March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – StrongPity APT-C-41
March 2, 2021Rewterz Threat Alert – Malicious Covid-19 URLs
March 2, 2021Rewterz Threat Alert – StrongPity APT-C-41
March 2, 2021Rewterz Threat Alert – Malicious Covid-19 URLs
March 2, 2021
Severity
High
Analysis Summary
APT C-35 aka (Donot Team) has been actively dropping malicious files for template injection. The group has a history of attacking Pakistani government officials and military personnel and has been linked to India. They previously targeted Pakistani users with android malware named (StealJob) was used to target Pakistani android mobile users by Phishing on the name of “Kashmiri Voice” The attackers hunt for confidential information and intellectual property. The hackers’ targets include countries in South Asia, in particular, state sector of Pakistan.
Impact
Information theft and espionage
Indicators of Compromise
Filename
- OPS_requirements[.]doc
MD5
- 8cc87eb3667aecc1bd41018f00aca559
SHA-256
- 5259e34b599784c00d5084604f5c04763c46a5f8158308ebc8ddd61d787094a1
SHA1
- 90ac4bf2c600e81469e3531818eb7718142bc8b7
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.