all InfoSec news
UAC-0050 new campaign details
Jan. 30, 2024, 5:07 p.m. | /u/arieldavidpur
cybersecurity www.reddit.com
IOCs:
\---File names:---
xn--80ane1aq.7z
invoice.7z
Hashes (SHA256):
invoice.7z - df4d57ca4bf976893cdc2c191a4f0e8858088957072f5bf366f4c2f1d7ab630e
Invoice.rar - 69a4251b21e81093ae472ef68bb48d0573e122c29ae1aac58fbf7c73a4e5de87
invoice.pdf.url - c73de9036435ed3a51b4864af55b159901914ddc0e90b0ca7d954a6e500cf26f
KEY \[0-9\]{7}.txt - c1593c241a354d4727b4da88fcb8e8ff8ddf54493e0848e6aef33667b1534ff6
xn--80ane1aq.7z - 34b826565968ff34edc9617c3f6d997ce9721baf514de310d2761bc203b81f81
doc.rar - 57aaab5b85b3e0d4b6b3033d15bfbf170ab93da94188df339ef4401f76fe6762
Офіційний xn--80ane1aq.pdf.url - c73de9036435ed3a51b4864af55b159901914ddc0e90b0ca7d954a6e500cf26f
ДПСУ - КОД - \[0-9\]{7}.txt - 3a7d743cb690e0cb70dedabe39f91faa8fcabafc37ff318ad7375ab5548a3636
Subject Pattern:
Payment request
Invoices
(Ukrainian+English)
Network:
104\[.\]192\[.\]141\[.\]1
188\[.\]114\[.\]97\[.\]7
89\[.\]23\[.\]98\[.\]22 \[SMB\]
\\\\89\[.\]23\[.\]98\[.\]22\\UR\\lmncr2rs\[.\]exe
⚒ TTP's:
T1027 - Obfuscated Files or Information
T1021 - Remote Services
T1566 …
actor campaign cybersecurity doc file found hashes iocs key names pdf rar sha256 threat threat actor txt uac uac-0050 url
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Associate Compliance Advisor
@ SAP | Budapest, HU, 1031
DevSecOps Engineer
@ Qube Research & Technologies | London
Software Engineer, Security
@ Render | San Francisco, CA or Remote (USA & Canada)
Associate Consultant
@ Control Risks | Frankfurt, Hessen, Germany
Senior Security Engineer
@ Activision Blizzard | Work from Home - CA