June 27, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Agent Tesla Malware – Active IOCs
March 5, 2021
Rewterz Threat Alert – Active Exploitation of 4 Zero-Days in Microsoft Exchange Servers – Additional IoCs
March 8, 2021
Rewterz Threat Alert – Agent Tesla Malware – Active IOCs
March 5, 2021
Rewterz Threat Alert – Active Exploitation of 4 Zero-Days in Microsoft Exchange Servers – Additional IoCs
March 8, 2021
Severity
High
Analysis Summary
Sidewinder APT Group, which has been working in the interest of Indian Government, has been observed targeting Pakistani Government Officials through its latest campaigns with a decoy document related to investment in Balochistan Province. This APT group has been actively targeting South Asian countries throughout 2020 and fresh IoCs are still being detected in 2021. In earlier months, it was found targeting Pakistan Air Force with malicious samples of PAF Calender 2021. Other recent campaigns include targeting Pakistanis and Chinese military & government entities windows machines as well as mobile phones often using weaponized word documents & custom build mobile apps for information theft & espionage.
Impact
Information theft and espionage
Indicators of Compromise
Filename
- BGI-14[.]zip
MD5
- f225d7966cb15848279d039e10827962
SHA-256
- bb58796f79a913a985eb41f0d12446e7ae8fe99fd3f0d432d77d8d82f202bf5f
SHA1
- 845c97491499015dc214a4cc9433ddb3276b4837
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.