Update ETAC_Vetted_UkraineRussiaWar_IOCs.csv

2022-03-14 14:11:44 +00:00 · 2022-03-14 14:11:44 +00:00 · e17aea590a
--- a/ETAC_Vetted_UkraineRussiaWar_IOCs.csv
+++ b/ETAC_Vetted_UkraineRussiaWar_IOCs.csv
@ -2101,3 +2101,28 @@ Hostname,i[.]ua-passport[.]tope,Ghostwriter/UNC1151,hxxps://blog.google/threat-a
 Hostname,login[.]creditals-email[.]space,Ghostwriter/UNC1151,hxxps://blog.google/threat-analysis-group/update-threat-landscape-ukraine,
 Hostname,post[.]mil-gov[.]space,Ghostwriter/UNC1151,hxxps://blog.google/threat-analysis-group/update-threat-landscape-ukraine,
 Hostname,verify[.]rambler-profile[.]site,Ghostwriter/UNC1151,hxxps://blog.google/threat-analysis-group/update-threat-landscape-ukraine,
+URL,hxxps://cdn.discordapp.com/attachments/947916997713358890/949948174636830761/one.exe,UAC-0056 group,hxxps://cert.gov.ua/article/37704,
+URL,hxxps://cdn.discordapp.com/attachments/947916997713358890/949948174838165524/dropper.exe,UAC-0056 group,hxxps://cert.gov.ua/article/37705,
+URL,hxxps://cdn.discordapp.com/attachments/947916997713358890/949978571680673802/cesdf.exe,UAC-0056 group,hxxps://cert.gov.ua/article/37706,
+IPv4,156.146.50.5,UAC-0056 group,hxxps://cert.gov.ua/article/37707,
+FileHash-MD5,15c525b74b7251cfa1f7c471975f3f95,(Go downloader) UAC-0056 group,hxxps://cert.gov.ua/article/37708,
+FileHash-MD5,2fdf9f3a25e039a41e743e19550d4040,(Discord downloader) UAC-0056 group,hxxps://cert.gov.ua/article/37709,
+FileHash-MD5,4f11abdb96be36e3806bada5b8b2b8f8,(GrimPlant) UAC-0056 group,hxxps://cert.gov.ua/article/37710,
+FileHash-MD5,9ad4a2dfd4cb49ef55f2acd320659b83,(Discord downloader) UAC-0056 group,hxxps://cert.gov.ua/article/37711,
+FileHash-MD5,9ea3aaaeb15a074cd617ee1dfdda2c26,(GraphSteel) UAC-0056 group,hxxps://cert.gov.ua/article/37712,
+FileHash-MD5,aa5e8268e741346c76ebfd1f27941a14,(Cobalt Strike Beacon) UAC-0056 group,hxxps://cert.gov.ua/article/37713,
+FileHash-MD5,b8b7a10dcc0dad157191620b5d4e5312,UAC-0056 group,hxxps://cert.gov.ua/article/37714,
+FileHash-MD5,c8bf238641621212901517570e96fae7,(Go downloader) UAC-0056 group,hxxps://cert.gov.ua/article/37715,
+FileHash-MD5,ca9290709843584aecbd6564fb978bd6,(bait document) UAC-0056 group,hxxps://cert.gov.ua/article/37716,
+FileHash-MD5,cf204319f7397a6a31ecf76c9531a549,(bait document) UAC-0056 group,hxxps://cert.gov.ua/article/37717,
+IPv4,45.84.0.116,UAC-0056 group,hxxps://cert.gov.ua/article/37718,
+URL,hxxp://45.84.0.116:443/c,UAC-0056 group,hxxps://cert.gov.ua/article/37719,
+URL,hxxp://45.84.0.116:443/i,UAC-0056 group,hxxps://cert.gov.ua/article/37720,
+URL,hxxp://45.84.0.116:443/m,UAC-0056 group,hxxps://cert.gov.ua/article/37721,
+URL,hxxp://45.84.0.116:443/p,UAC-0056 group,hxxps://cert.gov.ua/article/37722,
+URL,hxxps://forkscenter.fr/BitdefenderWindowsUpdatePackage.exe,UAC-0056 group,hxxps://cert.gov.ua/article/37723,
+URL,hxxps://forkscenter.fr/Sdghrt_umrj6/wisw.exe,UAC-0056 group,hxxps://cert.gov.ua/article/37724,
+URL,hxxps://nirsoft.me/nEDFzTtoCbUfp9BtSZlaq6ql8v6yYb/avp/amznussraps/,UAC-0056 group,hxxps://cert.gov.ua/article/37725,
+URL,hxxps://nirsoft.me/s/2MYmbwpSJLZRAtXRgNTAUjJSH6SSoicLPIrQl/field-keywords/,UAC-0056 group,hxxps://cert.gov.ua/article/37726,
+domain,forkscenter.fr,UAC-0056 group,hxxps://cert.gov.ua/article/37727,
+domain,nirsoft.me,UAC-0056 group,hxxps://cert.gov.ua/article/37728,