UNC5174
Reports
3
First seen
Nov 1
Last seen
May 5
Motivation
espionage, financial
Targeting
Sectors
government ×1
Top ATT&CK techniques
T1190 Exploit Public-Facing Application ×3T1566 Phishing ×2T1486 Data Encrypted for Impact ×2T1570 Lateral Tool Transfer ×1T1070.001 Indicator Removal: Clear Windows Event Logs ×1T1003 OS Credential Dumping ×1T1053 Scheduled Task/Job ×1T1047 Windows Management Instrumentation ×1T1555 Credentials from Password Stores ×1T1598 Phishing for Information ×1T1021 Remote Services ×1T1505.003 Web Shell ×1
Indicators
filename ×39hash_sha256 ×31url ×13ip_v4 ×10domain ×9cve ×5
Indicator values are available on Pro and via the API.
Associated CVEs
Recent reports
Critical