UAC-0006
· Published 21/12/2025 04:55 · Modified 21/12/2025 12:11
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 04:55
- Modified
- 21/12/2025 12:11
- Updated at
- 21/12/2025 12:11
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 2 reports, 23 attack patterns (mitre), 5 malware, 2 sectors, 1 countries, 84 indicators
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (2)
-
13 MITREs 3 Malwares 62 Observables 1 APTPublished 10/02/2025 20:44 · Modified 10/02/2025 20:57
-
10 MITREs 2 Malwares 31 Observables 1 APTPublished 22/05/2024 07:56 · Modified 22/05/2024 08:24
Attack patterns (MITRE) (23)
-
T1087.001 usesLocal Account
-
T1490 usesInhibit System Recovery
-
T1195 usesSupply Chain Compromise
-
T1489 usesService Stop
-
T1547 usesBoot or Logon Autostart Execution
-
T1204 usesUser Execution
-
T1485 usesData Destruction
-
T1036 usesMasquerading
-
T1566 usesPhishing
-
T1055 usesProcess Injection
-
T1176 usesSoftware Extensions
-
T1498 usesNetwork Denial of Service
-
T1003 usesOS Credential Dumping
-
T1109 uses
-
T1070.004 usesFile Deletion
-
T1571 usesNon-Standard Port
-
T1218 usesSystem Binary Proxy Execution
-
T1027 usesObfuscated Files or Information
-
T1105 usesIngress Tool Transfer
-
T1059 usesCommand and Scripting Interpreter
-
T1003.001 usesLSASS Memory
-
T1112 usesModify Registry
-
T1486 usesData Encrypted for Impact
Malware (5)
-
FamilyPublished 22/05/2024 07:56 · Modified 22/05/2024 07:56
-
SmokeLoader usesFamilyPublished 16/09/2025 08:02 · Modified 16/09/2025 08:02
-
UAC-0006 usesFamilyPublished 10/02/2025 20:44 · Modified 10/02/2025 20:44
-
taleshot usesFamilyPublished 22/05/2024 07:56 · Modified 22/05/2024 07:56
-
Demo usesFamilyPublished 10/02/2025 20:44 · Modified 10/02/2025 20:44
Sectors (2)
- Critical Systems targets
- Finance targets
Countries (1)
- Ukraine targets
Indicators (84)
-
http://cityutl.ru/download/pax.pdfindicates -
a2b10deef491ec1430f65157a411a47de0e9ad1431518b2fa4fe5f18a4f3e2bdindicates -
spotcarservice.ruindicates -
http://sephoraofficetz.ru/index.phpindicates -
f1d97e23cb0820e851d457dbb930576890e5bc6313cdf30d09f160cbdcdac90findicates -
e0c57518aeef787bcf7cc13484486cfa48458bdf6b0baee02598e777a3ef83f2indicates -
connecticutproperty.ruindicates -
a3aac43dd6a592c9ec58121a09c8cd22fb1b2d05ca1ff91259e43565d5e33022indicates -
d35cd24668474580161008eb655ce979400e382a58f0e6967b10a4d86343b6ecindicates -
3bfb1a880ea62bb4ad24e98a3a641b85e2392942af59727701c57ed094e5554eindicates -
cd8dc77de5811a6a215e74cf61b3c34fcf28d5a05df5e4fc26fc9ad2ee72868bindicates -
http://cityutl.ru/download/putty.exeindicates -
http://spotcarservice.ru/fdjskf88cvt/putty1.exeindicates -
restructurisationservice.ruindicates -
0a898f1df135d52ef5006f8dba9e9fce4ab4a85e07a9417f39c7612113eb6210indicates -
agentsuperpupervinil.ruindicates -
dada50182ca98f75e0055f9b4a47d8ef3a6dda5c126cac309467c02257f3c1c0indicates -
82c78f76eabaab176b69b671865d3605d6af7e66a06bbc57d58d1494d44475b4indicates -
21bbe1929d20c5525349dabe58748798f9cdaa1abd25f13dc98b4c0b8ffdde23indicates -
4c9b55906b1d9774cb3a43f3ca11cde266b6ebec0afdcab2dd1bcffa1bd99ec3indicates -
constractionscity1991.latindicates -
9833cbd22fd50181f8939114920e883bacf8d727337f5dcdf4450d0312eca188indicates -
38eb41eebbc889d046d354de345cf7c073971f62c2aaf53163ecefb7914273ccindicates -
ccbaminumpot.ruindicates -
http://3-zak-media.de/temp/gate.phpindicates -
119b79b9cdb773dc951c36fe35ea0237e5f035bda6493103399e3697dc929c3dindicates -
49127fcef058750578d87b6a4a25c8da77185cdd8796bc589dc5cf31f884c171indicates -
5a0b48ccc1a353c4ace5e9626f17622611432a016577797d4c891ca945ffa7f8indicates -
http://3-zak-media.de/krayer-buergerschaft/Web/bilder/putty1.exeindicates -
96e1fc4906cb79eab198dc76dbed47afc5855d26be0ca37910f8359b2683aef0indicates -
41bfd96d49bf35bf4ca946b9a51fa8784baf683d634f7ce9e068f6bded979fa2indicates -
vivianstyler.ruindicates -
9c9df8669f1b07ec66e7b82ac97e188412f82ce549fb3552cca84413005fec9findicates -
http://89.23.107.219/privat.exeindicates -
9aad92a2d4b310a344f102436f12d29c7ac635478918874181a18182e4f530b4indicates -
http://spotcarservice.ru/fdjskf88cvt/invoce.pdfindicates -
107190bb8f28ed2bb2f0883ae1fbfe0e50cacc54c17dc526c865f6f46f40107aindicates -
http://89.23.107.219/final.mp4indicates -
monopoliafromyou.ruindicates -
4abf59022d70abac175ddd896e4d709d256ca56a7a9dd8a9805eb5f2af490576indicates -
http://vivianstyler.ru/index.phpindicates -
rafraystore.ruindicates -
http://89.23.107.219/invoce.pdfindicates -
b815638024caac8bb7e482465564ec2a091f2af52cbf635be268e9093cbc4e92indicates -
cityutl.ruindicates -
ee5a55588bbdfe6749da1962a9b7d1b29a87a10a324347070edd9e8ec33f7c82indicates -
f4222b240f88d43e6c63b9d9c09d93c10ba882b91fc4a61c0cd833f7c79b4c44indicates -
6d29acbbaf0c75eca458e3936dea7d20fceca415b897573b704d151c7e9261b8indicates -
b62d21ec1f54e7f7d343bc836e87a13adf9f40f87fc54a7d3788baea9a2c2b08indicates -
ca90047f4c8b5c6628e38f11c1b3411ac8f0040a2d72e35c1a37de1d9a127131indicates -
75f20c4171c699a991c45671b46174b0879e1fcf83ee4cdc63af8d6a833698b3indicates -
7c3a1bbbcbd2a328d8fb70efbdc55efaeb23b8511955109facef5c6c20350afbindicates -
f72f2e0f0873885313dbde954f26acd1c02ed963512111b3f00cf7e9cd6e5e6dindicates -
http://vikompalion.ru/index.phpindicates -
84a02a761c545b0cc9753a74f9820dd39adfe54c635fc00fe21c2989d03874f7indicates -
527a4b00fc95ecb9c1308ccc4ebd6bac7c03053e8ed11cdeb08ac3a6af8775c3indicates -
97fe6b08d8a40c1f6990ca5c7405fdc98e014cf1fdfc2646580bffd34c1160ecindicates -
http://monopoliafromyou.ru/download/1.exeindicates -
3216f4728788cc9a0416290d31a2fdc97bcd3f028582efc52dc1cd8208f0cebdindicates -
80c450570cd338a594546f9e6c189ffc2a849d3bac3759c53592af30840ffb90indicates -
5b259a3ce6c0ce88690eb15d71162a930f267d960e26e88d37c92403d747f44aindicates -
http://ccbaminumpot.ru/index.phpindicates -
picwalldoor.ruindicates -
476a8e2d8eae4d2315e719bf67be312c5e88476509bdbac2dffee48986ad54c1indicates -
31ba8ceffe689b570dc696c97291780288f16a15f91d3e55bf13d7dcdf3858a9indicates -
3998a0d2e96417ce234a79897df8bcb879295043ce3d7f188c7b3de7375b26e5indicates -
http://3-zak-media.de/temp/paxynok_privatbank_06_01_2025p.zipindicates -
5713b230f0aa6e8a78c655494c40885b606a5ed2e2ba5a1c8729974158e683fdindicates -
http://rafraystore.ru/index.phpindicates -
http://agentsuperpupervinil.ru/index.phpindicates -
http://spotcarservice.ru/fdjskf88cvt/yumba/putty.exeindicates -
993518e45c78f9cc19daefbabef980e2e16a5e2fa11036f1e98c6446efb38676indicates -
sephoraofficetz.ruindicates -
e8b08cb0774145ac432406f5e579aabaddb485ad29ba7d1eb1c5fb3000c5eefaindicates -
a546e49506f7144ff08c824c0503f8625d17f760d8ac20074aac870b0a3941d7indicates -
1043ce610dd6e8b0cda635dbe1f15524c25d816f89ad22f9bc34403ef8e771ccindicates -
8a6466093bc38a5d075148fde75952372ab5d7bb991b74773d5e019e0e0145f0indicates -
http://spotcarservice.ru/fdjskf88cvt/invoce2.pdfindicates -
http://picwalldoor.ru/index.phpindicates -
7722151293bdc50640c719a55438ffd663a3d2bccc70392cdce8052b651afea0indicates -
bfc7164ed334044c780f0f15b56b559dfabbb0007ba268c180a281ac5bcc1f19indicates -
d143873322c13496b2fc580c07fead99c1679afe831202913cee522d88ff7795indicates -
vikompalion.ruindicates -
4a559be38d60d64cb378643cc4332f40fe94d5f6c4f71a4f593e4efcd918349cindicates