Rewterz

Rewterz Threat Alert – Quasar RAT – IOCs

August 2, 2021
Rewterz

Rewterz Threat Advisory –Multiple Google Chrome Security Vulnerabilities

August 3, 2021

Rewterz Threat Alert –AZORult Malware – Active IOCs

Severity

Medium

Analysis Summary

AZORult is a payment card and credential information stealer. It was sold on Russian underground forums as a means to collect sensitive information from infected systems. The malware is also able to steal cookies, browsing history, cryptocurrency, and ID/passwords. Exploits such as phishing emails and Fallout Exploit Kit (EK) paired with social engineering techniques are major infection vectors of the AZORult malware.The malware can also be used as a loader to download other malware.

Impact

  • Information Theft
  • Credential Theft
  • Exposure of Sensitive Data

Indicators of Compromise

MD5

  • 4e29200e64b17b863a40a2aac18297d0
  • cb1fef1a16b7fc3851b569ffb51e17d9

SHA-256

  • b0831c1f23202cd936470a346b97d37f39a27a364db9a15f3d2d5d33bb53de13
  • bdd500e8d7fadf83d80b3e1e6affbf60af92dff9d0b902b353e6ddad657445da

SHA-1

  • 0b455c0ec403245ce1c8b54bc0c6dd6a83b9ac56
  • 00373b44ad8558dd23832f3aba6b031acbad706e

Remediation

  • Block all threat indicators at your respective controls.
  • Search for IOCs in your environment.

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.