CERT-UA Identifies Malicious RDP Files in Latest Attack on Ukrainian Entities - RedPacket Security
Tags
Common Information
| Type | Value |
|---|---|
| UUID | ad6ed5c3-7548-4760-a3e8-b4cff0edbd5b |
| Fingerprint | c49e2f730f19efe0 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Oct. 26, 2024, 8:01 a.m. |
| Added to db | Oct. 26, 2024, 9:15 a.m. |
| Last updated | Nov. 17, 2024, 6:54 p.m. |
| Headline | CERT-UA Identifies Malicious RDP Files in Latest Attack on Ukrainian Entities |
| Title | CERT-UA Identifies Malicious RDP Files in Latest Attack on Ukrainian Entities - RedPacket Security |
| Detected Hints/Tags/Attributes | 47/3/22 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 361 | ✔ | RedPacket Security | https://www.redpacketsecurity.com/feed/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CERT Ukraine | 13 | UAC-0215 |
|
| Details | CERT Ukraine | 7 | UAC-0218 |
|
| Details | CERT Ukraine | 6 | UAC-0001 |
|
| Details | Domain | 6 | ca-west-1.mfa-gov.cloud |
|
| Details | Domain | 4 | central-2-aws.ua-aws.army |
|
| Details | Domain | 6 | us-east-2-aws.ua-gov.cloud |
|
| Details | Domain | 5 | aws-ukraine.cloud |
|
| Details | Domain | 4 | aws-data.cloud |
|
| Details | Domain | 4 | aws-s3.cloud |
|
| Details | Domain | 4 | aws-il.cloud |
|
| Details | Domain | 4 | aws-join.cloud |
|
| Details | Domain | 5 | aws-meet.cloud |
|
| Details | Domain | 4 | aws-meetings.cloud |
|
| Details | Domain | 4 | aws-online.cloud |
|
| Details | Domain | 4 | aws-secure.cloud |
|
| Details | Domain | 5 | s3-aws.cloud |
|
| Details | Domain | 5 | s3-fbi.cloud |
|
| Details | Domain | 5 | s3-nsa.cloud |
|
| Details | Domain | 5 | s3-proofpoint.cloud |
|
| Details | File | 6 | browser.ps1 |
|
| Details | Threat Actor Identifier - APT | 665 | APT29 |
|
| Details | Threat Actor Identifier - APT | 783 | APT28 |