all InfoSec news
UAC-0050 new ongoing campaign details
Jan. 30, 2024, 5:08 p.m. | /u/arieldavidpur
Malware Analysis & Reports www.reddit.com
IOCs:
\---File names:---
xn--80ane1aq.7z
invoice.7z
Hashes (SHA256):
invoice.7z - df4d57ca4bf976893cdc2c191a4f0e8858088957072f5bf366f4c2f1d7ab630e
Invoice.rar - 69a4251b21e81093ae472ef68bb48d0573e122c29ae1aac58fbf7c73a4e5de87
invoice.pdf.url - c73de9036435ed3a51b4864af55b159901914ddc0e90b0ca7d954a6e500cf26f
KEY \[0-9\]{7}.txt - c1593c241a354d4727b4da88fcb8e8ff8ddf54493e0848e6aef33667b1534ff6
xn--80ane1aq.7z - 34b826565968ff34edc9617c3f6d997ce9721baf514de310d2761bc203b81f81
doc.rar - 57aaab5b85b3e0d4b6b3033d15bfbf170ab93da94188df339ef4401f76fe6762
Офіційний xn--80ane1aq.pdf.url - c73de9036435ed3a51b4864af55b159901914ddc0e90b0ca7d954a6e500cf26f
ДПСУ - КОД - \[0-9\]{7}.txt - 3a7d743cb690e0cb70dedabe39f91faa8fcabafc37ff318ad7375ab5548a3636
Subject Pattern:
Payment request
Invoices
(Ukrainian+English)
Network:
104\[.\]192\[.\]141\[.\]1
188\[.\]114\[.\]97\[.\]7
89\[.\]23\[.\]98\[.\]22 \[SMB\]
\\\\89\[.\]23\[.\]98\[.\]22\\UR\\lmncr2rs\[.\]exe
⚒ TTP's:
T1027 - Obfuscated Files or Information
T1021 - Remote Services
T1566 …
actor campaign doc file found hashes iocs key malware names pdf rar sha256 threat threat actor txt uac uac-0050 url
More from www.reddit.com / Malware Analysis & Reports
Understanding How CVEProject/cvelistV5 Works
3 days, 8 hours ago |
www.reddit.com
[Video] Triaging Files on VirusTotal
1 week, 1 day ago |
www.reddit.com
Need recommendations for Premium Tools
1 week, 1 day ago |
www.reddit.com
Are hidden incoming SMS common for C&C?
1 week, 3 days ago |
www.reddit.com
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Associate Principal Security Engineer
@ Activision Blizzard | Work from Home - CA
Security Engineer- Systems Integration
@ Meta | Bellevue, WA | Menlo Park, CA | New York City
Lead Security Engineer (Digital Forensic and IR Analyst)
@ Blue Yonder | Hyderabad
Senior Principal IAM Engineering Program Manager Cybersecurity
@ Providence | Redmond, WA, United States
Information Security Analyst II or III
@ Entergy | The Woodlands, Texas, United States