Trident Ursa aka Gamaredon APT Attack Detection: Russia-Backed Hackers Escalate Offensive Activity by Targeting a Petroleum Refinery in a NATO Country  - SOC Prime
Tags
cmtmf-attack-pattern: Application Layer Protocol Boot Or Logon Autostart Execution Scheduled Task/Job
country: Russia Ukraine
maec-delivery-vectors: Watering Hole
attack-pattern: Data Application Layer Protocol - T1437 Boot Or Logon Autostart Execution - T1547 Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Fast Flux Dns - T1568.001 Fast Flux Dns - T1325 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Scheduled Task/Job - T1603 Web Services - T1583.006 Web Services - T1584.006 Standard Application Layer Protocol - T1071 Modify Registry - T1112 Scheduled Task - T1053
Show in Graph
Common Information
Type Value
UUID a05e5159-d2af-49c9-bd2a-c8fea07e3e23
Fingerprint a4758dd78394ef45
Analysis status DONE
Considered CTI value 2
Text language
Published Dec. 22, 2022, 2:45 p.m.
Added to db Dec. 22, 2022, 4:44 p.m.
Last updated Nov. 17, 2024, 6:56 p.m.
Headline Trident Ursa aka Gamaredon APT Attack Detection: Russia-Backed Hackers Escalate Offensive Activity by Targeting a Petroleum Refinery in a NATO Country
Title Trident Ursa aka Gamaredon APT Attack Detection: Russia-Backed Hackers Escalate Offensive Activity by Targeting a Petroleum Refinery in a NATO Country  - SOC Prime
Detected Hints/Tags/Attributes 62/4/6
Source URLs
Redirection Url
Details Source https://socprime.com/blog/trident-ursa-aka-gamaredon-apt-attack-detection-russia-backed-hackers-escalate-offensive-activity-by-targeting-a-petroleum-refinery-in-a-nato-country/
URL Provider
Details Provider Source level domain
Details socprime.com socprime.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 237 SOC Prime https://socprime.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CERT Ukraine 40 
UAC-0010
Details File 4 
gammaload.ps1
Details MITRE ATT&CK Techniques 444 
T1071
Details MITRE ATT&CK Techniques 480 
T1053
Details MITRE ATT&CK Techniques 207 
T1547
Details MITRE ATT&CK Techniques 550 
T1112