March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Ratsnif – OceanLotus’s New Network Vermin
July 2, 2019Rewterz Threat Advisory – CVE-2019-6623 – F5 Multiple BIG-IP Products Denial of Service Vulnerability
July 3, 2019Rewterz Threat Alert – Ratsnif – OceanLotus’s New Network Vermin
July 2, 2019Rewterz Threat Advisory – CVE-2019-6623 – F5 Multiple BIG-IP Products Denial of Service Vulnerability
July 3, 2019
Severity
Medium
Analysis Summary
Large spam campaign impersonating invoices. Title “E-Invoice Orange” is attached brushaloader, which will download the banking Trojan danabot currently attacking clients of different banks.
Impact
Credential theft
Indicators of Compromise
URLs
- sinoposdssf[.]info
- statusnim[.]info
- tefidnsops[.]info
Filename
E-Invoice Orange
Malware Hash (MD5/SHA1/SH256)
- 15fe51b93401fcf1ef6856e9d43504d8
- 75f293b994dde5394dd955003e11ffc78a29c158
Remediation
- Block all threat indicators from your respective controls.
- Always be suspicious about emails sent by unknowns senders.
- Never click on the link/ attachments sent by unknown senders.