← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Exposing a Russian Campaign Targeting Ukraine Using New Malware Duo: BadPaw and MeowMeow
WHITE PetrP.73 2026-03-06 Modified: 2026-03-06
9
IOCs
LOW VOLUME
The ClearSky Team has identified a targeted cyber campaign attributed to Russian state-aligned threat actors, aimed specifically at Ukraine. This campaign employs two newly uncovered malware strains known as BadPaw and MeowMeow. The initial attack vector involves phishing emails that direct victims to download a ZIP archive. Upon extraction, it executes an HTA file which presents a deceptive document in Ukrainian regarding border crossing appeals. Concurrently, this triggers the download of the BadPaw loader, which is implemented using .NET technologies.
badpawmeowmeow
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
BadPaw MeowMeow
Indicators of Compromise (9)
All FileHash-MD5 FileHash-SHA256 URL domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 2c5ef1a0fed545aaaf803964bb4da2e3 2026-03-06
FileHash-SHA256 160e40a763dfb518dc6929c2d7838d3f9eafab09eab1e8d0b00c69f6b73d681b 2026-03-06
FileHash-SHA256 6cad470e10c09151b5d337a082a088cfe25d697ef295e02759e1e68e8b3bbbcb 2026-03-06
URL http://infotrackerstatistic.live/open?token=2c5ef1a0fed545aaaf803964bb4da2e3 2026-03-06
URL http://virtualdailyplanner.pro/eventmanager: 2026-03-06
URL http://virtualdailyplanner.pro/getcalendar: 2026-03-06
URL http://virtualdailyplanner.pro/planneractivate 2026-03-06
domain infotrackerstatistic.live 2026-03-06
domain virtualdailyplanner.pro 2026-03-06
References (1)
↗ https://www.clearskysec.com/wp-content/uploads/2026/03/BadPaw_and_MeowMeow.pdf