Rewterz Threat Alert – Nanocore Rat – Fresh IOCs

August 10, 2021

Rewterz Threat Alert – Kimsuky APT Group – Active IOCs

August 10, 2021

Rewterz Threat Alert – AZORult Active-IOCs

August 10, 2021

Severity

Medium

Analysis Summary

AZORult is a payment card and credential information stealer. It was sold on Russian underground forums as a means to collect sensitive information from infected systems. The malware is also able to steal cookies, browsing history, cryptocurrency, and ID/passwords. Exploits such as phishing emails and Fallout Exploit Kit (EK) paired with social engineering techniques are major infection vectors of the AZORult malware. The malware can also be used as a loader to download other malware.

Impact

Information Theft
Credential Theft
Exposure of Sensitive Data

Indicators of Compromise

MD5

bf88f6a18838de44403fea24b330be48

SHA-256

8517738b158a4f15ad9fb58ac7bdd9d3f42c605c46f45c8cabba6dd9c4ab8d74

SHA-1

80fd3bff15fd69ecfa8a8ec1c4a0ee8d5f544844

URL

http[:]//lastimaners[.]ug/asdfg[.]exe
http[:]//lastimaners[.]ug/zxcv[.]EXE
http[:]//lastimaners[.]ug/asdf[.]EXE
http[:]//94[.]158[.]245[.]253//l/f/o-POunoBagrSXdgRlxjK/d4e715b5a38d3d0f3e8dbeac2c04fd9afcea3fb7
http[:]//lastimaners[.]ug/zxcvb[.]exe

Remediation

Block all threat indicators at your respective controls.
Search for IOCs in your environment

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Bitter APT – Active IOCs

Google Chrome 0-Day Vulnerability Actively Exploited – Immediate Update

Multiple Microsoft Windows Products Zero-Day Vulnerabilities Exploit in the Wild

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – Nanocore Rat – Fresh IOCs

Rewterz Threat Alert – Kimsuky APT Group – Active IOCs

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.