Armageddon is more than a Grammy-nominated album
released on 2024-06-26 @ 08:18:50 AM
This report details a Russia-linked threat actor targeting Ukraine, employing various obfuscation techniques. The malicious activity involves dropping a compressed file disguised as a RAR archive, which fetches a remote image likely for tracking execution. The payload employs mshta.exe to execute remote content and leverages LNK files with crafted filenames. The techniques suggest an effort to evade detection and hamper analysis.