Cyberespionage Actor Deploying Malware Using Excel
Tags
country: Ukraine
maec-delivery-vectors: Watering Hole
attack-pattern: Data Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002
Show in Graph
Common Information
Type Value
UUID 770d0c10-fa46-4517-ae76-36994777406d
Fingerprint 2c0f0d1121a78614
Analysis status DONE
Considered CTI value 1
Text language
Published Sept. 27, 2022, midnight
Added to db Sept. 26, 2022, 9:34 a.m.
Last updated Nov. 18, 2024, 3:20 p.m.
Headline Cyberespionage Actor Deploying Malware Using Excel
Title Cyberespionage Actor Deploying Malware Using Excel
Detected Hints/Tags/Attributes 51/3/8
Source URLs
Redirection Url
Details Source https://www.govinfosecurity.com/cyber-espionage-actor-deploying-malware-using-excel-a-18830
URL Provider
Details Provider Source level domain
Details govinfosecurity.com www.govinfosecurity.com
Attributes
Details Type #Events CTI Value
Details CERT Ukraine 49 
UAC-0056
Details Domain 131 
api.ipify.org
Details File 1 
'base-update.exe
Details File 1 
java-sdkjava-sdk.exe
Details File 5 
oracle-java.exe
Details File 5 
microsoft-cortana.exe
Details Mandiant Uncategorized Groups 37 
UNC2589
Details Url 1 
https://api.ipify.org/.