TI Mindmap HUB
Threat Intelligence Report

Tracking UAC-0226 Tooling Evolution: From WinRAR ADS to Reflective GIFTEDCROOK Loading

๐Ÿ“… July 5, 2026 ๐Ÿ“ฐ blog.synapticsystems.de ๐Ÿ” 1 CVE(s) referenced

UAC-0226 has significantly evolved its GIFTEDCROOK delivery chain, now leveraging NTFS Alternate Data Streams and reflective in-memory loading to stealthily plant persistent, multi-stage stealers targeting Ukrainian military personnel, while minimizing on-disk indicators and broadening its data theft capabilities.

unclassified
CVE-2025-8088

Sign in to access the full report including:
detailed analysis, IOCs, MITRE ATT&CK mapping, and STIX bundle.

๐Ÿ” Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

๐Ÿ“Š Visual Mindmap
๐ŸŽฏ IOC Extraction
โš”๏ธ MITRE ATT&CK TTPs
๐Ÿ“ฆ STIX 2.1 Bundle