March 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – FormBook Malware – Fresh IOCs
July 30, 2021Rewterz Threat Advisory –Multiple Trend Micro Security Vulnerabilities
August 2, 2021Rewterz Threat Alert – FormBook Malware – Fresh IOCs
July 30, 2021Rewterz Threat Advisory –Multiple Trend Micro Security Vulnerabilities
August 2, 2021
Severity
High
Analysis Summary
Cyber espionage actors, aka APT32 (OceanLotus Group), are carrying out intrusions into private sector companies across multiple industries and have also targeted foreign governments, dissidents, and journalists. APT32 leverages a unique suite of fully-featured malware, in conjunction with commercially available tools, to conduct targeted operations that are aligned with Vietnamese state interests.
Impact
- Information theft and espionage
Indicators of Compromise
Filename
- MSVCR100[.]dll
MD5
- ec44a1e0f5af1c4bd3f308ff1b3fc879
SHA-256
- b87c090e422e96f332bcfac4ef3dc52840e399f8026ad79a99239eecc4fe1703
SHA-1
- 60ddb7d810b701f3a59741d48806c846a677f071
Remediation
- Block all threat indicators at their respective controls.
- Search all IOCs in your environment.