QuoIntelligence cyber security experts: Russian state hackers exploit fake training docs to spread the malware. There are correlations with ReconHell/BlackWater attack.
Microsoft cyber security experts: The Russian group aka Fancy Bear, Pawn Storm, Sofacy Group, STRONTIUM, and Sednit) tried to compromise devices to gain initial access.
Yoroi-Cybaze cyber security experts: After APT28, also Gamaredon is spying Kiev. The lure is a legit military document, weaponized with Pteranodon malware.
Yoroi-Cybaze cyber security experts, after an in dept analysis, confirm. The malicious document, that contains Emotet malware, is linked to Russian Hackers.
Yoroi-Cybaze cyber security experts: It contains Emotet malware and should linked to Russian hackers. But some elements are confusing and need to be deepened.