UAC-0125 Attack Detection: Hackers Use Fake Websites on Cloudflare Workers to Exploit the "Army+" Application - SOC Prime
Common Information
Type Value
UUID 4ae851b1-50a4-4c2a-a907-b6b774cba762
Fingerprint 84c78d9501958a44
Analysis status DONE
Considered CTI value 2
Text language
Published Dec. 18, 2024, 1:50 p.m.
Added to db Dec. 18, 2024, 3:13 p.m.
Last updated Dec. 23, 2024, 11:16 a.m.
Headline UAC-0125 Attack Detection: Hackers Use Fake Websites on Cloudflare Workers to Exploit the “Army+” Application
Title UAC-0125 Attack Detection: Hackers Use Fake Websites on Cloudflare Workers to Exploit the "Army+" Application - SOC Prime
Detected Hints/Tags/Attributes 79/4/19
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 237 SOC Prime https://socprime.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CERT Ukraine 9
UAC-0125
Details CERT Ukraine 12
UAC-0099
Details CERT Ukraine 7
UAC-0002
Details CERT Ukraine 3
UAC-0133
Details CERT Ukraine 23
UAC-0082
Details File 6
mil.cer
Details File 4
23722.exe
Details File 4
armyplus.exe
Details File 19
init.ps1
Details MITRE ATT&CK Techniques 468
T1566
Details MITRE ATT&CK Techniques 510
T1059.001
Details MITRE ATT&CK Techniques 75
T1564.003
Details MITRE ATT&CK Techniques 1062
T1082
Details MITRE ATT&CK Techniques 166
T1560
Details MITRE ATT&CK Techniques 50
T1090.003
Details MITRE ATT&CK Techniques 101
T1572
Details MITRE ATT&CK Techniques 82
T1573.002
Details MITRE ATT&CK Techniques 457
T1041
Details Threat Actor Identifier - APT 33
APT44