The attack follows a multi-stage execution pattern to evade detection:
"UralMountainsSamples.rar" is a malicious archive associated with , a Russian-aligned threat actor group known for cyber-espionage targeting Ukrainian government agencies. 🛡️ Threat Profile Target: Ukrainian state bodies and defense entities.
The malware captures keystrokes, takes screenshots, and sends system data to a Command & Control (C2) server. 🔍 Technical Indicators (IOCs)
While specific hashes change, these characteristics are common in this campaign:
Typically sent via spear-phishing emails disguised as official judicial or military inquiries.
The attack follows a multi-stage execution pattern to evade detection:
"UralMountainsSamples.rar" is a malicious archive associated with , a Russian-aligned threat actor group known for cyber-espionage targeting Ukrainian government agencies. 🛡️ Threat Profile Target: Ukrainian state bodies and defense entities.
The malware captures keystrokes, takes screenshots, and sends system data to a Command & Control (C2) server. 🔍 Technical Indicators (IOCs)
While specific hashes change, these characteristics are common in this campaign:
Typically sent via spear-phishing emails disguised as official judicial or military inquiries.