Russia’s Gamaredon aka Primitive Bear APT Group Actively Targeting Ukraine (Updated June 22)
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 70ff1270-2f4a-408e-9238-34bf2a323ac1 |
| Fingerprint | b530a5d34c7287c1 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Feb. 3, 2022, 9 p.m. |
| Added to db | Sept. 11, 2022, 12:33 p.m. |
| Last updated | Nov. 17, 2024, 6:30 p.m. |
| Headline | Russia’s Gamaredon aka Primitive Bear APT Group Actively Targeting Ukraine (Updated June 22) |
| Title | Russia’s Gamaredon aka Primitive Bear APT Group Actively Targeting Ukraine (Updated June 22) |
| Detected Hints/Tags/Attributes | 0/0/109 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Autonomous System Number | 8 | AS197695 |
|
| Details | Domain | 2 | libre4.space |
|
| Details | Domain | 51 | reg.ru |
|
| Details | Domain | 1 | bitsadmin.space |
|
| Details | Domain | 1 | bigger96.allow.endanger.hokoldar.ru |
|
| Details | Domain | 1 | lovers.cam |
|
| Details | Domain | 1 | classroom14.nay.sour.reapart.ru |
|
| Details | Domain | 1 | priest.elitoras.ru |
|
| Details | Domain | 1 | principal.dot |
|
| Details | Domain | 1 | although.coferto.ru |
|
| Details | Domain | 1 | amazing.dot |
|
| Details | Domain | 1 | source68.alternate.vadilops.ru |
|
| Details | Domain | 3 | hokoldar.ru |
|
| Details | Domain | 3 | reapart.ru |
|
| Details | Domain | 49 | ukr.net |
|
| Details | Domain | 3 | dmsu.gov.ua |
|
| Details | Domain | 2 | technec.org |
|
| Details | Domain | 1 | ip45-159-200-109.crelcom.ru |
|
| Details | Domain | 3 | jolotras.ru |
|
| Details | Domain | 3 | moolin.ru |
|
| Details | Domain | 2 | naniga.ru |
|
| Details | Domain | 2 | nonimak.ru |
|
| Details | Domain | 2 | bokuwai.ru |
|
| Details | Domain | 3 | krashand.ru |
|
| Details | Domain | 3 | gorigan.ru |
|
| Details | Domain | 1 | 637753576301692900.jolotras.ru |
|
| Details | Domain | 1 | 637753623005957947.jolotras.ru |
|
| Details | Domain | 1 | 637755024217842817.jolotras.ru |
|
| Details | Domain | 1 | aaaa.nonimak.ru |
|
| Details | Domain | 1 | aaaaa.nonimak.ru |
|
| Details | Domain | 1 | aaaaaa.nonimak.ru |
|
| Details | Domain | 1 | 0enhzs.moolin.ru |
|
| Details | Domain | 1 | 0ivrlzyk.moolin.ru |
|
| Details | Domain | 1 | 0nxfri.moolin.ru |
|
| Details | Domain | 1 | 9lgo990cnmjxzwrdyksjbv.jolotras.ru |
|
| Details | Domain | 2 | bilargo.ru |
|
| Details | Domain | 2 | firtabo.ru |
|
| Details | Domain | 2 | firasto.ru |
|
| Details | Domain | 2 | myces.ru |
|
| Details | Domain | 2 | teroba.ru |
|
| Details | Domain | 2 | bacilluse.ru |
|
| Details | Domain | 2 | circulas.ru |
|
| Details | Domain | 2 | megatos.ru |
|
| Details | Domain | 2 | phymateus.ru |
|
| Details | Domain | 2 | cerambycidae.ru |
|
| Details | Domain | 2 | coleopteras.ru |
|
| Details | Domain | 2 | danainae.ru |
|
| Details | Domain | 2 | takak.ru |
|
| Details | Domain | 2 | rimien.ru |
|
| Details | Domain | 2 | maizuko.ru |
|
| Details | Domain | 3 | iruto.ru |
|
| Details | Domain | 4 | gloritapa.ru |
|
| Details | Domain | 3 | gortisir.ru |
|
| Details | Domain | 3 | gortomalo.ru |
|
| Details | Domain | 2 | langosta.ru |
|
| Details | Domain | 2 | malgaloda.ru |
|
| Details | Domain | 1 | deep-rooted.gloritapa.ru |
|
| Details | Domain | 1 | deep-sinking.gloritapa.ru |
|
| Details | Domain | 1 | deepwaterman.gloritapa.ru |
|
| Details | Domain | 1 | deepnesses.gloritapa.ru |
|
| Details | Domain | 1 | deep-lunged.gloritapa.ru |
|
| Details | Domain | 1 | deerfood.gortomalo.ru |
|
| Details | Domain | 1 | deerbrook.gortomalo.ru |
|
| Details | Domain | 1 | despite.gortisir.ru |
|
| Details | Domain | 1 | des.gortisir.ru |
|
| Details | Domain | 1 | desire.gortisir.ru |
|
| Details | Domain | 1 | alley81.salts.kolorato.ru |
|
| Details | Domain | 1 | allied.striman.ru |
|
| Details | Domain | 1 | allowance.hazari.ru |
|
| Details | Domain | 1 | allowance.telefar.ru |
|
| Details | Domain | 1 | ally.midiatr.ru |
|
| Details | Domain | 1 | allocate54.previously.bilorotka.ru |
|
| Details | Domain | 1 | alluded6.perfect.bilorotka.ru |
|
| Details | Domain | 1 | already67.perfection.zanulor.ru |
|
| Details | Domain | 1 | already8.perfection.zanulor.ru |
|
| Details | Domain | 1 | deerflys.gortomalo.ru |
|
| Details | Domain | 1 | deepmost.fly |
|
| Details | Domain | 1 | deer-neck.gortomalo.ru |
|
| Details | 1 | yana_gurina@ukr.net |
||
| Details | 1 | 6524@dmsu.gov.ua |
||
| Details | File | 1 | максим.docx |
|
| Details | File | 1 | maksim.docx |
|
| Details | File | 1 | рязанцева.docx |
|
| Details | File | 1 | suspicious.docx |
|
| Details | File | 1 | допиту.docx |
|
| Details | File | 1 | protocol.docx |
|
| Details | File | 1 | телеграмма.docx |
|
| Details | File | 1 | telegram.docx |
|
| Details | File | 1 | язки_потерпілого.docx |
|
| Details | File | 1 | victim.docx |
|
| Details | File | 1 | 2017.docx |
|
| Details | File | 1 | тимошечкин.docx |
|
| Details | File | 1 | timoshechkin.docx |
|
| Details | File | 1 | кличко.docx |
|
| Details | File | 1 | conclusion.docx |
|
| Details | File | 1 | ін.docx |
|
| Details | File | 1 | al.docx |
|
| Details | File | 1 | місяців.doc |
|
| Details | File | 1 | months.doc |
|
| Details | File | 1 | principal.dot |
|
| Details | File | 1 | amazing.dot |
|
| Details | File | 3 | msrc4plugin_for_sc.dsm |
|
| Details | File | 1 | qlpxpqpopdpnprpc.ini |
|
| Details | File | 10 | ultravnc.ini |
|
| Details | File | 1 | yiibibiqiziiibi2.jpg |
|
| Details | File | 1 | kqt5tmtetytjt4tg.jpg |
|
| Details | File | 1 | owxxxgxzxqxxxexw.jpg |
|
| Details | File | 3 | rc4.key |
|
| Details | File | 2 | sysctl.exe |