{ "name": "Armageddon is more than a Grammy-nominated album", "slug": "armageddon-is-more-than-a-grammy-nominated-album", "description": "This report details a Russia-linked threat actor targeting Ukraine, employing various obfuscation techniques. The malicious activity involves dropping a compressed file disguised as a RAR archive, which fetches a remote image likely for tracking execution. The payload employs mshta.exe to execute remote content and leverages LNK files with crafted filenames. The techniques suggest an effort to evade detection and hamper analysis.", "published": "2024-06-26T06:18:50+00:00", "created_at": "2024-06-26T06:18:50+00:00", "modified_at": "2024-06-26T06:27:31+00:00", "created_at_opencti": "2024-06-26T06:18:50+00:00", "author": "", "confidence": null, "report_types": [], "labels": [], "tags": [ "2024-06-26", "geopolitics", "russia", "ukraine" ], "related_entities": { "observables": [ { "id": "", "name": "194.180.191.72" }, { "id": "", "name": "194.180.191.34" }, { "id": "", "name": "194.180.191.31" }, { "id": "", "name": "194.180.191.12" }, { "id": "", "name": "185.225.19.69" }, { "id": "", "name": "185.225.19.13" }, { "id": "", "name": "94.158.247.32" }, { "id": "", "name": "194.180.191.15" }, { "id": "", "name": "194.180.191.41" }, { "id": "", "name": "http://94.158.247.32/sb.15.04" }, { "id": "", "name": "http://94.158.247.32/pr/quickly.bmp" }, { "id": "", "name": "http://94.158.247.32/pr.11.04" }, { "id": "", "name": "http://94.158.247.32/odd/selected.bmp" }, { "id": "", "name": "http://94.158.247.32/mou/reign.bmp" }, { "id": "", "name": "http://94.158.247.32/odd.15.04" }, { "id": "", "name": "http://94.158.247.32/mou.15.04" }, { "id": "", "name": "http://94.158.247.32/moh.17.04" }, { "id": "", "name": "http://94.158.247.32/fes.17.04" }, { "id": "", "name": "http://194.180.191.72/c/haze.pdf" }, { "id": "", "name": "http://194.180.191.72/c.19.06" }, { "id": "", "name": "http://194.180.191.41/omr/deal.pdf" }, { "id": "", "name": "http://194.180.191.41/omr/bananas.pdf" }, { "id": "", "name": "http://194.180.191.41/omr.11.06" }, { "id": "", "name": "http://194.180.191.34/sukr.19.04" }, { "id": "", "name": "http://194.180.191.34/sukr/regard.tmp" }, { "id": "", "name": "http://194.180.191.34/siz/bandage.tmp" }, { "id": "", "name": "http://194.180.191.34/siz.19.04" }, { "id": "", "name": "http://194.180.191.34/prob.18.04" }, { "id": "", "name": "http://194.180.191.34/gps.19.04" }, { "id": "", "name": "http://194.180.191.34/pr.18.04" }, { "id": "", "name": "http://194.180.191.31/zaliz/regions.tmp" }, { "id": "", "name": "http://194.180.191.31/zaliz.23.04" }, { "id": "", "name": "http://194.180.191.31/odes/relief.tmp" }, { "id": "", "name": "http://194.180.191.31/odes.24.04" }, { "id": "", "name": "http://194.180.191.15/ods/predator.zip" }, { "id": "", "name": "http://194.180.191.15/ods.06.06" }, { "id": "", "name": "http://194.180.191.12/od/barren.7z" }, { "id": "", "name": "http://194.180.191.12/od.04.06" }, { "id": "", "name": "http://185.225.19.69/gm/decency.zip" }, { "id": "", "name": "http://185.225.19.69/gm.03.05" }, { "id": "", "name": "http://185.225.19.13/c/intention.pdf" }, { "id": "", "name": "http://185.225.19.13/c.18.06" }, { "id": "", "name": "ff6029cbbf66db06113a576533d2fdca734c4a44338625cbf58929c9ee87e26a" }, { "id": "", "name": "f79b723fa88f39d5df67f2517b088a12b490673fa07d6a2b35275f7dc573172e" }, { "id": "", "name": "ee237449f2ad354fbe15e9505a96f6682dd66ca8277e93c7424c751d6da201ff" }, { "id": "", "name": "eb49a27fb886dab6d90cb5f68e9c753ae408ee656aa942bebe7ac5b2fc68891a" }, { "id": "", "name": "eaec8cc4876f8e85f387cee5f1443ae48858f7b5b36be395ea0c139c1367d8de" }, { "id": "", "name": "eb0bf4fd7f6653c7083f3e691d566cecc0049e94308f54c8d64af34a54bc78a1" }, { "id": "", "name": "e21ac7085a3e38942016f3cb8db4d2f3ba0e7846c7ffb0cc7eb1d2bc0953d6d4" }, { "id": "", "name": "e18cb739dbb3ab86803db71bf93d407a8bbabfa836eabc85a3133dfc126eb94b" }, { "id": "", "name": "df7e86b3a3c577285b7d00671b93c759cf973a90f2cce0cbff1ace7247015c30" }, { "id": "", "name": "dbf1d945dd6869885a5effcda12e81a626079fb9bb66ede8bb58c3e5539465d2" }, { "id": "", "name": "d20ad28197210f72947f4f14e6a5dd6aafcbf4309d46e8a1bf7f18d107784b77" }, { "id": "", "name": "ce3f4bd2a8c548165ec2a0f41d0bbd1ad5e87a2aebc026e82f15c956ba51ed3d" }, { "id": "", "name": "cddaa6af9fa15fb2e6a8bfffab0fade552331cedac28a179ee9f49dfef37aea1" }, { "id": "", "name": "cd05c4daf81a06e1941833734b20c1b2427e9cbf9b86c1c7fc6515f27932970b" }, { "id": "", "name": "c901f2188065c443575a84249ce012faa735657b79e6dd5dc6697358d59fb574" }, { "id": "", "name": "bd514e1622e557c80252bd000060e8221c651e485a43e795fce47ab60a1d8468" }, { "id": "", "name": "bccaa77cf271e8e2c4aaf9982154e8166445c05274d3f58a8352b5daf0ffa3c9" }, { "id": "", "name": "b0b962951434ff103d45db66096e04d468c757379081e6ef534da800ed6a6cef" }, { "id": "", "name": "a8e291d181c01f7e25e14910b60755d0d439ab1d8616ce0e122514b3fed3dc52" }, { "id": "", "name": "a459022936dbffe74089f1ed8160303f1fe909ff459842397d507c0b198a5ee1" }, { "id": "", "name": "a2376a67640be242bec5c9ffe46822abab2361f7210a8d9ad6333df45e67117f" }, { "id": "", "name": "9e774b37b930c3f0c79311f6de448bc5602e16edfef92f4ff09645f27217cdea" }, { "id": "", "name": "9de40cb245c783935d8a7c809262f91f6a511baed67d758b7c48de7b3505e7b0" }, { "id": "", "name": "8e5f93ffef422ac9f6f19b840509aba5ae88aa39d846c1e40f04b26c4d20cf79" }, { "id": "", "name": "908b8f5f73ab2dfc7bf3070868d219d1b45f8e2d1f560162dddfd6ce19ed7592" }, { "id": "", "name": "8d660b8e4b5ad82aeeee594545d400483662630d301e832ee35627695a746f95" }, { "id": "", "name": "8c8a3457007f6e2d1d75715d21b0423e9c6b90fd2e62f7b4398180017e3f768f" }, { "id": "", "name": "8ab7601d03c890a078ac9f8763c950b24b5908cb76559110a65dc1d2e4385097" }, { "id": "", "name": "89feb40e4a98e3592054dbd8c4d47a9edbeb308659cf4d1ef9e3deba6f38a698" }, { "id": "", "name": "84bd6f3182ab398d5363fd6b8a375641e08c57318225714a618ffb6b6b10aefb" }, { "id": "", "name": "841585615fc9cb62b0f8410f1a4df38e7d11cc4b48c54e75dcdc051e9308257e" }, { "id": "", "name": "7be88e131a6e180f32aab59734be70ac57d773c5b68bd7919dd32f6f6f9b3de1" }, { "id": "", "name": "7ab474672b5b9a86fd1b00ab6ec5d2164ecab9cf846ebccb65202ed68d65eaf1" }, { "id": "", "name": "78e1b171afbae8b994792bb33a0bf41f39d596def43a6b3e1ac28d7dd27bb8ca" }, { "id": "", "name": "7694a7f4764b9015fe00f68cd75d06f7dae77fd64c58c9bcb83fd8196cc17d4b" }, { "id": "", "name": "6b78350cfdff778ae68b47980deeb8841d0a8a2488eb3cb6ce500758df66544e" }, { "id": "", "name": "6d2f57de35671937d6134bf4d2fdbfe6310a6b184dceecdeaa7f4583eb0ab6f6" }, { "id": "", "name": "602b1284193f71ab87a9b8d656bfd858f113e2f1a9d85d8331740d2c852a075b" }, { "id": "", "name": "5cf828715c004f42eea066b4935511ecb42a4e150235faee482b06904af83cc7" }, { "id": "", "name": "511eb0f06e4c528be6627d537b118bf4932f5a90adc81a3e986beea90f14fe77" }, { "id": "", "name": "55a49f62bdd66c6d6a84f476aa0f64a9b27376164ae1875e273ce9bec2eb7f43" }, { "id": "", "name": "4ade1dc7f4558df1ccc96433e5b26872ab283fcd39e4a3f070480ea62d3e9f30" }, { "id": "", "name": "4a98d11230dc0ab117534f78a9d626b754c0c9d7957a8d343a8f0e7a332f68ce" }, { "id": "", "name": "4520da04e857ac097daa03500ed553ed49ec00e6fc0f349b977a11bbe1ec0924" }, { "id": "", "name": "451f0b06775ab715249635fc6930db45bfa4bd343f448b33a49f4941653a7315" }, { "id": "", "name": "4347d7b2d8d180978f4646ccc457be2de0d0c7db84896e1bcd250d2d834a37b1" }, { "id": "", "name": "40f3e18c474e02c71620c611e2e3827793d7f07d26cc49396be500baa37dc872" }, { "id": "", "name": "406a09578b07415880b035cb8afd688465ffd28a9c7c46680987295ce50d8840" }, { "id": "", "name": "3b5c1f5df0d1d76ee58cf859557f03df35692f2a57d10c111ebdec9f69ac4b34" }, { "id": "", "name": "3afc8955057eb0bae819ead1e7f534f6e5784bbd5b6aa3a08af72e187b157c5b" }, { "id": "", "name": "304e8e18068a34c6aed82d0ad744f94687c08842a51e525a87d22a65db2334e5" }, { "id": "", "name": "268061a244d56a5347ae66364f6a1cf6ab5654d19086fae6d5607b95d8fc793c" }, { "id": "", "name": "21623210a29df18c000dbf3fcc5bb4885e8a03915f47b152a93a07f66eb2e90f" }, { "id": "", "name": "1ec58003c6b7625935976bdfdf7d4a11228a57b32ce1eeece68a1ab48536bbc0" }, { "id": "", "name": "1915bb1784b164307af70a70e3264cfe3bc3c82c43e49da59c0c592d4d29af43" }, { "id": "", "name": "15ce500029cae11a5b07ed654faa371ef0bb0eb9add630a1e03c58606ea35eb9" }, { "id": "", "name": "1543723a1dcc8f5638cd43c5882f132b554c248b334473098fc49ae007e8ee4e" }, { "id": "", "name": "0c0534d036dcf5cc5152b2dcb03e837b5bf8c66481d283bd637373cd49b66f7f" }, { "id": "", "name": "062c25a86461f7f8d392e93bd97836773a889adbdbac9d2ce11e65860a4f2af2" }, { "id": "", "name": "00494102c3d9fd8ab40d8e7b3f8a1d4e30876257c18c45761922edf938970719" } ], "intrusion_sets": [ { "id": "2f2983e3-cec8-4cda-a9f4-a02370961e09", "name": "UNC530", "slug": "unc530" } ], "attack_patterns": [ { "id": "14ea0786-b57c-4a30-8e4e-46944d17eb18", "name": "T1036.004" }, { "id": "6c54bb5e-b90c-478e-b1fb-705daf1869b3", "name": "T1197" }, { "id": "1584b551-72fb-4f60-ba7a-bdac106e6f9b", "name": "T1560.001" }, { "id": "32b33067-6566-4b8d-be80-e96f765d84de", "name": "T1059.001" }, { "id": "9322d33b-00c1-4f99-9f1a-a33d93c0dac2", "name": "T1059.007" }, { "id": "c9ee9b30-ba84-4c24-95e9-e8242d42af3f", "name": "T1071.001" }, { "id": "6ccd4566-e15e-40cf-b7df-4a3f737ce5cd", "name": "T1036.005" }, { "id": "196f2a64-c55b-47a6-8e38-beb76ba700b6", "name": "T1204.002" }, { "id": "cbd87c8c-3bed-461a-acef-56ffc8b87571", "name": "T1105" }, { "id": "c12e0e03-aab0-4646-a929-e921a3d27f02", "name": "T1219" }, { "id": "0c836307-129e-4ff7-a532-180c633cacba", "name": "T1027" } ], "others": [ { "id": "", "name": "Ukraine" } ] }, "external_refs": [ "https://blog.strikeready.com/blog/armageddon-is-more-than-a-grammy-nominated-album/", "https://otx.alienvault.com/pulse/667bceea6851fd16532946b9" ] }