Today's Core Dump is brought to you by ThreatPerspective

Threat Intelligence

Hybrid Russian Espionage and Influence Campaign Aims to Compromise Ukrainian Military Recruits and Deliver Anti-Mobilization Narratives

Context

civildefense[.]com[.]ua

UNC5812 landing page

t[.]me/civildefense_com_ua

UNC5812 Telegram channel

t[.]me/UAcivildefenseUA

UNC5812 Telegram account

e98ee33466a270edc47fdd9faf67d82e

SUNSPINNER decoy

h315225216.nichost[.]ru

Resolver used in SUNSPINNER decoy

fu-laravel.onrender[.]com

Hostname used in SUNSPINNER decoy

206.71.149[.]194

C2 used to resolve distribution URLs

185.169.107[.]44

Open directory used for malware distribution

d36d303d2954cb4309d34c613747ce58

Pronsis Loader dropper

b3cf993d918c2c61c7138b4b8a98b6bf

PURESTEALER

31cdae71f21e1fad7581b5f305a9d185

CRAXSRAT

aab597cdc5bc02f6c9d0d36ddeb7e624

CRAXSRAT w/ SUNSPINNER decoy













Published: 2024-10-28T14:00:00











© Segmentation Fault . All rights reserved.

Privacy | Terms of Use | Contact Us