[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fAc-R9dFlDXSpeJqahON7JYew84h96uaLunGv9x_5hqY":3,"$fD2SlpEj3CgzFWboolwcAXWpmPjiZ4wFGto53HbqP4vA":34},[4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33],"BlackMatter","Buhtrap","Chubaka Downloader","CloudEyE","Cobalt Strike","Coinminer","DarkComet","DarkWatchman","Darktrack","FormBookFormgrabber","Hupigon","Lockbit","META Stealer","Metasploit","Meterpreter","More_Eggs","NetWire","Ozone RAT","QuasarRat","RedLine Stealer","Remcos","Revenge-RAT","Rhadamanthys Stealer","ShadowPad","SombRAT","Tinba","Unicorn","WhiteSnake","XMRig","njRAT",{"count":35,"reports":36},83,[37,48,64,74,94,104,117,133,148,162,176,191,205,215,228,242,264,274,284,293,310,326,340,349,363,372,380,401,413,421,429,437,452,468,481,490,498,510,518,526,538,549,560,568,576,584,595,607,615,623,631,644,656,665,685,693,706,714,731,743,756,765,773,782,795,805,813,821,832,844,855,868,883,896,907,921,932,947,955,963,971,979,986],{"commit":38,"description":39,"filename":40,"fqri":41,"hide":42,"id":43,"sha1":44,"threat_attribution":45,"title":46,"attribution":47},"8f237adb1b6ed3a403f5cbe78ff94a657e393156","SiribClone - группировка, обнаруженная в феврале 2026 года и активная минимум с июля 2025 года.","________ __ _____.docx.lnk.zip","1a2ff5a90fb4f76b5e157359fa5f254436f76522_ind1779814643_0_01c88909_360_8888_configsremotejson_mitmproxy_ru_startautorun_w10_x64",false,"JSCRUnwFaw3vIk6frzf5k2g6F","1a2ff5a90fb4f76b5e157359fa5f254436f76522",{},"Новая группа SiribClone атакует российских военных",[],{"commit":49,"description":50,"filename":51,"fqri":52,"hide":42,"id":53,"sha1":54,"threat_attribution":55,"title":60,"attribution":61},"a2e3c59e19948765b7658b6814aa83026cac2e43","Анализ бэкдора BrockenDoor","Акт контрольного (надзорного) мероприятия.rar","ff69a85b858ca73d9c4018a0d9a306c0c7b79c69_ind1778829220_0_300_744936f2_778888_client27c8435b875d484cb7b36c8e9c03875c_configsremotejson_ru_w10_x64","fS9TThldqrFHL0L8a9oHV9CIu","ff69a85b858ca73d9c4018a0d9a306c0c7b79c69",{"threatactor":56},[57],{"ti_threatactor_id":58,"ti_threatactor_name":59},"3a881f86bf97f1d378f0b1891cf2c13865810504","BO Team","\"Коллаборация\" BO Team и Роскомнадзора",[62],{"type":63,"name":59,"id":58},"threatactor",{"commit":65,"description":66,"filename":67,"fqri":68,"hide":42,"id":69,"sha1":70,"threat_attribution":71,"title":72,"attribution":73},"4d6f9b80db3f66fcdf611a7c4564e7d2f480edf3","Обнаружение эксплойта Copy Fail в песочнице Linux","copy_fail_exp.py","83194d178f4b9c6fcdfaed0ea4ae3ec2ca3db6f4_ind1778617467_0_120_8888_a567d09b_configsremotejson_en_ubuntu24_x64","RkG3TfXomdlEMB8BJT4tLTLKD","83194d178f4b9c6fcdfaed0ea4ae3ec2ca3db6f4",{},"Copy Fail в Sandbox Linux",[],{"commit":75,"description":76,"filename":77,"fqri":78,"hide":42,"id":79,"sha1":80,"threat_attribution":81,"title":89,"attribution":90},"0fc1a85cae1323c7ecb6a3a77668e5cae9d2668f","Специалисты F6 Threat Intelligence продолжают отслеживать рассылки против бухгалтеров, проводимые группой Hive0117","Задолженность по оплате.7z","a6c028f871676cbb41d099771f3b7d5168b52f1d_ind1776701319_0_1800_8888_configsremotejson_fc8ac7c9_ru_startautorun_w10_x64","3CEkYylnmFrPLBOfMsC9X1uwS","a6c028f871676cbb41d099771f3b7d5168b52f1d",{"malware":82,"threatactor":85},[83],{"ti_malware_id":84,"ti_malware_name":11},"05c6dc30b3b52bb439d7bf25b850a38fa937fa05",[86],{"ti_threatactor_id":87,"ti_threatactor_name":88},"5cbc421f1eae7dcac46c8c55ebdbd488e25b63cb","Hive0117","Все новое – это позабытое старое",[91,93],{"type":92,"name":11,"id":84},"malware",{"type":63,"name":88,"id":87},{"commit":95,"description":96,"filename":97,"fqri":98,"hide":42,"id":99,"sha1":100,"threat_attribution":101,"title":102,"attribution":103},"6903027f2d70b71534f3c6d4c24afbcc5d80d100","Новые инструменты и тактики PhantomCore в атаках на российские компании","KNDR (1).zip","03f426e4d9928ae5a2236aea8604e208039d4f25_ind1775723723_0_600_6255425f_8888_configsremotejson_en_w11_x64","BGv094dveaK6lAtae3MlozLGa","03f426e4d9928ae5a2236aea8604e208039d4f25",{},"Ждите гостей",[],{"commit":95,"description":105,"filename":106,"fqri":107,"hide":42,"id":108,"sha1":109,"threat_attribution":110,"title":114,"attribution":115},"Unicorn обновилась в преддверии дня дурака смеха","ИСХ № 117_26  от 30.03.2026.zip","d6473a77710f44eea27d3a614494fd70dd5dae57_ind1775826575_0_600_8888_bc7bbb07_configsremotejson_ru_w11_x64","bO5Ai5IQUo2GgDVERO0Wmvc13","d6473a77710f44eea27d3a614494fd70dd5dae57",{"malware":111},[112],{"ti_malware_id":113,"ti_malware_name":30},"c9aeb14df71bd9829f799e2639ecf671becf099e","Не1апрельская шутка.",[116],{"type":92,"name":30,"id":113},{"commit":95,"description":118,"filename":119,"fqri":120,"hide":42,"id":121,"sha1":122,"threat_attribution":123,"title":129,"attribution":130},"Анализ бэкдора ShadowPad","run.7z","9ba54dd0cb396c6288bd787a9fbd404b0c186027_manual1775577791","lfQnIf7J3fXCC68Y4iau75Kl7","9ba54dd0cb396c6288bd787a9fbd404b0c186027",{"malware":124},[125,127],{"ti_malware_id":126,"ti_malware_name":28},"422fe53dc3ddb829a56488eff6b5d012a9c06469",{"ti_malware_id":128,"ti_malware_name":27},"26f338d3d5b2fd431dcce975691468019fa97abe","Восточный почерк",[131,132],{"type":92,"name":28,"id":126},{"type":92,"name":27,"id":128},{"commit":95,"description":134,"filename":135,"fqri":136,"hide":42,"id":137,"sha1":138,"threat_attribution":139,"title":144,"attribution":145},"Группа Hive0117 взламывает компьютеры бухгалтеров и похищает деньги под видом зарплаты","Акт сверки Январь.rar","14d9ec8e1afd9d75e02dc30f217d3cc24d02c1af_ind1774967747_0_600_7b2dabf9_8888_configsremotejson_en_w10_x64","KJtWPHCp7h5UjKmCNPaumxqkj","14d9ec8e1afd9d75e02dc30f217d3cc24d02c1af",{"malware":140,"threatactor":142},[141],{"ti_malware_id":84,"ti_malware_name":11},[143],{"ti_threatactor_id":87,"ti_threatactor_name":88},"Письмо на миллион",[146,147],{"type":92,"name":11,"id":84},{"type":63,"name":88,"id":87},{"commit":149,"description":150,"filename":151,"fqri":152,"hide":42,"id":153,"sha1":154,"threat_attribution":155,"title":159,"attribution":160},"1440bc0b09b51b35425d91fe0cdd938e92ffc05f","Атака группировки PseudoSticky с использованием RemcosRat","Telegram.7z","536df8a457be0997833369ad805e3648f666537f_ind1770892918_0_2de59879_300_8888_configsremotejson_ru_w11_x64","70dKO7sqVpXFzoOEShbS34G1o","536df8a457be0997833369ad805e3648f666537f",{"malware":156},[157],{"ti_malware_id":158,"ti_malware_name":24},"c9802b939863b44f4fbfb1533bdaea5884ec4952","Липкий след",[161],{"type":92,"name":24,"id":158},{"commit":163,"description":164,"filename":165,"fqri":166,"hide":42,"id":167,"sha1":168,"threat_attribution":169,"title":173,"attribution":174},"0d2277d97e3eeb288fbcb4b6c5f2adb76a888d3c","F6 проанализировала активность «Команды Legion» и её связь с кибергруппой NyashTeam","lc.exe.zip","f45aea3a86b70891869d73f78a5772a2ea42df2c_ind1770097666_0_180_3aa0b1fc_8888_configsremotejson_ru_w10_x64","hKV4O9MQsIDx1vYbS7vQsk8Zz","f45aea3a86b70891869d73f78a5772a2ea42df2c",{"malware":170},[171],{"ti_malware_id":172,"ti_malware_name":33},"7507a41f93f9a6a4018991d7810f91e3265ed818","Иллюзия разбоя",[175],{"type":92,"name":33,"id":172},{"commit":177,"description":178,"filename":179,"fqri":180,"hide":42,"id":181,"sha1":182,"threat_attribution":183,"title":188,"attribution":189},"6a56f48a787da9604275d290daf394228973f2d6","Рассылка загрузчика XDSpy.DSDownloader группой XDSpy","dogovor_91284317.rar","cc0e788c0115ea4e324300f654079eedf0b86c78_ind1769206262_0_300_778881_configsremotejson_d59900f4_en_w10_x64","b6e7coxIQKTkdgjMikwj2SgBb","cc0e788c0115ea4e324300f654079eedf0b86c78",{"threatactor":184},[185],{"ti_threatactor_id":186,"ti_threatactor_name":187},"c96a373690fda54bc5b44544a79bd64e103da7de","XDSpy","Шпионы не дремлют",[190],{"type":63,"name":187,"id":186},{"commit":177,"description":192,"filename":193,"fqri":194,"hide":42,"id":195,"sha1":196,"threat_attribution":197,"title":202,"attribution":203},"Шпионы PhantomCore провели новые атаки на российские компании","tz-na-soglasovanie-sb-54-ot-19.01.26.zip","8c6f238a7f94b510ba803506e8d128fa28dd89ca_ind1768899048_0_15484d8c_300_8888_configsremotejson_ru_w11_x64","iHdbtcMP4trVNDEQzX43oU14Y","8c6f238a7f94b510ba803506e8d128fa28dd89ca",{"threatactor":198},[199],{"ti_threatactor_id":200,"ti_threatactor_name":201},"c36743776d28424dbf78049dcd90f29625f1a458","PhantomCore","Беспокойный дух",[204],{"type":63,"name":201,"id":200},{"commit":206,"description":207,"filename":208,"fqri":209,"hide":42,"id":210,"sha1":211,"threat_attribution":212,"title":213,"attribution":214},"d8b844b6f980de3efe4ca5ed38914ba782389648","Применение ВПО WarpRAT и эксплуатация уязвимости CVE‑2025‑8088 при атаках на государственные структуры и финансовые организации","Вх.письмо_Мипромторг.rar","c58ef107ab1081cc369796413f8893b52c34d084_ind1766996187_0_600_76e4d344_8888_configsremotejson_ru_w11_x64","LpLOQJoKnDwt3Dcd83DOwoTPe","c58ef107ab1081cc369796413f8893b52c34d084",{},"Аналитики F6 проанализировали кампании GOFFEE в 2025 года",[],{"commit":206,"description":216,"filename":217,"fqri":218,"hide":42,"id":219,"sha1":220,"threat_attribution":221,"title":225,"attribution":226},"Злоумышленики используют уязвимость в Kafka для установки майнеров.\r\nАнализ в Linux песочнице майнера","systemd-node-red","aa9fe72d80949030ded327c2e0ebe55e4dc10048_ind1766605673_0_600_8888_a6e7d30e_astrace_linux_ru_x64","YwYTEOCzvahDyBaSw5uI5i4xG","aa9fe72d80949030ded327c2e0ebe55e4dc10048",{"malware":222},[223],{"ti_malware_id":224,"ti_malware_name":9},"f6059887cb59aae967d7a82bb6e59c2df91e16bc","Майнер в поде",[227],{"type":92,"name":9,"id":224},{"commit":229,"description":230,"filename":231,"fqri":232,"hide":42,"id":233,"sha1":234,"threat_attribution":235,"title":239,"attribution":240},"05da5398e6a1aa0bfbcf70d89401de4737f3fb5e","F6 выявила новую активность по распространению ВПО через сайты-приманки для бухгалтеров и юристов","2025_12_09_10_18_33.zip.zip","378e6794b49643174ddec67606f63509cc8d3f55_ind1765277979_0_32f3c391_600_8888_configsremotejson_ru_w10_x64","EufBuwvKJcT7T2igNlvNRTyTP","378e6794b49643174ddec67606f63509cc8d3f55",{"malware":236},[237],{"ti_malware_id":238,"ti_malware_name":5},"63551b065ca4b2427786c6f1b273e49c5f2a6b57","Buhtrap снова в деле",[241],{"type":92,"name":5,"id":238},{"commit":229,"description":243,"filename":244,"fqri":245,"hide":42,"id":246,"sha1":247,"threat_attribution":248,"title":258,"attribution":259},"Аналитики F6 изучили атаку с использование PureCrypter и DarkTrack RAT","Изделие-44 ДСП.hta","65442d77207892d7668e0899a32a3cae2285b3ab_ind1764752392_0_120_8888_configsremotejson_d6a8e2df_en_w10_x64","Gxxb1ppJrarMGTMSurX6YI3V9","65442d77207892d7668e0899a32a3cae2285b3ab",{"malware":249},[250,252,254,256],{"ti_malware_id":251,"ti_malware_name":14},"aabdf13168c19fc72cbde6c6a4e5686b83ff4a9f",{"ti_malware_id":253,"ti_malware_name":10},"06a3234e8f5401024caca301cff7def5f948f43a",{"ti_malware_id":255,"ti_malware_name":12},"9a91825f2d160e969194527f6b08da25c0e7e07b",{"ti_malware_id":257,"ti_malware_name":21},"985e96682906203e03ebd4c0c99adbf630f6b82b","Подчерк LLM",[260,261,262,263],{"type":92,"name":14,"id":251},{"type":92,"name":10,"id":253},{"type":92,"name":12,"id":255},{"type":92,"name":21,"id":257},{"commit":265,"description":266,"filename":267,"fqri":268,"hide":42,"id":269,"sha1":270,"threat_attribution":271,"title":272,"attribution":273},"2c4633d40e84160c9204fa59f11e818b0d655ac4","F6 изучила атаки злоумышленника в августе-ноябре 2025 года","pdf_doc_1c_buh04866266dwde5f6rfvrregfe5fef.rar","8ff581830f0ed9f4690fb083543bc3831ec24e04_ind1754648621_0_300_8888_cliented799d54b5bc45a79a6796ab5707d876_configsremotejson_d34aef63_ru_w10_x64","NWe64exGNhxC8PZyVRn7xiFug","8ff581830f0ed9f4690fb083543bc3831ec24e04",{},"Неугомонный VasyGrek",[],{"commit":275,"description":276,"filename":277,"fqri":278,"hide":42,"id":279,"sha1":280,"threat_attribution":281,"title":282,"attribution":283},"aedaf8d06beb42c5df7afd1d0ff37e5866e86b6b","Аналитики Центра кибербезопасности и Threat Intelligence компании F6 обнаружили новую кампанию вредоносных рассылок.","instruktsiia_minnaia_ugroza_vsu_10.11.2025.pdf.zip","35761dba3553dad4a8a87556e473e8e96f2c636a_ind1762936507_0_471031a1_600_8888_configsremotejson_ru_w11_x64","9y6HGRTwgjFa01U3AtF4eth9P","35761dba3553dad4a8a87556e473e8e96f2c636a",{},"F6 зафиксировала вредоносные рассылки кибергруппы CapFIX",[],{"commit":275,"description":285,"filename":286,"fqri":287,"hide":42,"id":288,"sha1":289,"threat_attribution":290,"title":291,"attribution":292},"Разбор нового инструмента PulsarRAT в песочнице","Субъектам ТЭК_О проведении мероприятий.7z","922cba5d193eb9b20795d8e737464f7f986ba67e_ind1762420458_0_600_709136ac_8888_configsremotejson_ru_w11_x64","Uuk0KH8dxwjd30FjY1EqPeaXX","922cba5d193eb9b20795d8e737464f7f986ba67e",{},"Sticky Werewolf вернулся с новым трояном",[],{"commit":294,"description":295,"filename":296,"fqri":297,"hide":42,"id":298,"sha1":299,"threat_attribution":300,"title":306,"attribution":307},"b0d086d4c335576716e8edd9e3cc9edfbdec43f6","Группа Unicorn дополняет свой самописный стилер возможностями трояна удаленного доступа.","iskh-no.-582op-34-ot-15.10.2025.zip","f807369601c05ef3cff5be20afb1f5b6efbb8128_ind1760535586_0_360_58cfb4c7_8888_configsremotejson_en_startautorun_w10_x64","3EzSCSvCusHvMItXzt5BxkATm","f807369601c05ef3cff5be20afb1f5b6efbb8128",{"malware":301,"threatactor":303},[302],{"ti_malware_id":113,"ti_malware_name":30},[304],{"ti_threatactor_id":305,"ti_threatactor_name":30},"c04888dcb0aeb3a9fb64735c366d3fcba247df66","Рассылка группы Unicorn",[308,309],{"type":92,"name":30,"id":113},{"type":63,"name":30,"id":305},{"commit":311,"description":312,"filename":313,"fqri":314,"hide":42,"id":315,"sha1":316,"threat_attribution":317,"title":322,"attribution":323},"5c40371655a5d9e014df6be30f1bc6a3f116ba2f","Аналитики Центра кибербезопасности F6 обнаружили новую волну вредоносных рассылок от группы Hive0117.","Исполнительный лист №562817043-25.zip","45ca462e56c4c9e83adc7ba3cf4957a50604db34_ind1758718140_0_4672b2b1_600_8888_configsremotejson_ru_w10_x64","BqtpGkADM4tlOUgCcvFmiPA6H","45ca462e56c4c9e83adc7ba3cf4957a50604db34",{"malware":318,"threatactor":320},[319],{"ti_malware_id":84,"ti_malware_name":11},[321],{"ti_threatactor_id":87,"ti_threatactor_name":88},"Новая активность трояна DarkWatchman RAT",[324,325],{"type":92,"name":11,"id":84},{"type":63,"name":88,"id":87},{"commit":327,"description":328,"filename":329,"fqri":330,"hide":42,"id":331,"sha1":332,"threat_attribution":333,"title":337,"attribution":338},"bc52c921c28cd40a2c2aead65f5d7585e57f6836","ComicForm, начало: аналитики F6 изучили фишинговые кампании нового атакующего","akt_sverki-pdf-010.rar.zip","04e4ac74c6746b0822084945d1a7dc65f2806986_ind1758035494_0_600_8888_configsremotejson_fc4bd183_ru_w10_x64","tSJWADeHWPxoV5y0PgnUviFJN","04e4ac74c6746b0822084945d1a7dc65f2806986",{"malware":334},[335],{"ti_malware_id":336,"ti_malware_name":13},"8eee3e23fc03c10c1d3527bea862fc18541db8b4","",[339],{"type":92,"name":13,"id":336},{"commit":341,"description":342,"filename":343,"fqri":344,"hide":42,"id":345,"sha1":346,"threat_attribution":347,"title":337,"attribution":348},"026dfe0aeeeb1950040bb7379376dfb4df3c0f68","Папа не смог: эксперты F6 исследовали вредоносные рассылки с новым Phantom","Прикрепленная копия платежа №06162025.exe","3a200cb07d4a32a7f956e83dcb694594617c3c76_ind1750694868_0_600_8888_af4528e1_configsremotejson_ru_w10_x64","hL21qodCKSROFTLyAYD4ksGks","3a200cb07d4a32a7f956e83dcb694594617c3c76",{},[],{"commit":265,"description":350,"filename":351,"fqri":352,"hide":42,"id":353,"sha1":354,"threat_attribution":355,"title":337,"attribution":360},"Анализ письма с Buhtrap от сервиса ЭДО","202508060650_exe","9119ff642def800e02141e61d64bea57232f0c24_ind1754580833_0_600_8888_9edea3d2_configsremotejson_en_w10_x64","tSUMvOmq0JFPu6tlRKZizgydJ","9119ff642def800e02141e61d64bea57232f0c24",{"malware":356,"threatactor":358},[357],{"ti_malware_id":238,"ti_malware_name":5},[359],{"ti_threatactor_id":238,"ti_threatactor_name":5},[361,362],{"type":92,"name":5,"id":238},{"type":63,"name":5,"id":238},{"commit":364,"description":365,"filename":366,"fqri":367,"hide":42,"id":368,"sha1":369,"threat_attribution":370,"title":337,"attribution":371},"de82e07879b39a00a6b449b4b4881f04367ef896","Фишинговая рассылка c Pay2Key Ransomware","NexCall коммерческое предложение для рынка МФО России.exe.zip","ff718cc5b0cf7c09e676e2b43af1796bf405b6bd_ind1744188817_0_600_64a3acba_8888_configsremotejson_ru_w10_x64","zynKyL3OcxmvczH4SJ8684wld","ff718cc5b0cf7c09e676e2b43af1796bf405b6bd",{},[],{"commit":341,"description":373,"filename":374,"fqri":375,"hide":42,"id":376,"sha1":377,"threat_attribution":378,"title":337,"attribution":379},"PhantomCore проводит рассылки с использованием нового бэкдора PhantomCore.PollDL","dogovor_rn83_izmeneniia.zip","6942e07e7d08781cba571211a08e779838e72e9a_ind1750873651_0_204544fc_600_8888_clientab49f7e5d774401fbfae0921152d2bd4_configsremotejson_ru_w10_x64","Efe5azA9jmmRIbFdgmVLOexdH","6942e07e7d08781cba571211a08e779838e72e9a",{},[],{"commit":381,"description":382,"filename":383,"fqri":384,"hide":42,"id":385,"sha1":386,"threat_attribution":387,"title":337,"attribution":397},"8ce9bc6bb19419090dc229c18e168e9e4d896b9d","Вымогатели подали претензию: F6 обнаружила новые атаки группы Werewolves","рекламация.rar","caed70396cb9e8cf1609f3e61253404a197ccee0_manual1750786681","SlPSwMLH7IGFoXpRjckRrYcVM","caed70396cb9e8cf1609f3e61253404a197ccee0",{"malware":388,"threatactor":393},[389,391],{"ti_malware_id":390,"ti_malware_name":8},"b69fc9d439d2fd41e98a7e3c60b9a55340012eb6",{"ti_malware_id":392,"ti_malware_name":17},"b1f78070468446e1b261d0d6332aa92b9e44345c",[394],{"ti_threatactor_id":395,"ti_threatactor_name":396},"c509eac2111b5bd8b67314feb259572255c6f6cc","Cobalt",[398,399,400],{"type":92,"name":8,"id":390},{"type":92,"name":17,"id":392},{"type":63,"name":396,"id":395},{"commit":402,"description":403,"filename":404,"fqri":405,"hide":42,"id":406,"sha1":407,"threat_attribution":408,"title":337,"attribution":411},"c6212c846c6e95fc013ab95065fc2982e4f963ce","Майнеры на книжной полке: ЦК F6 зафиксировал распространение вредоносных программ через бесплатные онлайн-библиотеки","Скачать -Игрок- в формате a4.pdf.zip","405e66564dff62a00607cd4185553fb5de24f724_manual1750780599","WBsJ4rPufVUjT0M622r08P3yR","405e66564dff62a00607cd4185553fb5de24f724",{"malware":409},[410],{"ti_malware_id":224,"ti_malware_name":9},[412],{"type":92,"name":9,"id":224},{"commit":341,"description":414,"filename":415,"fqri":416,"hide":42,"id":417,"sha1":418,"threat_attribution":419,"title":337,"attribution":420},"Работа Mirai вредоноса в Linux","0b3b6d2310ae7631c4ffbb1ee1881cc5fcd595165f7e6148775a6edf9a94b108.elf","464cdbf7b6a7b199ec65f2d454a7f7634ba05e64_ind1750670225_0_0b3b6d23_120_8888_astrace_linux_x64","yFn8JaRTGAjH1hcWvWYPIc87Z","464cdbf7b6a7b199ec65f2d454a7f7634ba05e64",{},[],{"commit":341,"description":422,"filename":423,"fqri":424,"hide":42,"id":425,"sha1":426,"threat_attribution":427,"title":337,"attribution":428},"Работа DinodasRAT в Linux sandbox F6","3d93b8954ed1441516302681674f4989bd0f20232ac2b211f4b601af0fcfc13b.elf","b769731b6e5983dd07fc19ca4b531c70b16479fd_ind1750669905_0_120_3d93b895_8888_astrace_fakenet_linux_x64","VQNvWC5ejMkP1rhVcf4cm4vxT","b769731b6e5983dd07fc19ca4b531c70b16479fd",{},[],{"commit":341,"description":430,"filename":431,"fqri":432,"hide":42,"id":433,"sha1":434,"threat_attribution":435,"title":337,"attribution":436},"Работа Babuk в песочнице F6","dd5f751faed9a681dc66611ed67efb0f651837e80a0b7492051e1674d418b08c.elf","a0d6da3f81f317e25d3cadbf4b24164c6120f52d_ind1750669739_0_120_8888_astrace_dd5f751f_linux_x64","T6SfiDh9ITFqH5STgkPZrZPSq","a0d6da3f81f317e25d3cadbf4b24164c6120f52d",{},[],{"commit":381,"description":438,"filename":439,"fqri":440,"hide":42,"id":441,"sha1":442,"threat_attribution":443,"title":337,"attribution":449},"Работа шифровальщика Lockbit в песочнице F6","lockbit_sample.exe","93210eb87531b055007a716b60839a2477523886_ind1749989419_0_120_8888_888f1ef0_configsremotejson_en_w10_x64","sIDtRzsVff19GM6uUo6M1OHuV","93210eb87531b055007a716b60839a2477523886",{"malware":444},[445,447],{"ti_malware_id":446,"ti_malware_name":4},"5ca77888df1c79d47aeaab5788a63fdaa7472522",{"ti_malware_id":448,"ti_malware_name":15},"01b0e643235e668704b92833a23224e4c64434e4",[450,451],{"type":92,"name":4,"id":446},{"type":92,"name":15,"id":448},{"commit":453,"description":454,"filename":455,"fqri":456,"hide":42,"id":457,"sha1":458,"threat_attribution":459,"title":337,"attribution":465},"06d233dd45724f134591705d0705a71d9d81866d","Отпечатки прошлого: F6 исследовала новые и ранее неизвестные активности группы PhantomCore","Документы_на_рассмотрение.zip","293bd87a7b909b13cad58833366adb2711cbcdcd_ind1746436687_0_278f0518_600_8888_configsremotejson_ru_w10_x64","mnPY49R9ahc03e3e9MeHUiRTM","293bd87a7b909b13cad58833366adb2711cbcdcd",{"malware":460,"threatactor":463},[461],{"ti_malware_id":462,"ti_malware_name":29},"5009c90103ff95e25b0f30b09c942eefa20e25fc",[464],{"ti_threatactor_id":200,"ti_threatactor_name":201},[466,467],{"type":92,"name":29,"id":462},{"type":63,"name":201,"id":200},{"commit":469,"description":470,"filename":471,"fqri":472,"hide":42,"id":473,"sha1":474,"threat_attribution":475,"title":337,"attribution":479},"958847aa91344f111aafe9e289a5089352deae57","Sticky Werewolf рассылает Quasar RAT от лица Минобрнауки России","iskhodiashchii-ot-26.05.2025.7z","cfc144c468d4c47097fd35398f1e0448dd01a1b1_ind1748332827_0_300_8888_c0eea56e_configsremotejson_en_w11_x64","wzyMyZHG3Zea3r2VZW6xR2RQ1","cfc144c468d4c47097fd35398f1e0448dd01a1b1",{"malware":476},[477],{"ti_malware_id":478,"ti_malware_name":22},"6303ccd74f9a005160d7424a233d1507a018053c",[480],{"type":92,"name":22,"id":478},{"commit":482,"description":483,"filename":484,"fqri":485,"hide":42,"id":486,"sha1":487,"threat_attribution":488,"title":337,"attribution":489},"6064fbe8d1ec9bb235453fe6f9743a3ad070753c","Unicorn: таргетированная e-mail-кампания против ритейла, промышленности, строительства и ЖКХ","Пакет документов от 19 06.rar","53d42b5a23435d86ec40669b7b153e8711143c23_ind1748078385_0_360_8888_bb8f5140_configsremotejson_en_startautorun_w10_x64","qgZudNzEiHf1gBppQtCOeLLB9","53d42b5a23435d86ec40669b7b153e8711143c23",{},[],{"commit":482,"description":491,"filename":492,"fqri":493,"hide":42,"id":494,"sha1":495,"threat_attribution":496,"title":337,"attribution":497},"Согласовать, открыть, заразиться: кейс фишинга от Room155","1.zip","dfe3c56acbcb54a2c545a7c7215b875bee507e50_ind1747736444_0_600_8888_bdb412d8_configsremotejson_ru_w10_x64","x1ZoIsVwZ80gNLiVUBp0kqi5b","dfe3c56acbcb54a2c545a7c7215b875bee507e50",{},[],{"commit":453,"description":499,"filename":500,"fqri":501,"hide":42,"id":502,"sha1":503,"threat_attribution":504,"title":337,"attribution":508},"Возвращение StrongBaba: майская кампания с ChuBaka Downloader в защищённых архивах","Акт Сверки (Пароль 05052025).zip","9a755846436dc0aaedeb5c62417b95694e22f23d_ind1746541984_0_3c6aeb49_600_8888_configsremotejson_ru_w10_x64","5I49YfCXrtPGpNHM7u5LrJfKm","9a755846436dc0aaedeb5c62417b95694e22f23d",{"malware":505},[506],{"ti_malware_id":507,"ti_malware_name":6},"94bde2f823dd773143d21f44f535ad03664a3915",[509],{"type":92,"name":6,"id":507},{"commit":364,"description":511,"filename":512,"fqri":513,"hide":42,"id":514,"sha1":515,"threat_attribution":516,"title":337,"attribution":517},"Работа очень быстрого вайпера в IT инфраструктуре","3373f4c.msi","34a1423319e394b1bec5932cfcf09e4033b4994a_ind1743056678_0_600_7a00f521_8888_configsremotejson_ru_w11_x64","LV0siC4zDAXzEvjur3DU4mSC6","34a1423319e394b1bec5932cfcf09e4033b4994a",{},[],{"commit":453,"description":519,"filename":520,"fqri":521,"hide":42,"id":522,"sha1":523,"threat_attribution":524,"title":337,"attribution":525},"Вредоносная активность группы Core Werewolf с использованием UltraVNC","Списки_на_нагр.7z","7d3abecf82dea7df2aaa581a01719190506fff82_ind1746275054_0_300_5b87d957_8888_configsremotejson_ru_w11_x64","Mh2soN0D4dhe9NCkYPvJOWODm","7d3abecf82dea7df2aaa581a01719190506fff82",{},[],{"commit":453,"description":527,"filename":528,"fqri":529,"hide":42,"id":530,"sha1":531,"threat_attribution":532,"title":337,"attribution":536},"Unicorn и их резюме инженера как приманка для загрузки ВПО","moe-reziume-inzhenera-2025.zip","297da6c1ad6bfb9138abc0fa77b187d940aa518e_ind1746035785_0_600_8888_90e9ac37_configsremotejson_ru_w10_x64","PNKvN6mcg1doMz3vFnpLpF8FI","297da6c1ad6bfb9138abc0fa77b187d940aa518e",{"malware":533},[534],{"ti_malware_id":535,"ti_malware_name":19},"eeaa1e79e642559e2910815a324e9eb3e3a4f280",[537],{"type":92,"name":19,"id":535},{"commit":453,"description":539,"filename":540,"fqri":541,"hide":42,"id":542,"sha1":543,"threat_attribution":544,"title":337,"attribution":547},"Новая вредоносная рассылка от Hive0117: архив с паролем и надежда добраться до пользователя","Док-ты от 29.04.2025.rar","393d139ed8f4470164cde8f5cf3e7a1bc8d5eb63_ind1746000151_0_36de1677_600_8888_configsremotejson_ru_w11_x64","x97hQ6doasRaGB067x6S3YPRm","393d139ed8f4470164cde8f5cf3e7a1bc8d5eb63",{"malware":545},[546],{"ti_malware_id":84,"ti_malware_name":11},[548],{"type":92,"name":11,"id":84},{"commit":453,"description":550,"filename":551,"fqri":552,"hide":42,"id":553,"sha1":554,"threat_attribution":555,"title":337,"attribution":558},"Операция Sticky Werewolf: Шпионская атака Quasar RAT от Минпромторга","ЛК-11216.06.7z","5fec7c47b5ccc307ee068817efbda2c256b56c18_ind1745426501_0_120_13f820a3_8888_configsremotejson_en_w10_x64","Hl3YO4rUFLICgFmvhbvnaZODT","5fec7c47b5ccc307ee068817efbda2c256b56c18",{"malware":556},[557],{"ti_malware_id":478,"ti_malware_name":22},[559],{"type":92,"name":22,"id":478},{"commit":453,"description":561,"filename":562,"fqri":563,"hide":42,"id":564,"sha1":565,"threat_attribution":566,"title":337,"attribution":567},"Экзотический апрельский отчет из Азии: Разоблачение неизвестного","4月最新报表.zip","9c1129d7e1849213ac0ecf4032db553fb28cc8d5_ind1744961053_0_600_8888_85996b06_configsremotejson_ru_w10_x64","7wg96nczK5mWlgmYfR1nnzI3X","9c1129d7e1849213ac0ecf4032db553fb28cc8d5",{},[],{"commit":453,"description":569,"filename":570,"fqri":571,"hide":42,"id":572,"sha1":573,"threat_attribution":574,"title":337,"attribution":575},"Выявление Zeppelin: Обнаружение шифровальщика в песочнице","tmp281vjv_t.7z","7500d1d79a6b73cb1c9ce1e4f124a4f0b176ee8a_ind1744725594_0_600_8888_b4735db0_configsremotejson_disableinternet_en_w10_x64","xTiBMt6pHE7SueTC2GZXdnD81","7500d1d79a6b73cb1c9ce1e4f124a4f0b176ee8a",{},[],{"commit":364,"description":577,"filename":578,"fqri":579,"hide":42,"id":580,"sha1":581,"threat_attribution":582,"title":337,"attribution":583},"Злоумышленник Rezet и его договор-оферта по услугам интернет-продвижения","Договор-оферта A910.rar","ba3b97ba368638ef2370cd06a07116dfb90c4cd6_ind1744270098_0_600_8888_cce7862a_configsremotejson_ru_w10_x64","85kiJiIefXHiRIoh5LVAE9qDt","ba3b97ba368638ef2370cd06a07116dfb90c4cd6",{},[],{"commit":364,"description":585,"filename":586,"fqri":587,"hide":42,"id":588,"sha1":589,"threat_attribution":590,"title":337,"attribution":593},"Вредоносные схемы Hive0117: судебные приставы как канал для DarkWatchman","Ispolnitelniy_List_1180691-25.zip","75c29f947062bd4063ba2f208eb30ce2b76d5fe3_ind1744269714_0_600_71527b1e_8888_configsremotejson_ru_w10_x64","9NsY99OqxrSCsJi9qDcPshBmR","75c29f947062bd4063ba2f208eb30ce2b76d5fe3",{"malware":591},[592],{"ti_malware_id":84,"ti_malware_name":11},[594],{"type":92,"name":11,"id":84},{"commit":364,"description":596,"filename":597,"fqri":598,"hide":42,"id":599,"sha1":600,"threat_attribution":601,"title":337,"attribution":605},"Злоумышленники в химической промышленности: изучение атаки ВПО WhiteSnake","uchebno-sportivnyi-kompleks-baza-otdykha-volga-niiau-mifi.rar","8b42a32f4a3efef2279e72080d1525abd0c0c654_ind1743757500_0_4369ec8e_600_8888_configsremotejson_ru_w10_x64","KIbEDpEYXlundrzHVETciuBrn","8b42a32f4a3efef2279e72080d1525abd0c0c654",{"malware":602},[603],{"ti_malware_id":604,"ti_malware_name":31},"7325a999a24c833e74703dcb8d2b431d96649415",[606],{"type":92,"name":31,"id":604},{"commit":364,"description":608,"filename":609,"fqri":610,"hide":42,"id":611,"sha1":612,"threat_attribution":613,"title":337,"attribution":614},"Расследование цепочки заражения Unicorn: от EML до стилеров","Условия.rar","a2eb92f3bc01aa24710492ed4cdd5708f4253065_ind1743400731_0_600_8888_configsremotejson_e618219d_ru_w10_x64","hF6nWeW6xDeKUNKBJdvnMhXPQ","a2eb92f3bc01aa24710492ed4cdd5708f4253065",{},[],{"commit":364,"description":616,"filename":617,"fqri":618,"hide":42,"id":619,"sha1":620,"threat_attribution":621,"title":337,"attribution":622},"Атака Havoc: Почтовые угрозы от имени управления контроля размещения государственного заказа","Калькулятор методом сопоставимых рыночных цен..pdf","3e490077407e79b82edecb62d8925b85f0a22133_ind1742976609_0_600_8888_867e54b1_configsremotejson_ru_w10_x64","xA2AvzNhXAG87cLAOVDKO70S3","3e490077407e79b82edecb62d8925b85f0a22133",{},[],{"commit":364,"description":624,"filename":625,"fqri":626,"hide":42,"id":627,"sha1":628,"threat_attribution":629,"title":337,"attribution":630},"Злоумышленники room155 хотят сверку взаиморасчето и отправляют Revenge-RAT в качестве вложения","2025.exe.zip","81a89a8e4d5355d4702e40439ceb98d194fb1c8f_ind1743410888_0_2b3e9016_600_8888_configsremotejson_ru_w10_x64","QOBPBkQYGBtKNbGxmtnPTlbEh","81a89a8e4d5355d4702e40439ceb98d194fb1c8f",{},[],{"commit":364,"description":632,"filename":633,"fqri":634,"hide":42,"id":635,"sha1":636,"threat_attribution":637,"title":337,"attribution":642},"Vasy Grek: Массовая фишинговая кампания с подменой выгрузок 1С","akt_1C_doc_76656536deeffr6g5r5g66sgsgsg36drf.rar","b8792afe37b3cce59678143708e02d5669d7290e_ind1743056875_0_1300fac9_300_8888_configsremotejson_ru_w10_x64","wfxhomCKzHJVyJNGRwZwwKczj","b8792afe37b3cce59678143708e02d5669d7290e",{"threatactor":638},[639],{"ti_threatactor_id":640,"ti_threatactor_name":641},"0fc550979a723bf89a91c2dab1ef908358f55051","Vasy Grek",[643],{"type":63,"name":641,"id":640},{"commit":364,"description":645,"filename":646,"fqri":647,"hide":42,"id":648,"sha1":649,"threat_attribution":650,"title":337,"attribution":654},"Распространение CloudEye через скомпрометированные почтовые аккаунты","jf2sjawc1jh550289-isf-10-2-_nfi-2025-1.7z","34cba4bf4bb57ba51063f4fe9d39a655cde8d28f_ind1742890712_0_120_8888_8149fcd9_configsremotejson_ru_w10_x64","GiK1btpn4CGNtbLTyzdP5G0wr","34cba4bf4bb57ba51063f4fe9d39a655cde8d28f",{"malware":651},[652],{"ti_malware_id":653,"ti_malware_name":7},"381de94d9e136b13a2e3a8aa554c7fbe5f6fcdc5",[655],{"type":92,"name":7,"id":653},{"commit":657,"description":658,"filename":659,"fqri":660,"hide":42,"id":661,"sha1":662,"threat_attribution":663,"title":337,"attribution":664},"db08279aed6ebf25397fe52ade6fcfd94b7271f0","PureLogs: Фишинговая кампания с использованием PureCrypter","akt-sverki.zip.zip","c249e18d831571d4a35a07f2432df673dae54a61_ind1741250085_0_120_8888_configsremotejson_e69e41c6_ru_w10_x64","cS7gCh8qJJ8r2f3BE9ZCGL8yG","c249e18d831571d4a35a07f2432df673dae54a61",{},[],{"commit":666,"description":667,"filename":668,"fqri":669,"hide":42,"id":670,"sha1":671,"threat_attribution":672,"title":337,"attribution":680},"d745cfeaf90a152312220d8fc6f2c4eb2fc31752","Претензии с подвохом: Werewolves и их Cobalt кампания","требование_19.03.docx","d012a1d444d97d931b5ce79bc8f3a32a21bec8b9_ind1742369475_0_120_8888_92688111_configsremotejson_ru_win7_x64","PXOGtWdwAZHQnPyyhgRbHwWkz","d012a1d444d97d931b5ce79bc8f3a32a21bec8b9",{"malware":673,"threatactor":678},[674,675,676],{"ti_malware_id":390,"ti_malware_name":8},{"ti_malware_id":392,"ti_malware_name":17},{"ti_malware_id":677,"ti_malware_name":18},"0ea57f29eb4ea529775fa26ed4714c25d620dfb4",[679],{"ti_threatactor_id":395,"ti_threatactor_name":396},[681,682,683,684],{"type":92,"name":8,"id":390},{"type":92,"name":17,"id":392},{"type":92,"name":18,"id":677},{"type":63,"name":396,"id":395},{"commit":666,"description":686,"filename":687,"fqri":688,"hide":42,"id":689,"sha1":690,"threat_attribution":691,"title":337,"attribution":692},"Операция \"Ложный Минпропторг\": анализ вредоносной кампании Sticky Werewolf","Исходящий от 17.03.2025.7z","bfcca9e88a9cd26c872fd7ac596efeac25f9265f_ind1742301866_0_120_8888_configsremotejson_dd2af925_en_w11_x64","wPEQeCBiaVVxngT2eay3geh0F","bfcca9e88a9cd26c872fd7ac596efeac25f9265f",{},[],{"commit":694,"description":695,"filename":696,"fqri":697,"hide":42,"id":698,"sha1":699,"threat_attribution":700,"title":337,"attribution":704},"7e7f324bb050c97723a0e30bfd58dded4e047a7d","META stealer в действии: как скомпрометированные учётные записи электронной почты используются для распространения вредоносного ПО","tmpm6ujrp_rnew-order-12032025.pdf.zip","91fc71061bfde3cbecc375b2ed6078e23e12ec3d_ind1741762081_1_120_8888_configsremotejson_ed9db553_ru_w11_x64","oVXCBySIUBn7cMTgfZaxRjUSa","91fc71061bfde3cbecc375b2ed6078e23e12ec3d",{"malware":701},[702],{"ti_malware_id":703,"ti_malware_name":16},"bc49b0d74508f15c32a4c11a6ea4024d6fdfe875",[705],{"type":92,"name":16,"id":703},{"commit":657,"description":707,"filename":708,"fqri":709,"hide":42,"id":710,"sha1":711,"threat_attribution":712,"title":337,"attribution":713},"Новая APT Telemancon атакует промышленные предприятия с помощью инструментов TMCDropper и TMCShell","rbsh-2s35-1-koalitsiia-sv-bve.docx.zip","0f16f912879813a9242501df85ec189fd7b31b80_ind1740747771_0_120_2b19f678_8888_configsremotejson_ru_w10_x64","HAvEiVbhGUPRTCW0hZpg4MESP","0f16f912879813a9242501df85ec189fd7b31b80",{},[],{"commit":657,"description":715,"filename":716,"fqri":717,"hide":42,"id":718,"sha1":719,"threat_attribution":720,"title":337,"attribution":727},"Анализ атак вредоносного ПО Watch Wolf на сектор ритейла","Док-ты на рассчет ФЕВРАЛЬ-МАРТ.rar.zip","637d4d0148546e799ca2175185f1c5f23b32c280_ind1740492281_1_120_8888_configsremotejson_db0842c2_ru_w11_x64","mkrH9aTtuG8rr4IzJGCfI6St5","637d4d0148546e799ca2175185f1c5f23b32c280",{"malware":721,"threatactor":725},[722,723],{"ti_malware_id":84,"ti_malware_name":11},{"ti_malware_id":724,"ti_malware_name":23},"8f69880c757894293d30446c77a3de7af75c1209",[726],{"ti_threatactor_id":87,"ti_threatactor_name":88},[728,729,730],{"type":92,"name":11,"id":84},{"type":92,"name":23,"id":724},{"type":63,"name":88,"id":87},{"commit":732,"description":733,"filename":734,"fqri":735,"hide":42,"id":736,"sha1":737,"threat_attribution":738,"title":337,"attribution":741},"e42fac2f86dc573ec02efe8dd509203c40398a96","Анализ рассылки вредоносного ПО QuasarRat","заказ на покупку.arj.zip","7f4bad015fbfe2b0e3fa702d777f9264808fdabf_ind1740047495_1_120_8888_a06fa674_configsremotejson_ru_w11_x64","WEVzPZpwR9mt44lbdifYyZevz","7f4bad015fbfe2b0e3fa702d777f9264808fdabf",{"malware":739},[740],{"ti_malware_id":478,"ti_malware_name":22},[742],{"type":92,"name":22,"id":478},{"commit":732,"description":744,"filename":745,"fqri":746,"hide":42,"id":747,"sha1":748,"threat_attribution":749,"title":337,"attribution":754},"Атака на доверие: xplogs22 превращает почтовые серверы в оружие массового заражения","Contract.bz.zip","ecfc9b71f1ca04e4dc58234417281f67c740b9d1_ind1739870728_0_120_8888_b0d4d199_configsremotejson_ru_w11_x64","1N10Nkl5vwJ0mjR9P6Xy5Qupa","ecfc9b71f1ca04e4dc58234417281f67c740b9d1",{"threatactor":750},[751],{"ti_threatactor_id":752,"ti_threatactor_name":753},"e8c1aae52bc94533a193be4004b6081fbfcf18de","xplogs22",[755],{"type":63,"name":753,"id":752},{"commit":757,"description":758,"filename":759,"fqri":760,"hide":42,"id":761,"sha1":762,"threat_attribution":763,"title":337,"attribution":764},"9c13c510fb525a7bb8da439ffa6bb66905164f3f","Массовая рассылка стилера NOVA со взломанных учетных записей","Citibank Kazakhstan_Төлем_кеңес.iso","e4e74b620f4f27c611dc83a5c049511cd46919e8_ind1739168885_0_120_8888_configsremotejson_e96676f2_ru_w10_x64","b06oJ4Wu1OFmxnKbInXeD3hry","e4e74b620f4f27c611dc83a5c049511cd46919e8",{},[],{"commit":757,"description":766,"filename":767,"fqri":768,"hide":42,"id":769,"sha1":770,"threat_attribution":771,"title":337,"attribution":772},"VasyaGrek держит компании в напряжении, рассылая вредоносные письма с новыми IOC","scheta_oplata_1022025_1C.PDF.rar.zip","24316b0a841eefc3766beff1e4346ba550be15cf_ind1739277574_0_120_3654f1c1_8888_configsremotejson_ru_w10_x64","No06o3NYIhsX3rO6lCgYoF6uJ","24316b0a841eefc3766beff1e4346ba550be15cf",{},[],{"commit":774,"description":775,"filename":776,"fqri":777,"hide":42,"id":778,"sha1":779,"threat_attribution":780,"title":337,"attribution":781},"c4871b6573f7fbddc5194a4bee9e7a393ec055f0","Группа TA558 снова атаковала российские и белорусские компании","София1.docx.zip","b1f1f3a2d5b0b6fcaa9c30ef07d09c4eeb8d81cc_ind1738686369_0_120_37d882c6_8888_configsremotejson_ru_w10_x64","N0lBy4FkHyvrOnEnNkguJgD2Y","b1f1f3a2d5b0b6fcaa9c30ef07d09c4eeb8d81cc",{},[],{"commit":774,"description":783,"filename":784,"fqri":785,"hide":42,"id":786,"sha1":787,"threat_attribution":788,"title":337,"attribution":793},"Атака группировки Rezet на Российские предприятия","iskh_tsikl_postanovka_ekb_rid_ispytaniia.rar","b2f0918e61566fba6a74dd47c905295e127dbf37_ind1738316369_1_300_7ded7612_8888_configsremotejson_ru_w11_x64","rGt8e7G7Rc5nLT5tIVulSVMyl","b2f0918e61566fba6a74dd47c905295e127dbf37",{"threatactor":789},[790],{"ti_threatactor_id":791,"ti_threatactor_name":792},"54f22495eaae1b075732f1ff2615033131a8bfcb","Rezet",[794],{"type":63,"name":792,"id":791},{"commit":774,"description":783,"filename":796,"fqri":797,"hide":42,"id":798,"sha1":799,"threat_attribution":800,"title":337,"attribution":803},"iskh_tsikl_postanovka_ekb_rid_ispytaniia.pdf.rar","b588bdad6cbeb8212990d2b3ec328a9ffff7988b_ind1738326454_0_300_4a27b632_8888_configsremotejson_ru_w10_x64","jyiCzpylke0IRTYwPB8MT48g8","b588bdad6cbeb8212990d2b3ec328a9ffff7988b",{"threatactor":801},[802],{"ti_threatactor_id":791,"ti_threatactor_name":792},[804],{"type":63,"name":792,"id":791},{"commit":774,"description":806,"filename":807,"fqri":808,"hide":42,"id":809,"sha1":810,"threat_attribution":811,"title":337,"attribution":812},"Замаскированная угроза: как Stone Wolf использует счета для обмана","ТЗ_Альянс-Автоматика.rar.zip","491401095a6908b0f5a72c4a12ffd43678d42beb_ind1738280518_0_120_8888_baa39be5_configsremotejson_ru_w10_x64","vnshN0fI7Ao7XpGdFPNpwfB2x","491401095a6908b0f5a72c4a12ffd43678d42beb",{},[],{"commit":774,"description":814,"filename":815,"fqri":816,"hide":42,"id":817,"sha1":818,"threat_attribution":819,"title":337,"attribution":820},"Российские компании становятся целями обновленного стилера NOVA","9fb4ed75f71f2a104c0a9fd44316250988bd167b.zip","18615114d4bce5d5e4ca6d6d1dcf366bf2214ca7_ind1738180430_0_120_367b5912_8888_configsremotejson_ru_w10_x64","RaNJF2IP2ugu23intELQJBlaQ","18615114d4bce5d5e4ca6d6d1dcf366bf2214ca7",{},[],{"commit":774,"description":822,"filename":823,"fqri":824,"hide":42,"id":825,"sha1":826,"threat_attribution":827,"title":337,"attribution":830},"PDF-приманка: как Rezet ведет кампании против российских компаний","Платежное поручение №10026638-2025.rar","1559a1d88b8562589af4454e480574a0ff01f238_ind1737893648_0_120_8888_a67fbaa1_configsremotejson_ru_w10_x64","nhQQPQePM7R2OgWxgtSzp9XwY","1559a1d88b8562589af4454e480574a0ff01f238",{"threatactor":828},[829],{"ti_threatactor_id":791,"ti_threatactor_name":792},[831],{"type":63,"name":792,"id":791},{"commit":774,"description":833,"filename":834,"fqri":835,"hide":42,"id":836,"sha1":837,"threat_attribution":838,"title":337,"attribution":842},"Новая группировка DarkGaboon использует Revenge RAT для атак на российские компании.","Документы.rar.zip","a87cdcc7bcac3e7529d318eb37a74ec17c42ebc8_ind1737620362_0_120_8888_configsdotnetjson_e555b24c_ru_w10_x64","GJ21m6Gy8Ez6gNZbrrVt6zM2Q","a87cdcc7bcac3e7529d318eb37a74ec17c42ebc8",{"malware":839},[840],{"ti_malware_id":841,"ti_malware_name":25},"13539d101fb05ff7868d0ec112128c84ae53dad2",[843],{"type":92,"name":25,"id":841},{"commit":774,"description":845,"filename":846,"fqri":847,"hide":42,"id":848,"sha1":849,"threat_attribution":850,"title":337,"attribution":853},"Крепкая финансовая связь: эксперты F.A.C.C.T. вскрыли киберпреступников VasyGrek и Mr.Burns","Doc_22_01_2025_1C.PDF.rar.zip","f207e0eaf5cc83cf2924faf59df2a4fa7b3b9167_ind1737578658_0_120_8888_configsremotejson_e99522d5_ru_w10_x64","HoZ73wNrxgOpwEMEkYaoOGWL0","f207e0eaf5cc83cf2924faf59df2a4fa7b3b9167",{"threatactor":851},[852],{"ti_threatactor_id":640,"ti_threatactor_name":641},[854],{"type":63,"name":641,"id":640},{"commit":774,"description":856,"filename":857,"fqri":858,"hide":42,"id":859,"sha1":860,"threat_attribution":861,"title":337,"attribution":866},"Билет, которого нет: специалисты F.A.C.C.T. обнаружили новую угрозу – FakeTicketer","UpDriSyfest_2.47.84.exe.sample","2fd703a28b247628b014e093f72c2e364e319874_ind1737026209_0_120_57b6e5c5_8888_configsremotejson_en_w10_x64","QMi2ArEztYz0o4bvCm6NotQSy","2fd703a28b247628b014e093f72c2e364e319874",{"threatactor":862},[863],{"ti_threatactor_id":864,"ti_threatactor_name":865},"2b3f30e9620ea0459bdb4af53d0460bae816d02a","FakeTicketer",[867],{"type":63,"name":865,"id":864},{"commit":869,"description":870,"filename":871,"fqri":872,"hide":42,"id":873,"sha1":874,"threat_attribution":875,"title":337,"attribution":880},"5a70ff7d7928bb3dcf29900098d7c849ce1c36ed","Украинские кибершпионы от лица Минпромторга пытались атаковать российские предприятия. Приманка — работа с осужденными.","Форма заполнения.pdf.exe","74f6f78bd8f1cc30e911350b60fe9b4eaf69e21c_ind1736781745_0_180_8888_bf7dc4dd_configsremotejson_en_w10_x64","AzS387Cfc8WbfyjziTQ6sndAO","74f6f78bd8f1cc30e911350b60fe9b4eaf69e21c",{"malware":876},[877,878],{"ti_malware_id":257,"ti_malware_name":21},{"ti_malware_id":879,"ti_malware_name":20},"03a6f4190e75885dc3b5764678ec0ce36ac932d5",[881,882],{"type":92,"name":21,"id":257},{"type":92,"name":20,"id":879},{"commit":884,"description":885,"filename":886,"fqri":887,"hide":42,"id":888,"sha1":889,"threat_attribution":890,"title":337,"attribution":894},"af93b48d27c16b8e61560b41dc1866ea450eceeb","Злоумышленники атакуют государственные и финансовые организации на территории России с помощью Rhadamanthys Stealer","Информация по Рекламе.rar","e7529897e68c2689e9633806c4e62c23ac334768_ind1734682902_0_300_8888_configsremotejson_d191e517_en_w10_x64","SBzhqBc14sPNyvzDOnjEJoocj","e7529897e68c2689e9633806c4e62c23ac334768",{"malware":891},[892],{"ti_malware_id":893,"ti_malware_name":26},"8a35df7d39ef8f022800209507627cc20cbf703b",[895],{"type":92,"name":26,"id":893},{"commit":884,"description":897,"filename":898,"fqri":899,"hide":42,"id":900,"sha1":901,"threat_attribution":902,"title":337,"attribution":905},"Рассылка ВПО Revenge RAT в письмах российским компаниям. Тема письма: \"Уточнение по акту сверки взаиморасчетов\"","Дoкyмeнты.cab.zip","89ce7293516e4ce967dfb426d5835481cacb21b8_ind1735117767_0_120_58ebc6f5_8888_configsremotejson_ru_w11_x64","ocOwMPhghXUyPF5IfBiGbxj0g","89ce7293516e4ce967dfb426d5835481cacb21b8",{"malware":903},[904],{"ti_malware_id":841,"ti_malware_name":25},[906],{"type":92,"name":25,"id":841},{"commit":908,"description":909,"filename":910,"fqri":911,"hide":42,"id":912,"sha1":913,"threat_attribution":914,"title":337,"attribution":918},"1cfbd10203152b452acd85bbdadfc6c9e84344c6","Рассылка вредоносных писем Watch Wolf от имени курьерской службы с использованием DarkWatchman","nakladnaia-no.-44-1221-4779.zip","e6d718033b09bfd928ee8ecd40264f3b0dce8138_ind1734594964_0_300_8888_889f6feb_configsremotejson_ru_w10_x64","pTTkvBdCQ9NU5RZMlGQkY9y5T","e6d718033b09bfd928ee8ecd40264f3b0dce8138",{"malware":915},[916,917],{"ti_malware_id":724,"ti_malware_name":11},{"ti_malware_id":84,"ti_malware_name":11},[919,920],{"type":92,"name":11,"id":724},{"type":92,"name":11,"id":84},{"commit":908,"description":922,"filename":923,"fqri":924,"hide":42,"id":925,"sha1":926,"threat_attribution":927,"title":337,"attribution":930},"Анализ ВПО, используемого группой PhantomCore","doc.zip","c131ce9ed8942fda9fdcaa2ebb058e6c44f3d34d_ind1734388710_0_180_6ad06573_8888_configsremotejson_ru_w10_x64","gOR58JAc4ZOD4XAnuWV81BrgI","c131ce9ed8942fda9fdcaa2ebb058e6c44f3d34d",{"threatactor":928},[929],{"ti_threatactor_id":200,"ti_threatactor_name":201},[931],{"type":63,"name":201,"id":200},{"commit":933,"description":934,"filename":935,"fqri":936,"hide":42,"id":937,"sha1":938,"threat_attribution":939,"title":337,"attribution":944},"324c1e8318b32e5693e03c1fc11c58282b7bff90","Анализ трояна Buhtrap RAT","dok_arkhiv_23799.zip","a8b7f03185c5d4fbaa9a5df79611d5403d7b9335_ind1726295241_0_600_8888_configsremotejson_f902e80d_ru_w10_x64","pWHqoPUilajNM06AmvfM4o0Wq","a8b7f03185c5d4fbaa9a5df79611d5403d7b9335",{"malware":940,"threatactor":942},[941],{"ti_malware_id":238,"ti_malware_name":5},[943],{"ti_threatactor_id":238,"ti_threatactor_name":5},[945,946],{"type":92,"name":5,"id":238},{"type":63,"name":5,"id":238},{"commit":948,"description":949,"filename":337,"fqri":950,"hide":42,"id":951,"sha1":952,"threat_attribution":953,"title":337,"attribution":954},"c311f581edeed8eb4a65f17065846c4ace8ffa70","Анализ ВПО, использующего ресурсы зараженной машины для майнинга криптовалюты","712fb9ea9abb3e7b08c9eb69815bc7b0bc6a18c5_ind1680468628_0_600_6f1d443e_8888_configsremotejson_ru_w10_x64","terFU7xPeGQUnTHVUfnHjpbtP","712fb9ea9abb3e7b08c9eb69815bc7b0bc6a18c5",{},[],{"commit":956,"description":957,"filename":337,"fqri":958,"hide":42,"id":959,"sha1":960,"threat_attribution":961,"title":337,"attribution":962},"c3e70053657d25b50ea47efc96de20a67a837f72","Анализ JavaScript бэкдора, используемого для удаленного исполнения команд","7993a14485d00d1bbcca49f33583a78734d13eee_ind1718807787_0_300_8888_bdab98fe_configsremotejson_ru_w10_x86","xgomfrff3EphfF4IRIsITX7d5","7993a14485d00d1bbcca49f33583a78734d13eee",{},[],{"commit":964,"description":965,"filename":337,"fqri":966,"hide":42,"id":967,"sha1":968,"threat_attribution":969,"title":337,"attribution":970},"781256d72d0d01c691c54fe13279c9963c6d55e4","Анализ шпионского ПО AgentTesla, предназначенного для похищения пользовательских данных","7287eb88604dfb30f416157d4452d8e362d2726e_0_08a7ad74_120_configsremotejson_ru_win7_x86","SBx2qXI0oej3BeCYqWohoSkYd","7287eb88604dfb30f416157d4452d8e362d2726e",{},[],{"commit":972,"description":973,"filename":337,"fqri":974,"hide":42,"id":975,"sha1":976,"threat_attribution":977,"title":337,"attribution":978},"9fe702f12ef36e02222f5d9bde7f2733d7c4564b","Анализ ВПО Formbook, которое предназначено для кражи данных пользователя, а так же может быть использовано для удаленного исполнения команд","630a95aac5863f4c3c58b1f3ec19652056519035_0_120_3a606777_configsremotejson_en_win7_x86","wZ9OdwJNIk2XKa3k246Cl9s8D","630a95aac5863f4c3c58b1f3ec19652056519035",{},[],{"commit":964,"description":980,"filename":337,"fqri":981,"hide":42,"id":982,"sha1":983,"threat_attribution":984,"title":337,"attribution":985},"Анализ вируса Neshta, заражающего исполняемые файлы и имеющего функционал похищения пользовательских данных","14aacc2eb40a8a8bc17798637c78bbc506d6e17f_0_120_8a77d6ae_configsremotejson_ru_win7_x86","QBMY80WgDmhBRxaXpzc0FBML0","14aacc2eb40a8a8bc17798637c78bbc506d6e17f",{},[],{"commit":964,"description":987,"filename":337,"fqri":988,"hide":42,"id":989,"sha1":990,"threat_attribution":991,"title":337,"attribution":992},"Анализ вредоносного офисного документа, который загружает из сети и запускает средство удаленного администрирования Remcos","50839ea446f930c3888f0fdbafd5831ffbca91f4_0_120_configsremotejson_eacd6d11_en_win7_x86","77GwsOWMRvtPbEQTCfsJTVBLy","50839ea446f930c3888f0fdbafd5831ffbca91f4",{},[]]