mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-22 23:07:19 +00:00
[threat-actors] Add UAC-0149
This commit is contained in:
parent
337c21be5b
commit
2de3357ec0
1 changed files with 11 additions and 0 deletions
|
@ -15896,6 +15896,17 @@
|
|||
},
|
||||
"uuid": "ee8b8fc4-59f4-4442-a4e6-3686d09c6509",
|
||||
"value": "UTA0218"
|
||||
},
|
||||
{
|
||||
"description": "UAC-0149 is a threat actor targeting the Armed Forces of Ukraine with COOKBOX malware. They use obfuscation techniques like character encoding and base64 encoding to evade detection. The group leverages dynamic DNS services and Cloudflare Workers for their C2 infrastructure.",
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://socprime.com/blog/uac-0149-attack-detection-hackers-launch-a-targeted-attack-against-the-armed-forces-of-ukraine-as-cert-ua-reports/",
|
||||
"https://cert.gov.ua/article/6277849"
|
||||
]
|
||||
},
|
||||
"uuid": "f5f6d4eb-1ec3-494e-807d-5b767122f9b2",
|
||||
"value": "UAC-0149"
|
||||
}
|
||||
],
|
||||
"version": 307
|
||||
|
|
Loading…
Reference in a new issue