Such intrusions, which Ukraine's Computer Emergency Response Team associated with the Russian threat operation UAC-0194, commenced with the delivery of phishing emails with a URL file, which when interacted exploits the vulnerability to facilitate installation of additional payloads, including the open-source trojan SparkRAT, an analysis from ClearSky researchers showed.
Article Link: Newly patched Windows zero-day leveraged to attack Ukraine | SC Media