Rewterz Threat Alert – Emissary Panda APT Group

Rewterz Threat Alert – Lazarus APT Group – IOCs

June 9, 2020

Rewterz Threat Advisory – CVE-2020-11975 – Apache Unomi code execution Vulnerability

June 9, 2020

Rewterz Threat Alert – Emissary Panda APT Group – IOCs

Severity

High

Analysis Summary

Emissarypanda is a Chinese threat group that has extensively used strategic Web compromises to target victims.The group has been active since at least 2010 and has targeted organizations in the aerospace, government, defense, technology, energy, and manufacturing sectors. The group was involved in cyber espionage campaigns aimed at new generation weapons and in surveillance activities on dissidents and other civilian groups.

Impact

Exposure of sensitive data

Indicators of Compromise

MD5

b738b6e125c24f55a06011694cedb11c
58851a68bb9b3ee9afbea2de55d2d50e
9a1bfe3002e64c70bdf8271c44a3ced9

SHA-256

6e1e74b0a064cc7d9aba8e485417632d7a55e0ff4ba9b078358ce9dd8b85ece4
6d65770d26fe05bb1800792bb0b3ccfd3cd2e5d5471e71cab897c0f9fb57faac
6e1e74b0a064cc7d9aba8e485417632d7a55e0ff4ba9b078358ce9dd8b85ece4

SHA1

9e98e8cd8b50910d57e38aa483c328c7aab87456
1bbee10e1335cae1cc8e75a478ad4e2c5e131fd9
a3bc69e93fda6231685364ecf39197bc4cadf891

Remediation

Block all threat indicators at your respective controls.
Search for iOCs in your environment.