Multiple Ukrainian military departments were targeted by a spear phishing campaign which attempted to drop a RATVERMIN backdoor as part of a second-stage payload delivered with the help of a Powershell script. The malicious campaign was discovered by FireEye Threat Intelligence’s research team. The hacking group behind it appears to be connected with the so-called Luhansk People’s Republic. The group appears to have been active since at least 2014 with their attacks being “primarily focused on targeting Ukrainian entities”””
Source: https://www.bleepingcomputer.com/news/security/hacker-group-uses-ratvermin-backdoor-to-target-ukrainian-military/