Update ETAC_Vetted_UkraineRussiaWar_IOCs.csv

2022-03-08 23:57:59 +00:00 · 2022-03-08 23:57:59 +00:00 · d83b972234
--- a/ETAC_Vetted_UkraineRussiaWar_IOCs.csv
+++ b/ETAC_Vetted_UkraineRussiaWar_IOCs.csv
@ -2091,3 +2091,13 @@ MD5,d2a795af12e937eb8a89d470a96f15a5,"""core.dll"" Malicious DLL",hxxps://twitte
 MD5,fb418bb5bd3e592651d0a4f9ae668962,"""Windows Prefetch.lnk"" Malicious LNK",hxxps://twitter.com/h2jazi/status/1500607147989684224,
 Domain,xbeta.online,C2 server,hxxps://twitter.com/h2jazi/status/1500607147989684224,
 IPv4,185.175.158.27,C2 server,hxxps://twitter.com/cluster25_io/status/1499678960782823432,
+MD5,65237e705e842da0a891c222e57fe095,microbackdoor.dll (MicroBackdoor),hxxps://cert.gov.ua/article/37626,
+Hostname,id-unconfirmeduser[.]frge[.]io,FancyBear/APT28,hxxps://blog.google/threat-analysis-group/update-threat-landscape-ukraine,
+Hostname,hatdfg-rhgreh684[.]frge[.]io,FancyBear/APT28,hxxps://blog.google/threat-analysis-group/update-threat-landscape-ukraine,
+Hostname,ua-consumerpanel[.]frge[.]io,FancyBear/APT28,hxxps://blog.google/threat-analysis-group/update-threat-landscape-ukraine,
+Hostname,consumerspanel[.]frge[.]io,FancyBear/APT28,hxxps://blog.google/threat-analysis-group/update-threat-landscape-ukraine,
+Hostname,accounts[.]secure-ua[.]website,Ghostwriter/UNC1151,hxxps://blog.google/threat-analysis-group/update-threat-landscape-ukraine,
+Hostname,i[.]ua-passport[.]tope,Ghostwriter/UNC1151,hxxps://blog.google/threat-analysis-group/update-threat-landscape-ukraine,
+Hostname,login[.]creditals-email[.]space,Ghostwriter/UNC1151,hxxps://blog.google/threat-analysis-group/update-threat-landscape-ukraine,
+Hostname,post[.]mil-gov[.]space,Ghostwriter/UNC1151,hxxps://blog.google/threat-analysis-group/update-threat-landscape-ukraine,
+Hostname,verify[.]rambler-profile[.]site,Ghostwriter/UNC1151,hxxps://blog.google/threat-analysis-group/update-threat-landscape-ukraine,