Rewterz Threat Alert – Latest Trickbot – IOCs

June 22, 2020

Rewterz Threat Alert – Nefilim/Nephilim Ransomware Campaign

June 22, 2020

Rewterz Threat Alert – APT Group Lazarus – IOCs

June 22, 2020

Severity

High

Analysis Summary

Following samples of Lazarus group, an state sponsored threat actor targeting financially organizations for their gains have been active again and actively targeting different organizations via phishing emails dropping malicious word documents which enables macro when downloaded and executed. Previously these campaigns were specifically crafted to target Russian organizations but now they’ve shifted their tilt towards Asia pacific region.

Impact

Credential theft
Financial loss
Exposure of sensitive information

Indicators of Compromise

MD5

18833939ade00657f8ea111c579d5c1b
b1913ca7a8e730a60bf498d3a056cfea
c984239172e847fcf57ccb906040cc0c

SHA-256

6d461bf3e3ca68b2d6d850322b79d5e3e647b0d515cb10449935bf6d77d7d5f2
6caa98870efd1097ee13ae9c21c6f6c9202a19ad049a9e65c60fce5c889dc4c8
c4875cc728e7c4bc00646df57c8c38370fe11439e4c95e38040ba84fe27eb0b9

SHA1

e00dcb35db80b84df6f8588783d2f1b50825b775
ac4d94ec5bafe46ad5a9b82bb1451883b8fb893b
1e960dd268a436bdeda44b2374208bd95089cd1d

Remediation

Block all threat indicators at your respective controls.
Search for IOCs in your environment.

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

SuperCard X Malware Exploiting NFC for Financial Fraud – Active IOCs

Zoom Remote Control Feature Exploited to Gain Access

Microsoft Entra Account Lockouts Triggered by Token Logging Error

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – Latest Trickbot – IOCs

Rewterz Threat Alert – Nefilim/Nephilim Ransomware Campaign

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.