mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-29 18:27:19 +00:00
[threat-actors] Add UAC-0099
This commit is contained in:
parent
fc8db1a4d2
commit
273379e5fa
1 changed files with 11 additions and 0 deletions
|
@ -13963,6 +13963,17 @@
|
||||||
},
|
},
|
||||||
"uuid": "bfc538e1-9205-420a-8641-6292023ecd08",
|
"uuid": "bfc538e1-9205-420a-8641-6292023ecd08",
|
||||||
"value": "HomeLand Justice"
|
"value": "HomeLand Justice"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "UAC-0099 is a threat actor that has been active since at least May 2023, targeting Ukrainian entities. They have been observed using a known WinRAR vulnerability to carry out attacks, indicating a level of sophistication. The actor relies on PowerShell and the creation of scheduled tasks to execute malicious VBS files for initial infection. Monitoring and limiting the functionality of these components can help mitigate the risk of UAC-0099 attacks.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://cert.gov.ua/article/4818341",
|
||||||
|
"https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "267488cb-159a-46d6-a6d6-fe93c90360b2",
|
||||||
|
"value": "UAC-0099"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 296
|
"version": 296
|
||||||
|
|
Loading…
Reference in a new issue