mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-30 02:37:17 +00:00
[threat-actors] Add UAC-0184
This commit is contained in:
parent
b010a75426
commit
7b3c8a87c3
1 changed files with 11 additions and 0 deletions
|
@ -15279,6 +15279,17 @@
|
||||||
},
|
},
|
||||||
"uuid": "d3cda6b1-a5da-4afc-bee4-80ea2cf05e5e",
|
"uuid": "d3cda6b1-a5da-4afc-bee4-80ea2cf05e5e",
|
||||||
"value": "SPIKEDWINE"
|
"value": "SPIKEDWINE"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "UAC-0184 is a threat actor targeting Ukrainian organizations in Finland, using the Remcos Remote Access Trojan in their attacks. They have been observed utilizing steganographic image files and the IDAT Loader to deliver the malware. The group has targeted the Armed Forces of Ukraine and impersonated military recruitment processes to infect systems with the Remcos RAT.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://blog.morphisec.com/unveiling-uac-0184-the-remcos-rat-steganography-saga",
|
||||||
|
"https://cert.gov.ua/article/6276988"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "0e3224a0-3544-47d7-b1ce-fb3eb21286ad",
|
||||||
|
"value": "UAC-0184"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 302
|
"version": 302
|
||||||
|
|
Loading…
Reference in a new issue