ioc[.]one - OSINT Cyber Threat Intelligence Database

GRU's BlueDelta Targets Key Networks in Europe with Multi-Phase Espionage Campaigns

Show in Graph

Common Information

Type	Value
UUID	8eac2a3f-ed2d-4bdb-b74e-28656fc75089
Fingerprint	0f9b014a9817a1976e61a7e1113145a052d81b67be4e7f7393437904d5c9852d
Analysis status	DONE
Considered CTI value	2
Text language
Published	May 29, 2024, 2:26 p.m.
Added to db	June 2, 2024, 10:14 a.m.
Last updated	Oct. 1, 2024, 3:46 p.m.
Headline	GRU's BlueDelta Targets Key Networks in Europe with Multi-Phase Espionage Campaigns
Title	GRU's BlueDelta Targets Key Networks in Europe with Multi-Phase Espionage Campaigns
Detected Hints/Tags/Attributes	194/4/149

Source URLs

	Redirection	Url
Details	Source	https://go.recordedfuture.com/hubfs/reports/CTA-RU-2024-0530.pdf
Details	Source	https://go.recordedfuture.com/hubfs/reports/cta-ru-2024-0530.pdf

URL Provider

Details	Provider	Source level domain
Details	recordedfuture.com	go.recordedfuture.com

Attributes

Details	Type	#Events	Value
Details	Domain	49	ukr.net
Details	Domain	546	www.recordedfuture.com
Details	Domain	13	mockbin.org
Details	Domain	7	mocky.io
Details	Domain	51	msn.com
Details	Domain	4	rf.gd
Details	Domain	2	infinityfreeapp.com
Details	Domain	1	000.pe
Details	Domain	1	lovestoblog.com
Details	Domain	1	kesug.com
Details	Domain	1	wuaze.com
Details	Domain	1	great-site.net
Details	Domain	3	42web.io
Details	Domain	1	free.nf
Details	Domain	1	windows-update-service.github.io
Details	Domain	1	microsoft-update-com.github.io
Details	Domain	14	ipapi.co
Details	Domain	1	kb5021042.zip
Details	Domain	1	update-kb-5021042.zip
Details	Domain	1	file-download.infinityfreeapp.com
Details	Domain	1	fdsagdfg.rf.gd
Details	Domain	1	document-c.infinityfreeapp.com
Details	Domain	1	document-d.infinityfreeapp.com
Details	Domain	1	calc-dwn.infinityfreeapp.com
Details	Domain	1	clouddrive.infinityfreeapp.com
Details	Domain	1	documents-cloud.infinityfreeapp.com
Details	Domain	1	downloadc.infinityfreeapp.com
Details	Domain	2	downloaddoc.infinityfreeapp.com
Details	Domain	2	downloadfile.infinityfreeapp.com
Details	Domain	1	downloadingdoc.infinityfreeapp.com
Details	Domain	1	downloadinge.infinityfreeapp.com
Details	Domain	2	downloadingf.infinityfreeapp.com
Details	Domain	1	downloadingq.infinityfreeapp.com
Details	Domain	1	downloadingw.infinityfreeapp.com
Details	Domain	1	downloadx.infinityfreeapp.com
Details	Domain	1	downloadz.infinityfreeapp.com
Details	Domain	1	filedwn.infinityfreeapp.com
Details	Domain	1	filehosting.infinityfreeapp.com
Details	Domain	1	filihosting.infinityfreeapp.com
Details	Domain	1	microsoft-files.infinityfreeapp.com
Details	Domain	1	online-download.infinityfreeapp.com
Details	Domain	1	online-drive.infinityfreeapp.com
Details	Domain	1	online-files.infinityfreeapp.com
Details	Domain	2	opendoc.infinityfreeapp.com
Details	Domain	2	opendocument.infinityfreeapp.com
Details	Domain	1	opendocuments.infinityfreeapp.com
Details	Domain	2	war.zip
Details	Domain	1	al-pr.zip
Details	Domain	1	otf20231113nn001-302.zip
Details	Domain	1	calc.war.zip
Details	Domain	1	in11897.zip
Details	Domain	1	roadmap.zip
Details	Domain	1	zeyilname.zip
Details	Domain	50	webhook.site
Details	Domain	3	firstcloudit.com
Details	Domain	4	pipedream.com
Details	Domain	1	getforge.com
Details	Domain	2	consumerpanel0x254a2.frge.io
Details	Domain	3	hatdfg-rhgreh684.frge.io
Details	Domain	3	id-unconfirmeduser.frge.io
Details	Domain	3	ua-consumerpanel.frge.io
Details	Domain	4	panelunregistertle-348.frge.io
Details	Domain	3	settings-panel.frge.io
Details	Domain	12	pipedream.net
Details	Domain	3	ukrprivacysite.frge.io
Details	Domain	1	xgfdstu6k.frge.io
Details	Domain	3	setnewcred.ukr.net.frge.io
Details	Domain	1	ste.kiev.ua
Details	Domain	1	xzdgsdfhfgtjdfj.wuaze.com
Details	Domain	6	run.mocky.io
Details	Domain	1	turbify-biz-cesdaz.rf.gd
Details	Domain	1	consumerpanelapp.42web.io
Details	Domain	4	mail.ukr.net
Details	Domain	1	mail.cesd.az
Details	Domain	1	cesd.az
Details	Domain	1	mail2.progress.gov.ua
Details	Domain	1	ukrinmash.com
Details	Domain	1	delivery-ukrinmash-service.infinityfreeapp.com
Details	Domain	1	mail.ste.kiev.ua
Details	Domain	9	mail.yahoo.com
Details	Domain	1	downloadable.infinityfreeapp.com
Details	Domain	1	2023-12-bois-position-on-accessing-capital-pr.zip
Details	Domain	1	natotf20231113nn001-302.zip
Details	Domain	265	recordedfuture.com
Details	File	8	update.html
Details	File	1	kb5021042.zip
Details	File	1	update-kb-5021042.zip
Details	File	1	filedwn.php
Details	File	23	windowscodecs.dll
Details	File	1	news_week_6.docx
Details	File	312	calc.exe
Details	File	4	windowscodec.dll
Details	File	323	winword.exe
Details	File	1	execdwn.php
Details	File	2	war.zip
Details	File	2	sede-pv-2023-10-09-1_en.zip
Details	File	1	al-pr.zip
Details	File	1	otf20231113nn001-302.zip
Details	File	1	in11897.zip
Details	File	1	news_week_6.zip
Details	File	1	roadmap.zip
Details	File	1	zeyilname.zip
Details	File	1	2023-12-bois-position-on-accessing-capital-pr.zip
Details	File	1	20231113_rou_road_mov_request-natotf20231113nn001-302.zip
Details	sha1	1	bbe435a3f0adb1ef4810d22ed74f5eba8907201c
Details	sha1	1	f70c4f5f417b7360a9edb493ac2bc982bc59a18e
Details	sha1	1	555eafd28474cf01b5eea4648ec6b417d08d17ab
Details	sha1	1	2f1c2afdf17831e744841029bb5d5a3ea9fda569
Details	sha256	1	d5eb88c1fe88e274a9212ff6647e8220f1bfbc250e0e891f60ea8a28afc9b19c
Details	sha256	1	2f498a25049f89a809550a11e379912ac053eba881470ddd3a4e2b487a31c2d0
Details	sha256	1	763d47f16a230f7c2d8c135b30535a52d66a1ed210596333ca1c3890d72e6efc
Details	sha256	1	0a5109479620c4c567928680f8e4be685a74e4b31efaa98811f3b54992697e2d
Details	sha256	1	bbe435a3f0adb1ef4810d22ed74f5eba8907201cba01230b8c98dbe5963e11a8
Details	sha256	1	f70c4f5f417b7360a9edb493ac2bc982bc59a18eee064825c859ad889b0be167
Details	sha256	1	07c06492d3252236579097d5b114bbbea2173255b017fb26df7217ea986d6d10
Details	sha256	1	8dba6356fdb0e89db9b4dad10fdf3ba37e92ae42d55e7bb8f76b3d10cd7a780c
Details	sha256	1	555eafd28474cf01b5eea4648ec6b417d08d17aba151c5592c8843672812cffa
Details	sha256	1	8cc664ff412fc80485d0af61fb0617f818d37776e5a06b799f74fe0179b31768
Details	sha256	1	b0604f58c55fdba4c4381e411689b29c031dbce3fb16c656a6b5fadb578deb76
Details	sha256	1	2f1c2afdf17831e744841029bb5d5a3ea9fda569958303be03e50fb3a764913f
Details	sha256	1	f9f8ca7fa979766c168d7162df572f3549c7af2e707e5a5ac8e06bd352bb7399
Details	sha256	1	a0a67412968c10224e04bfbe32e6012b34e4a4ecc36fc72332101b90acec8fa4
Details	IPv4	1	37.191.122.186
Details	IPv4	4	68.76.150.97
Details	IPv4	3	174.53.242.108
Details	IPv4	1	73.80.9.137
Details	IPv4	1	3.80.9.137
Details	Microsoft Patch Numbers	3	KB5021042
Details	MITRE ATT&CK Techniques	82	T1583.001
Details	MITRE ATT&CK Techniques	21	T1583.006
Details	MITRE ATT&CK Techniques	49	T1608.001
Details	MITRE ATT&CK Techniques	17	T1608.005
Details	MITRE ATT&CK Techniques	310	T1566.001
Details	MITRE ATT&CK Techniques	183	T1566.002
Details	MITRE ATT&CK Techniques	460	T1059.001
Details	MITRE ATT&CK Techniques	333	T1059.003
Details	MITRE ATT&CK Techniques	137	T1059.005
Details	MITRE ATT&CK Techniques	93	T1059.007
Details	MITRE ATT&CK Techniques	97	T1497.001
Details	MITRE ATT&CK Techniques	66	T1564.003
Details	MITRE ATT&CK Techniques	10	T1056.003
Details	MITRE ATT&CK Techniques	25	T1111
Details	MITRE ATT&CK Techniques	230	T1033
Details	MITRE ATT&CK Techniques	18	T1102.001
Details	MITRE ATT&CK Techniques	4	T1102.003
Details	MITRE ATT&CK Techniques	99	T1132.001
Details	Threat Actor Identifier - APT	783	APT28
Details	Url	1	https://windows-update-service.github.io/kb5021042/update.html?id=[guid]
Details	Url	1	https://microsoft-update-com.github.io/kb5021042/update.html?id=[guid]