ioc[.]one - OSINT Cyber Threat Intelligence Database

UAC-0185 aka UNC4221 Attack Detection: Hackers Target the Ukrainian Defense Forces and Military-Industrial Complex - SOC Prime

Tags

cmtmf-attack-pattern:	Boot Or Logon Autostart Execution Command And Scripting Interpreter Masquerading
country:	Ukraine
maec-delivery-vectors:	Watering Hole
attack-pattern:	Boot Or Logon Autostart Execution - T1547 Command And Scripting Interpreter - T1623 Disable Or Modify System Firewall - T1562.004 Impair Defenses - T1562 Impair Defenses - T1629 Ingress Tool Transfer - T1544 Javascript - T1059.007 Masquerading - T1655 Mshta - T1218.005 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Registry Run Keys / Startup Folder - T1547.001 Windows Command Shell - T1059.003 Visual Basic - T1059.005 Command-Line Interface - T1059 Remote File Copy - T1105 Masquerading - T1036 Mshta - T1170 Powershell - T1086 Signed Binary Proxy Execution - T1218 Masquerading

Show in Graph

Common Information

Type	Value
UUID	3c5f298a-d639-4248-921b-bb3bc3aee123
Fingerprint	c5c5185b1b019947
Analysis status	DONE
Considered CTI value	2
Text language
Published	Dec. 9, 2024, 2:51 p.m.
Added to db	Dec. 9, 2024, 4:48 p.m.
Last updated	Dec. 18, 2024, 10:26 p.m.
Headline	UAC-0185 aka UNC4221 Attack Detection: Hackers Target the Ukrainian Defense Forces and Military-Industrial Complex
Title	UAC-0185 aka UNC4221 Attack Detection: Hackers Target the Ukrainian Defense Forces and Military-Industrial Complex - SOC Prime
Detected Hints/Tags/Attributes	58/4/13

Source URLs

	Redirection	Url
Details	Source	https://socprime.com/blog/uac-0185-aka-unc4221-attack-detection/

URL Provider

Details	Provider	Source level domain
Details	socprime.com	socprime.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	237	✔	SOC Prime	https://socprime.com/feed/	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	CERT Ukraine	8		UAC-0185
Details	File	4		mil.cer
Details	File	500		mshta.exe
Details	File	3		front.png
Details	File	3		main.bat
Details	Mandiant Uncategorized Groups	5		UNC4221
Details	MITRE ATT&CK Techniques	496		T1059.001
Details	MITRE ATT&CK Techniques	358		T1059.003
Details	MITRE ATT&CK Techniques	148		T1059.005
Details	MITRE ATT&CK Techniques	407		T1547.001
Details	MITRE ATT&CK Techniques	124		T1218
Details	MITRE ATT&CK Techniques	78		T1562.004
Details	MITRE ATT&CK Techniques	512		T1105