SYMBOLCOMMON_NAMEaka. SYNONYMS
win.sunseed (Back to overview)

SunSeed

According to Proofpoint, this is a Lua-based malware likely used by a nation-state sponsored attacker used to target European government personnel involved in managing the logistics of refugees fleeing Ukraine.

References
2022-03-24BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220324:threat:d1d2000, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: SunSeed Malware Targets Ukraine Refugee Aid Efforts}}, date = {2022-03-24}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/03/threat-thursday-sunseed-malware}, language = {English}, urldate = {2022-04-15} } Threat Thursday: SunSeed Malware Targets Ukraine Refugee Aid Efforts
SunSeed
2022-03-01ProofpointMichael Raggi, Zydeca Cass, Proofpoint Threat Research Team
@online{raggi:20220301:asylum:27cfa43, author = {Michael Raggi and Zydeca Cass and Proofpoint Threat Research Team}, title = {{Asylum Ambuscade: State Actor Uses Compromised Private Ukrainian Military Emails to Target European Governments and Refugee Movement}}, date = {2022-03-01}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/asylum-ambuscade-state-actor-uses-compromised-private-ukrainian-military-emails}, language = {English}, urldate = {2022-03-10} } Asylum Ambuscade: State Actor Uses Compromised Private Ukrainian Military Emails to Target European Governments and Refugee Movement
SunSeed

There is no Yara-Signature yet.