Rewterz Threat Alert – Sodinokibi Ransomware – Active IOCs

August 24, 2021

Rewterz Threat Alert – Ryuk Ransomware – Active IOCs

August 24, 2021

Rewterz Threat Alert – APT32 Ocean Lotus – IOCs

August 24, 2021

Severity

High

Analysis Summary

Cyber espionage actors, aka APT32 (OceanLotus Group), are carrying out intrusions into private sector companies across multiple industries and have also targeted foreign governments, dissidents, and journalists. APT32 leverages a unique suite of fully-featured malware, in conjunction with commercially available tools, to conduct targeted operations that are aligned with Vietnamese state interests.

Impact

Information Theft and Espionage

Indicators of Compromise

MD5

6d0ab5f4586166ac3600863bc9ac493e

SHA-256

2a6b0d55193224f6393e36c728cc15ef4f6b66ea59728214773b35fda25a596e

SHA-1

af7522e9f870bb9a88c13ab1ea396dfa6f8cd843

Remediation

Block all the threat indicators at your respective controls.
Search for IOCs in your environment.

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Gafgyt aka Bashlite Malware – Active IOCs

DarkCrystal RAT aka DCRat – Active IOCs

GitHub Tools Deployed in CrazyHunter Ransomware Campaigns – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – Sodinokibi Ransomware – Active IOCs

Rewterz Threat Alert – Ryuk Ransomware – Active IOCs

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.