UAC-0184: Targeted attacks on Ukrainian servicemen using the recruiting theme related to the 3rd Separate Special Purpose Brigade and the Israeli Defense Forces (IDF) [Thursday, January 11, 2024]

Trendmicro experts informed CERT-UA on 22.12.2023 about the discovery of suspicious files, most of which were related to the theme of war.+ Based o...
UAC-0184: Targeted attacks on Ukrainian servicemen using the recruiting theme related to the 3rd Separate Special Purpose Brigade and the Israeli Defense Forces (IDF) [Thursday, January 11, 2024]
UAC-0184: Targeted attacks on Ukrainian servicemen using the recruiting theme related to the 3rd Separate Special Purpose Brigade and the Israeli Defense Forces (IDF)
Report

UAC-0184: Targeted attacks on Ukrainian servicemen using the recruiting theme related to the 3rd Separate Special Purpose Brigade and the Israeli Defense Forces (IDF)

Description :
Trendmicro experts informed CERT-UA on 22.12.2023 about the discovery of suspicious files, most of which were related to the theme of war.+ Based on the information received, CERT-UA took measures to investigate a series of cyber attacks that, under the guise of recruiting for the 3rd Separate Special Purpose Brigade and the Israeli Defense Forces (IDF), are targeting servicemen of the Armed Forces of Ukraine. It has been determined that, no later than November 2023, unidentified individuals are using Signal to distribute archives containing LNK files. The execution of these files initiates a chain of infection with the REMCOSRAT and REVERSESSH malware, leading to the creation of technical conditions for unauthorized remote access to computers for malicious actors.

Published Created Modified
2024-01-11 22:35:38 2024-01-11 22:35:38 2024-01-11 22:54:29

Tags

Indicators

IPv4s :
  • 194.87.31.181
  • 45.120.177.220
  • 46.249.49.148
  • 46.249.58.40
  • 194.87.31.229
Domains :
  • new-tech-savvy.com
  • funedunet.com
Malwares :
  • ALF:Backdoor:Win32/Remcos
Hashes :
  • 0bbef4f3682eb8f76c032aa0515ae122ad6f03a8bfe1303b87c6b92cd363e2bc
  • 579882c876ecb93ffcc692a0bd727f0ee5e9a48baae8add8c08d3ee6e479ed2a
  • fd9c5fe5a1729b7c796a9f53e1870742d35ab5559a8249fe73aed502ba4e14d7
  • 06533e949c1884befa9881ba5018f564c83d86be3381f4ebee0ed1f845e2e302
  • e8f98a01f5e5cef05d3ac2053490e670162826d0cdb3129898a0278de7f8383a
  • 9e9028eafe847837290a41f3e3bf73f603b915d26dafa5ba7fa47938463e4b00
  • 11e27bebd1343c436026800194da4880810db38088d3c2622c90ea2bc549bde2
  • 8801e8a50a74192e79e855c314d960b9eaccc4b314f334fbba5892c73066d5a7
  • c00dd156d786bb607fe405059d628bbf0abaccc6b388031fe9b043e4c54cf264
  • 6b2296c4f990b8176ca9d191327d17cd22b266bdeb4d3f3d179eda54cd5b3be6
  • c2c048200b2c187f23069b7134dbe5cf0e895dbb3e5016e3ec2bb47a8bb613b6
  • ae2730ecef0030994f7024d64c2ee54d68c31a8756146159e2f7244152a8be77
  • b437db6d05ca310fae1cd99ff808fdc63ba294a0807e732f3a3f3a8ae7fab139
  • 23e5b72500af36eb5657285cb7d0f1857e66ba713fb7983adbba6f42fa9440fa
  • 3faf6ab9f38376cd7cef0309054f5106d656f3ada777394206c0112d6a4fd08e
  • bd81a693ff37f9d841cebcb0e16458d45562974182f170f5b42ef277845d403c
  • f650a9f1930e55e405d7121c56b90a996ab213a05b772a8f02ceb1cdbeb91165
  • a103ec088ffbff8dee99f32a62e052170219b95fcf655734f7a29332428427de
  • 3b80e140b995ca6eef2d3f56ac2df1efd6b7f45f5e79d4cbfbaf3aed4d0e7a96
  • a7792480ab1d0ad7f96d81e432bf91b2782da5b9d3e9769757fe2a3a4a3d053a
  • 15483f5352ba0971974c3fcf3154b64bc73b290aa64d3316409eda1917f8dc9a
  • 54b3fa9492289a7efa717e5fe0750084dea1b1d613cc91720f14665f2b4ad2d8
  • 92a7a3c2b5c674d523226fa4937d25e0dd10817b4d64d5588b0282e2b73ce660
  • c4ce4e9e65c7d728ff835ad658463d05d94b1e7ee3e223aed08d6094123e1b9b
  • 4e72462e1b8b219f63c4a05526fec8c822a3fe14eafcc3640a80a5098017d898
  • fe128f5efc9be2d0b42653ed49937b18fca277b69d7c471cd351db37f8a8567d
  • 0cea7d2fb0500acccdc53a33887f51f63ac2af96275e7b7090f3977e31626191
  • 9300a9e0713c0c11a37cc4a25ccb4676a0a81281f110cda63648c0775f1a996d
  • 25dfb146058787af6b4c12be9b2ffa6479eb64d7f167adf51bf1ed9851cf0fca
  • 2d95d3f5177df2ae075f6428568dfeaa669e79b9567a094491741cc2d12d9a24
  • 0fb31797e7f114eccd406b01be6e617a1cf6aa9526455c8767607c883b3ed79d
  • ff2cfdedfb2e6ff63de97a00a23a9c1c07ac6f8529bca62bb97d871ace4f8a42
  • 707d39139a1f7857d567535176779c306f9069a04b16965768c89f9829f51928
  • 4ccfd17e919a20def00ee5dd0834ce8ccdf5a2272c4d39317117fa41004e052c
  • 6df3e07090795dfeb1980f4a1627f66981d4aaaafd820306d48788974fe5e6b2
  • 4fe0f0af5d2381b8d16727d2e86b345abd92b028f00aa2dc1b6236373384acdf
  • 26fe1e7ab56499bc54775c70a1b5738211406ed4ca0757615fd3ff2166a9fd0a
  • 50f0e1d72eb051154e8b24d9d855aaa87f6742342866f0dd5232803cfb7ff97a
  • 1428a57f64744727051d1a32bf97f6e41dd8cd8714e2d5e3b4a6ed1a75c2edfe
  • c5452b859922b9633839e092f09f0ce4818b6085043360c90c0b0f2bfad9fca1
  • c02637be5f4ef59ba888231409e94a59c77b51e57132a27a8c27d0d382f97ffa
  • e95225de8bea6203d47147a1e85366bb758e9d03c28c5714b40a37da7d5afed3
  • 1774b0f348930ef6ddcba11f9a7399918b71472b807745dd89bb5512fee95c28
  • 059dd22f9b22b26aded731fcf3d5b7bffa03f8bae2003f41b78c2180afdf5a43
  • bd871a2ccd6d7c4f89f9f5087e60cfdcc7ab35b670cfda7ddfd6dbbab8c8560c
  • 4b36a82e1781ffa1936703971e2d94369e3059c8524d647613244c6f9a92690b
  • 389e14b1a248c679d992349a0161bde354d745d105510378f1a8584821d606fd
  • 0b23ad719399e1eac7ea3dada19475473c04f433ecc0ac9f9301a9b11ee877a7
  • 88f0722c907100ef09049c82032a0ac66afa153d03fb89d378ae65f6e5890a3f
  • 12af137438d239f2bafcccd2818203c373241c24c160e4d2fd66187cfb371288
  • 46867d58775f609f5926d3532db7b9b8ed383df2817b1b338fc95b4e6791f84a
  • 5fff1cd29bb6e6cfe9516b70f9f44755098392c2e2a0f4784486182c309b2c99
  • f3fbd9fced620be6486a0d3ec3291ffb2f22d45961f43fe5f06c9767c7abdaf7
  • 91da2e363bda0f0ee453afb95cb908997c915c38b75d2ad3b4a92d8e001c462e
  • 55ddf9f5f5b517971298686ab4ac13e85bacea43ec79191d622308b08e059d6a
  • c36aceea79893d25a63a60a4c24ca85a868fba3a1d3b9443b0689788ed985264
  • d29e8a555763996a24f49b854ecd730ceb0326139d52341cdcfda8f3e21f8b8d
  • 57954ec0b9069cd82265d6d6dfa8da87cb5c96190ae9f7074d6f7a598fc4131c
  • a3c054edb776b56323cd99ed67c13d88088491c4a77afac917fad72ae8b33fdd
  • 8f157186dca8c21aeebd31a7253155728c51b239129768ee91df34dc693783f5
  • 9baf17c633a2c53b724fc4cb8170d1dd446849044ea6443944d996eb66785c32
  • e87dbe2ae62fb51d3eddc3fb828bf17e1250f390036e3a0dc2e10690e24e0ced
  • 003b0fc1eb796be142905647254fb22c6a293b2e85169d80f749b012e3130967
  • 573b634aa65277a511d05dea9ea37fdc641d871dc4a9db54be667c02a3d733c7
  • 4df0fff22e4b5bf69a71136c7cc4345eef38df9d60cca69baad41049b775eff3
  • 7ead45504118262946767e71efb65c0301498aa0234504e44224e2aabd633a14
  • 1c8d8811adfbf6c756f3c3e306a1001648d2a160c8628f1644b5aa1ea96be329
  • ef6edacf6ee1e0dd2e53046a91ba84d10a8adda6918ca7aac6e96ead432efbbc
  • c9582793f6648707cb2ad9ec9fc5c206682db4a0fb2f44a49a85833da89dd390
  • 3a8a3ad0f520c49d5ade4ddfc6cf2542f38f44b6328efff6b6953cce3cac4007
  • 8963e1c87200d0b900f558c1968428dc3a1f05748ddeff0150297aa33d14ff88
  • e4615b74d62f384d23e58bc467c615b17779e4f8084c8a0134db97a5e642027f
Location :
  • Ukraine
MITRE ATT&CK Techniques :

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.