Skip to content
/ UAC-0099-Targeting_UA Public

UAC-0099 is a threat actor that targets Ukraine since mid-2022

3 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

deepinstinct/UAC-0099-Targeting_UA

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
README.md
README.md
 
 
UAC0099_IOCs.csv
UAC0099_IOCs.csv
 
 
poc.zip
poc.zip
 
 

Repository files navigation

UAC-0099-Targeting_UA

UAC-0099 is a threat actor that targets Ukraine since mid-2022 More information in the blog at https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine

CVE-2023-38831 exploited during the campaing - POC

RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023

CVE_POC.mp4

About

UAC-0099 is a threat actor that targets Ukraine since mid-2022

Resources

Readme
Activity
Custom properties

Stars

3 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published