Rewterz Threat Advisory – IBM Cognos TM1 Dojo Toolkit Script Insertion Vulnerability

July 1, 2019

Rewterz Threat Alert – GreenFlash Sundown Exploit Kit Delivered Through Malspam Campaign

July 2, 2019

Rewterz Threat Alert – Agent Telsa Keylogger & NanoCore RAT Malware – Indicators of Compromise

July 1, 2019

Severity

Medium

Analysis Summary

An email campaign discovered distributing the Agent Tesla malware and NanoCore RAT malware to different users with different subjects and dropping malicious url’s. Threat indicators are provided.

Impact

Exposure of sensitive information
Infostealer keylogger

Indicators of Compromise

IP(s) / Hostname(s)

89[.]42[.]221[.]132
185[.]217[.]1[.]168
88[.]232[.]220[.]141
41[.]219[.]22[.]204

URLs

mail.epurom[.]ro
emisparkle.duckdns[.]org

Malware Hash (MD5/SHA1/SH256)

5534d2586eb229fe15a9f903c8e412d0
1fdca8ac2e9f4a4f680dfecc4889305d
e4088c985e80b827f31f4bf6902fd95f

Remediation

Always by suspicious about emails sent by unknown senders.
Never click on the link/ attachments sent by unknown senders.

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

GitHub Tools Deployed in CrazyHunter Ransomware Campaigns – Active IOCs

North Korean APT Kimsuky aka Black Banshee – Active IOCs

Sophisticated BPFDoor Malware Detected Targeting Linux Systems – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – IBM Cognos TM1 Dojo Toolkit Script Insertion Vulnerability

Rewterz Threat Alert – GreenFlash Sundown Exploit Kit Delivered Through Malspam Campaign

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.