Rewterz Threat Alert – Mirai Botnet – Active IOCs

Rewterz Threat Advisory – CVE-2022-2964 – Linux Kernel Vulnerability

September 12, 2022

Rewterz Threat Advisory – CVE-2022-34691 – Microsoft Windows Active Directory Domain Services Vulnerability

September 12, 2022

Rewterz Threat Alert – Mirai Botnet – Active IOCs

Severity

High

Analysis Summary

A new Mirai variant is making the rounds called mirai_pteamirai. This botnet is one of the significant botnets targeting exposed networking devices running Linux. Mirai means ‘future’ in Japanese. This botnet is one of the active botnet and used to cause DDoS conditions. IP cameras, home routers, and other IoT devices are the common targets of this botnet.

Impact

Server Outage
Data Loss
Website Downtime

Indicators of Compromise

MD5

7636895b0ad852795af4cc397e73b15d
93cade43e38479748277f62be3c75890
ab922b39eba1639f0511a0b1998e91a3

SHA-256

aa005a11018b68439ab443af700c1cad78ef6f1568eeec9b166973ac3edd53d7
6b132eadbd720a209ac29875653d65264aa678715dbcc6c2085b3f17cc343a9c
20f7a9b880ed82c0b163d7f0ff0009bc94cdc0404efe5f0ff01f5465c6a4248f

SHA-1

4613f54c41c6b5cae1bf68d6da14277a628f21ad
b19d3b4bfdf05234ac5ce2225c9a60e3e1b88722
caa4650013a31a12b28338eda7ecf984b32fc080

Remediation

Upgrade your operating system.
Don’t open files and links from unknown sources.
Install and run anti-virus scans.

Rewterz Threat Advisory – CVE-2022-2964 – Linux Kernel Vulnerability

Rewterz Threat Advisory – CVE-2022-34691 – Microsoft Windows Active Directory Domain Services Vulnerability

Rewterz Threat Alert – Mirai Botnet – Active IOCs

Severity

Analysis Summary

Impact

Indicators of Compromise

MD5

SHA-256

SHA-1

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan