### RELATED REPORT

[1] https://www.welivesecurity.com/wp-content/uploads/2016/10/eset-sednit-full.pdf

[2] https://www.welivesecurity.com/2017/05/09/sednit-adds-two-zero-day-exploits-using-trumps-attack-syria-decoy/

[3] https://www.emanueledelucia.net/apt28-targeting-military-institutions/

[4] https://www.emanueledelucia.net/apt28-sofacy-seduploader-under-the-christmas-tree/

[5] https://unit42.paloaltonetworks.com/unit42-sofacy-continues-global-attacks-wheels-new-cannon-trojan/

[6] https://unit42.paloaltonetworks.com/dear-joohn-sofacy-groups-global-campaign/

[7] https://unit42.paloaltonetworks.com/sofacy-creates-new-go-variant-of-zebrocy-tool/

[8] https://blog.trendmicro.co.jp/archives/19829

[9] https://www.welivesecurity.com/2018/11/20/sednit-whats-going-zebrocy/

[10] https://www.carbonblack.com/2019/04/05/cb-threat-intelligence-notification-hunting-apt28-downloaders/

[11] https://www.securityartwork.es/2019/04/04/ukraine-election-2019-polls-maldoc-analysis/