php
- vivianstyler.ru
- vikompalion.ru
- sephoraofficetz.ru
- rafraystore.ru
- picwalldoor.ru
- monopoliafromyou.ru
- ccbaminumpot.ru
- agentsuperpupervinil.ru
Attack Patterns
- Trojan:Win32/SmokeLoader
- taleshot
- uac-0006
- T1109
- T1087.001
- T1003.001
- T1490
- T1070.004
- T1489
- T1486
- T1498
- T1485
- T1112