ioc[.]one - OSINT Cyber Threat Intelligence Database

Destructive malware targeting Ukrainian organizations - Microsoft Security Blog

Tags

country:	Ukraine
maec-delivery-vectors:	Watering Hole
attack-pattern:	Credentials - T1589.001 Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001

Show in Graph

Common Information

Type	Value
UUID	bc578b83-ce38-4c4a-8453-233f267bff04
Fingerprint	75302ab71c6d8295
Analysis status	DONE
Considered CTI value	2
Text language
Published	Jan. 15, 2022, 6:28 p.m.
Added to db	Sept. 11, 2022, 12:43 p.m.
Last updated	Nov. 17, 2024, 10:40 p.m.
Headline	Destructive malware targeting Ukrainian organizations
Title	Destructive malware targeting Ukrainian organizations - Microsoft Security Blog
Detected Hints/Tags/Attributes	62/3/9

Source URLs

	Redirection	Url
Details	Source	https://www.microsoft.com/security/blog/2022/01/15/destructive-malware-targeting-ukrainian-organizations/

URL Provider

Details	Provider	Source level domain
Details	microsoft.com	www.microsoft.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	6		djvu.sh
Details	File	16		stage1.exe
Details	File	20		stage2.exe
Details	File	2126		cmd.exe
Details	File	1		c:\stage1.exe
Details	sha256	20		a196c6b8ffcb97ffb276d04f354696e2391311db3841ae16c8c9f56f36a38e92
Details	sha256	21		dcbbae5a1c61dbbbb7dcd6dc5dd1eb1169f5329958d38b58c3fd9384081c9b78
Details	IPv4	1441		127.0.0.1
Details	Deprecated Microsoft Threat Actor Naming Taxonomy (Groups in development)	51		DEV-0586