CERT-UA Identifies Malicious RDP Files in Latest Attack on Ukrainian Entities | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting
Tags
country: Georgia Russia Ukraine
maec-delivery-vectors: Watering Hole
attack-pattern: Data Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Remote Desktop Protocol - T1021.001 Server - T1583.004 Server - T1584.004 Ssh - T1021.004 Visual Basic - T1059.005 Web Service - T1481 Powershell - T1086 Remote Desktop Protocol - T1076 Web Service - T1102
Show in Graph
Common Information
Type Value
UUID da4f8a13-3f2b-4ee4-9637-52b5e9927138
Fingerprint 841e2fb31f19efe0
Analysis status DONE
Considered CTI value 2
Text language
Published Oct. 26, 2024, 9:09 a.m.
Added to db Oct. 26, 2024, 12:13 p.m.
Last updated Nov. 17, 2024, 6:54 p.m.
Headline CERT-UA Identifies Malicious RDP Files in Latest Attack on Ukrainian Entities | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware
Title CERT-UA Identifies Malicious RDP Files in Latest Attack on Ukrainian Entities | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting
Detected Hints/Tags/Attributes 50/3/22
Source URLs
Redirection Url
Details Source https://nationalcybersecurity.com/cert-ua-identifies-malicious-rdp-files-in-latest-attack-on-ukrainian-entities-hacking-cybersecurity-infosec-comptia-pentest-ransomware/?utm_source=rss&utm_medium=rss&utm_campaign=cert-ua-identifies-malicious-rdp-files-in-latest-attack-on-ukrainian-entities-hacking-cybersecurity-infosec-comptia-pentest-ransomware
URL Provider
Details Provider Source level domain
Details nationalcybersecurity.com nationalcybersecurity.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 6 National Cyber Security Consulting http://nationalcybersecurity.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CERT Ukraine 13 
UAC-0215
Details CERT Ukraine 7 
UAC-0218
Details CERT Ukraine 6 
UAC-0001
Details Domain 6 
ca-west-1.mfa-gov.cloud
Details Domain 4 
central-2-aws.ua-aws.army
Details Domain 6 
us-east-2-aws.ua-gov.cloud
Details Domain 5 
s3-aws.cloud
Details Domain 5 
s3-fbi.cloud
Details Domain 5 
s3-nsa.cloud
Details Domain 5 
s3-proofpoint.cloud
Details Domain 5 
aws-ukraine.cloud
Details Domain 4 
aws-data.cloud
Details Domain 4 
aws-s3.cloud
Details Domain 4 
aws-il.cloud
Details Domain 4 
aws-join.cloud
Details Domain 5 
aws-meet.cloud
Details Domain 4 
aws-meetings.cloud
Details Domain 4 
aws-online.cloud
Details Domain 4 
aws-secure.cloud
Details File 6 
browser.ps1
Details Threat Actor Identifier - APT 665 
APT29
Details Threat Actor Identifier - APT 783 
APT28