← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Cyber attack of UAC-0010 group (Armageddon) on state organizations of Ukraine
The Governmental Team for Response to Computer Emergencies of Ukraine CERT-UA received an e-mail from the coordinating subject with the subject "№1275 from 07.04.2022", containing the HTML file of the same name, the opening of which will lead to the creation of an archive on the computer " 1275_07.04.2022.rar ". The latter contains an LNK file "On the facts of persecution and murder of prosecutors by the Russian military in the temporarily occupied territories.lnk", the opening of which will lead to the download and launch of the payload.
Indicators of Compromise (34)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| domain | bounceme.no | — | 2022-04-08 | |
| domain | ddns.no | — | 2022-04-08 | |
| domain | freedynamicdns.no | — | 2022-04-08 | |
| domain | onthewifi.com | — | 2022-04-08 | |
| domain | redirectme.no | — | 2022-04-08 | |
| domain | serveblog.no | — | 2022-04-08 | |
| domain | serveer.com | — | 2022-04-08 | |
| domain | serveminecraft.no | — | 2022-04-08 | |
| domain | sytes.no | — | 2022-04-08 | |
| domain | viewdns.no | — | 2022-04-08 | |
| URL | http://m-vz.webhop.me | — | 2022-04-08 | |
| domain | bilitora.ru | — | 2022-04-08 | |
| domain | billyhot.ru | — | 2022-04-08 | |
| domain | dodortar.ru | — | 2022-04-08 | |
| domain | kopratiso.ru | — | 2022-04-08 | |
| domain | nitikora.ru | — | 2022-04-08 | |
| military-prosecutor@post.cz | — | 2022-04-08 | ||
| hostname | d-upl.ddns.no | — | 2022-04-08 | |
| hostname | dod-upload.dodortar.ru | — | 2022-04-08 | |
| hostname | ln-upl.ddns.no | — | 2022-04-08 | |
| hostname | lnk-upload.dodortar.ru | — | 2022-04-08 | |
| hostname | m-vz.webhop.me | — | 2022-04-08 | |
| hostname | up-dot.myftp.org | — | 2022-04-08 | |
| hostname | up-lnk.myftp.org | — | 2022-04-08 | |
| FileHash-MD5 | 16868c4fadd1d4874bcb32c6fa80123b | — | 2022-04-08 | |
| FileHash-MD5 | 1cce0fb426cd2bd3182c544af19e9c61 | — | 2022-04-08 | |
| FileHash-MD5 | b4f22ee176ab9f579cad79c85c18a72a | — | 2022-04-08 | |
| FileHash-MD5 | cde5cb3f8bb1d520a52d7e279155fc39 | — | 2022-04-08 | |
| FileHash-MD5 | d6fe6243a9b4293db6384f22524ff709 | — | 2022-04-08 | |
| FileHash-SHA256 | 208fc38faf5a2267d837971b48889e855c0edc164c0b2edefff08d0782ccf1bb | — | 2022-04-08 | |
| FileHash-SHA256 | 69366a4e652041c78c2cc267288a4c4bb0d4eece4074adda82eecd11d9dcf08d | — | 2022-04-08 | |
| FileHash-SHA256 | 890f25ee7cfb2931536ee3e12fb75ce3f0be21ec03bdfdb38dc688db06e07198 | — | 2022-04-08 | |
| FileHash-SHA256 | 945d49d58d2d3041aad9445487f01a13d863cf8e76151e9a5008615175f7e52e | — | 2022-04-08 | |
| FileHash-SHA256 | de4040a631b95044e08797837e2143c64ef7c6b981547a9220f8ed7b40701ef9 | — | 2022-04-08 |
References (1)