Rewterz Threat Alert – StrongPity APT-C-41

Rewterz Threat Alert – Nanocore – IoCs

November 27, 2020

Rewterz Threat Alert – APT C-23 Active in Middle East

November 30, 2020

Rewterz Threat Alert – StrongPity APT-C-41

Severity

High

Analysis Summary

The APT group known as StrongPity is back with a new campaign targeting users in different regions. The group has previously targeted financial, industrial and educational sectors for data exfiltration and to look out for any file or document from a victim’s machine. The group also known as Promethium and StrongPity, the earliest attack activity of the APT organization can be traced back to 2012 . The organization is mainly targeting Italy, Turkey, Belgium, Syria, Europe and other regions and countries to conduct attacks.

Impact

Data exfiltration
Exposure of sensitive data

Indicators of Compromise

MD5

36974f80c00cef2ddf862b6cf019e274
69f6ad487f8d63c60407f3e1bb3945df

SHA-256

0265e9f22753a574dcc0f20fdb1838aaf22ba17e8f2577d1d88a811ed1f6467b
0f4933ae0b67f03154f36c3e47acd5eece9b3872677a30fdaf22df952b96b704

SHA1

08316e35670e78053822eff1df1105bfc126e435
b4a8dfc185c7c2ea6a195ece7ea8021ce705eb4a

Remediation

Search for IOCs in your environment
Block all threat indicators at your respective controls.

Rewterz Threat Alert – Nanocore – IoCs

Rewterz Threat Alert – APT C-23 Active in Middle East

Rewterz Threat Alert – StrongPity APT-C-41

Severity

Analysis Summary

Impact

Indicators of Compromise

MD5

SHA-256

SHA1

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan