Cyberattack UAC-0125 using the “Army+” theme (CERT-UA#12559)
Common Information
Type Value
UUID 5ffe5a93-236e-48fb-9ee7-5fcb0cbbde4d
Fingerprint 24c767692436afc4
Analysis status DONE
Considered CTI value 2
Text language
Published Dec. 18, 2024, 4:49 p.m.
Added to db Dec. 18, 2024, 6:04 p.m.
Last updated Dec. 23, 2024, 7:16 a.m.
Headline Cyberattack UAC-0125 using the “Army+” theme (CERT-UA#12559)
Title Cyberattack UAC-0125 using the “Army+” theme (CERT-UA#12559)
Detected Hints/Tags/Attributes 27/2/30
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 167 Cybersecurity on Medium https://medium.com/feed/tag/cybersecurity 2024-08-30 22:08
Details 171 Malware on Medium https://medium.com/feed/tag/malware 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CERT Ukraine 9
UAC-0125
Details CERT Ukraine 7
UAC-0002
Details Domain 22
workers.dev
Details Domain 2
desktopapluscom.workers.dev
Details Domain 2
desktopaplus.workers.dev
Details Domain 2
armyplus-desktop.workers.dev
Details Domain 2
aplusdesktop.workers.dev
Details Domain 2
armylpus.workers.dev
Details Domain 2
aplusmodgovua.workers.dev
Details Domain 2
wvtmsouaa2gt6jmcuxj5hkfrqdss5lhecoqijt5dl7gfruueu3i5mkad.onion
Details File 6
mil.cer
Details File 4
23722.exe
Details File 4
armyplus.exe
Details File 19
init.ps1
Details File 1
office16.iso
Details File 1
23672.exe
Details File 2
guid.txt
Details md5 2
79782773ffee7b8141674c27e9bfc109
Details md5 2
4316eb790d186ffda2999257f8ded747
Details md5 1
0799756F104A70CB6CE0CFC422DE25DB
Details md5 2
a27a90a685dad9fc7f1c5962f278f197
Details md5 2
52853b39922251a4166a5b032e577e7a
Details md5 2
ed0c7c1925ac23bd8b4d09e77aabb0ee
Details md5 2
a2f355057ade20d32afc5c4192ce3986
Details sha256 2
d2049157980b7ee0a54948d4def4ab62303ca51cadaada06fb51c583ecbce1a2
Details sha256 2
4dca04f1e16cbe88776a3187031cff64981155cb3b992031250c6fed40496318
Details sha256 2
86039bc8b1a6bb823f5cbf27d1a4a3b319b83d242f09ffcd96f38bbdbbaaa78f
Details sha256 2
8ba4c3ede1ed05a3ad7075fee503215648ec078a13523492e2e91a59fa40c8da
Details sha256 2
b663e08cc267cdb7a02d5131cb04b8b05cb6ad13ac1d571c6aafe69e06bf8f80
Details Threat Actor Identifier - APT 33
APT44