| SYMBOL | COMMON_NAME | aka. SYNONYMS |
UAC-0184 is a threat actor targeting Ukrainian organizations in Finland, using the Remcos Remote Access Trojan in their attacks. They have been observed utilizing steganographic image files and the IDAT Loader to deliver the malware. The group has targeted the Armed Forces of Ukraine and impersonated military recruitment processes to infect systems with the Remcos RAT.
There are currently no families associated with this actor.
| 2024-02-26
⋅
Morphisec
⋅
Unveiling UAC-0184: The Steganography Saga of the IDAT Loader Delivering Remcos RAT to a Ukraine Entity in Finland SystemBC Babadeda DanaBot HijackLoader Remcos SystemBC UAC-0184 |
| 2024-01-06
⋅
⋅
Cert-UA
⋅
UAC-0184: Targeted attacks against Ukrainian military personnel using the topic of recruiting to the 3rd Infantry Brigade and the IDF (CERT-UA#8386) Remcos UAC-0184 |