UNC530
· Published 21/12/2025 05:36 · Modified 21/12/2025 05:36
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 05:36
- Modified
- 21/12/2025 05:36
- Updated at
- 21/12/2025 05:36
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 1 reports, 11 attack patterns (mitre), 1 countries, 93 indicators
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (1)
-
11 MITREs 102 Observables 1 APT
Attack patterns (MITRE) (11)
-
T1027 usesObfuscated Files or Information MITRE
-
T1036.004 usesMasquerade Task or Service MITRE
-
T1219 usesRemote Access Tools MITRE
-
BITS Jobs usesBITS Jobs MITRE
-
T1105 usesIngress Tool Transfer MITRE
-
T1059.007 usesJavaScript MITRE
-
T1059.001 usesPowerShell MITRE
-
T1204.002 usesMalicious File MITRE
-
T1071.001 usesWeb Protocols MITRE
-
T1560.001 usesArchive via Utility MITRE
-
T1036.005 usesMatch Legitimate Resource Name or Location MITRE
Countries (1)
-
Ukraine targets
Indicators (93)
-
eb49a27fb886dab6d90cb5f68e9c753ae408ee656aa942bebe7ac5b2fc68891aindicates -
http://94.158.247.32/pr.11.04indicates -
7be88e131a6e180f32aab59734be70ac57d773c5b68bd7919dd32f6f6f9b3de1indicates -
6b78350cfdff778ae68b47980deeb8841d0a8a2488eb3cb6ce500758df66544eindicates -
4a98d11230dc0ab117534f78a9d626b754c0c9d7957a8d343a8f0e7a332f68ceindicates -
0c0534d036dcf5cc5152b2dcb03e837b5bf8c66481d283bd637373cd49b66f7findicates -
e21ac7085a3e38942016f3cb8db4d2f3ba0e7846c7ffb0cc7eb1d2bc0953d6d4indicates -
21623210a29df18c000dbf3fcc5bb4885e8a03915f47b152a93a07f66eb2e90findicates -
http://194.180.191.72/c/haze.pdfindicates -
7694a7f4764b9015fe00f68cd75d06f7dae77fd64c58c9bcb83fd8196cc17d4bindicates -
89feb40e4a98e3592054dbd8c4d47a9edbeb308659cf4d1ef9e3deba6f38a698indicates -
40f3e18c474e02c71620c611e2e3827793d7f07d26cc49396be500baa37dc872indicates