According to Proofpoint, this is a Lua-based malware likely used by a nation-state sponsored attacker used to target European government personnel involved in managing the logistics of refugees fleeing Ukraine.
|2022-03-24 ⋅ Blackberry ⋅ |
Threat Thursday: SunSeed Malware Targets Ukraine Refugee Aid Efforts
|2022-03-01 ⋅ Proofpoint ⋅ |
Asylum Ambuscade: State Actor Uses Compromised Private Ukrainian Military Emails to Target European Governments and Refugee Movement
There is no Yara-Signature yet.