Armageddon is more than a Grammy-nominated album

216.73.217.98

Armageddon is more than a Grammy-nominated album

· Published 26/06/2024 08:18 · Modified 26/06/2024 08:27

Essential information

Published: 26/06/2024 08:18
Modified: 26/06/2024 08:27
Tags: 2024-06-26 geopolitics russia ukraine
Related entities: 102 observables, 1 intrusion sets (apt), 11 techniques (mitre), 1 others

Description

This report details a Russia-linked threat actor targeting Ukraine, employing various obfuscation techniques. The malicious activity involves dropping a compressed file disguised as a RAR archive, which fetches a remote image likely for tracking execution. The payload employs mshta.exe to execute remote content and leverages LNK files with crafted filenames. The techniques suggest an effort to evade detection and hamper analysis.

External references

https://blog.strikeready.com/blog/armageddon-is-more-than-a-grammy-nominated-album/
https://otx.alienvault.com/pulse/667bceea6851fd16532946b9