SYMBOLCOMMON_NAMEaka. SYNONYMS
win.sunseed (Back to overview)

SunSeed

According to Proofpoint, this is a Lua-based malware likely used by a nation-state sponsored attacker used to target European government personnel involved in managing the logistics of refugees fleeing Ukraine.

References
2022-03-24BlackberryThe BlackBerry Research & Intelligence Team
Threat Thursday: SunSeed Malware Targets Ukraine Refugee Aid Efforts
SunSeed
2022-03-01ProofpointMichael Raggi, Proofpoint Threat Research Team, Zydeca Cass
Asylum Ambuscade: State Actor Uses Compromised Private Ukrainian Military Emails to Target European Governments and Refugee Movement
SunSeed

There is no Yara-Signature yet.