Operation DupeHike : UNG0902 targets Russian employees with DUPERUNNER and AdaptixC2

SEQRITE analysts describe a multi-stage espionage campaign targeting Russian corporate HR and payroll staff: spear-phishing ZIPs contained malicious LNK shortcuts that launch PowerShell to fetch a C++ implant (DUPERUNNER), which performs process injection to load an AdaptixC2 beacon. The report provides technical breakdowns of each stage, extracted IOCs (multiple SHA-256 hashes, IP 46.149.71.230, domains, and C2 details), infrastructure analysis, MITRE ATT&CK mappings, and detection names used by SEQRITE.