February 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – NJRAT – Active IOCs
September 10, 2021Rewterz Threat Advisory – Multiple WordPress Vulnerabilities
September 13, 2021Rewterz Threat Alert – NJRAT – Active IOCs
September 10, 2021Rewterz Threat Advisory – Multiple WordPress Vulnerabilities
September 13, 2021
Severity
High
Analysis Summary
The SideWinder Advanced Persistent Threat (APT) group has used recent territory disputes between China, India, Nepal, and Pakistan as lures. The goal is to gather sensitive information from its targets, mainly located in Nepal and Afghanistan. The targets here include multiple government and military units for countries in the region researchers said, including the Nepali Ministries of Defense and Foreign Affairs, the Nepali Army, the Afghanistan National Security Council, the Sri Lankan Ministry of Defense, the Presidential Palace in Afghanistan, and more.
Impact
- Information Theft and Espionage
Indicators of Compromise
File Name
- luckydrawAugust2021[.] zip
- luckydrawAugust2021[.]pdf[.]lnk
MD5
- 3561e7581e682dc7005881dc1e8357f1
SHA-256
- 3c852d755fab4de6684638f57fba6e209d74d6a66a885012acc2ef9779ca06ca
SHA1
- f10bad0dea51a6a7f887f9e91007b6fa85082cd3
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment