Rewterz Threat Alert – REvil Ransomware – Active IOCs

September 9, 2021

Rewterz Threat Alert – Dridex Banking Trojan – Active IOCs

September 9, 2021

Rewterz Threat Alert – APT32 Ocean Lotus – Active IOCs

September 9, 2021

Severity

High

Analysis Summary

Cyber espionage actors, aka APT32 (OceanLotus Group), are carrying out intrusions into private sector companies across multiple industries and have also targeted foreign governments, dissidents, and journalists. APT32 leverages a unique suite of fully-featured malware, in conjunction with commercially available tools, to conduct targeted operations that are aligned with Vietnamese state interests.

Impact

Information Theft and Espionage

Indicators of Compromise

Filename

MSVCR100[.]dll

MD5

1dbd3e88bc5cb77a7401cb49b44f554e

SHA-256

f19c7115755ed90c0ad5dfc9321b44aa43228e80a2cd5bc714fc6a1ddcd0d3a6

SHA-1

844264bd15330e7d887051e7a7d062fdef72f49b

Remediation

Block all the threat indicators at your respective controls.
Search for IOCs in your environment.

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Microsoft Entra Account Lockouts Triggered by Token Logging Error

SideWinder APT Group aka Rattlesnake Targeting Pakistan – Active IOCs

SideWinder APT Group aka Rattlesnake – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – REvil Ransomware – Active IOCs

Rewterz Threat Alert – Dridex Banking Trojan – Active IOCs

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.