UAC-0125 Attack Detection: Hackers Use Fake Websites on Cloudflare Workers to Exploit the "Army+" Application - SOC Prime
Tags
Common Information
Type | Value |
---|---|
UUID | 4ae851b1-50a4-4c2a-a907-b6b774cba762 |
Fingerprint | 84c78d9501958a44 |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Dec. 18, 2024, 1:50 p.m. |
Added to db | Dec. 18, 2024, 3:13 p.m. |
Last updated | Dec. 23, 2024, 11:16 a.m. |
Headline | UAC-0125 Attack Detection: Hackers Use Fake Websites on Cloudflare Workers to Exploit the “Army+” Application |
Title | UAC-0125 Attack Detection: Hackers Use Fake Websites on Cloudflare Workers to Exploit the "Army+" Application - SOC Prime |
Detected Hints/Tags/Attributes | 79/4/19 |
Source URLs
Redirection | Url | |
---|---|---|
Details | Source | https://socprime.com/blog/uac-0125-attacks-against-ukraine-detection/ |
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 237 | ✔ | SOC Prime | https://socprime.com/feed/ | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | CERT Ukraine | 9 | UAC-0125 |
|
Details | CERT Ukraine | 12 | UAC-0099 |
|
Details | CERT Ukraine | 7 | UAC-0002 |
|
Details | CERT Ukraine | 3 | UAC-0133 |
|
Details | CERT Ukraine | 23 | UAC-0082 |
|
Details | File | 6 | mil.cer |
|
Details | File | 4 | 23722.exe |
|
Details | File | 4 | armyplus.exe |
|
Details | File | 19 | init.ps1 |
|
Details | MITRE ATT&CK Techniques | 468 | T1566 |
|
Details | MITRE ATT&CK Techniques | 510 | T1059.001 |
|
Details | MITRE ATT&CK Techniques | 75 | T1564.003 |
|
Details | MITRE ATT&CK Techniques | 1062 | T1082 |
|
Details | MITRE ATT&CK Techniques | 166 | T1560 |
|
Details | MITRE ATT&CK Techniques | 50 | T1090.003 |
|
Details | MITRE ATT&CK Techniques | 101 | T1572 |
|
Details | MITRE ATT&CK Techniques | 82 | T1573.002 |
|
Details | MITRE ATT&CK Techniques | 457 | T1041 |
|
Details | Threat Actor Identifier - APT | 33 | APT44 |