Archiving File names Military 
Security Affairs
APRIL 5, 2022
The group targeted government and military organizations in Ukraine. In December 2019, the APT group targeted several Ukrainian diplomats, government and military officials, and law enforcement. The messages use the HTML-file “War criminals of the Russian Federation.htm” as attachment.
Security Affairs
MARCH 28, 2022
The phishing messages use a RAR-archive named “Saboteurs.rar”, which contains RAR-archive “Saboteurs 21.03.rar.” “The archive contains documents and images of the bait, as well as VBScript code (Thumbs.db), which will create and run the.NET program “dhdhk0k34.com.”
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Security Affairs
MARCH 28, 2019
The recently patched vulnerability affecting the popular archiver utility WinRAR has been exploited to deliver new malware to targeted users. The flaw is an “Absolute Path Traversal” issue in the library that could be exploited to execute arbitrary code by using a specially-crafted file archive. ” continues the analysis.
Security Affairs
JUNE 4, 2019
During recent times, Gamaredon is targeting the Ukrainian military and law enforcement sectors too, as officially stated by the CERT-UA. The infection chain is composed by different stages of password protected SFX (self extracting archive), each containing vbs or batch scripts. Information about initial SFX file.
Security Affairs
JUNE 15, 2023
The Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa) continues to carry out attacks against entities in Ukraine, including security services, military, and government organizations. The attack chain commences with spear-phishing emails with malicious attachments (.docx,rar,sfx
Expert insights. Personalized for you.
347 
Let's personalize your content