Rewterz Threat Alert – E-Invoice dropping Danabot Banking Trojan

Rewterz Threat Alert – Ratsnif – OceanLotus’s New Network Vermin

July 2, 2019

Rewterz Threat Advisory – CVE-2019-6623 – F5 Multiple BIG-IP Products Denial of Service Vulnerability

July 3, 2019

Rewterz Threat Alert – E-Invoice dropping Danabot Banking Trojan

Severity

Medium

Analysis Summary

Large spam campaign impersonating invoices. Title “E-Invoice Orange” is attached brushaloader, which will download the banking Trojan danabot currently attacking clients of different banks.

Impact

Credential theft

Indicators of Compromise

URLs

sinoposdssf[.]info
statusnim[.]info
tefidnsops[.]info

Filename

E-Invoice Orange

Malware Hash (MD5/SHA1/SH256)

15fe51b93401fcf1ef6856e9d43504d8
75f293b994dde5394dd955003e11ffc78a29c158

Remediation

Block all threat indicators from your respective controls.
Always be suspicious about emails sent by unknowns senders.
Never click on the link/ attachments sent by unknown senders.

Rewterz Threat Alert – Ratsnif – OceanLotus’s New Network Vermin

Rewterz Threat Advisory – CVE-2019-6623 – F5 Multiple BIG-IP Products Denial of Service Vulnerability

Rewterz Threat Alert – E-Invoice dropping Danabot Banking Trojan

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan