March 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Phishing Emails Containing Calendar Invitations
July 6, 2020Rewterz Threat Alert – Web Skimming (Magecart) attacks Targeted by North Korean Hackers
July 6, 2020Rewterz Threat Alert – Phishing Emails Containing Calendar Invitations
July 6, 2020Rewterz Threat Alert – Web Skimming (Magecart) attacks Targeted by North Korean Hackers
July 6, 2020
Severity
Medium
Analysis Summary
AZORult is a Trojan stealer that collects various data on infected computers and sends it to the C&C server, including browser history, login credentials, cookies, files from folders as specified by the C&C server (for example, all TXT files from the Desktop folder), cryptowallet files, etc.
The malware can also be used as a loader to download other malware.
Impact
- Information theft
- Credential theft
- Exposure of sensitive data
Indicators of Compromise
URL
- http[:]//mervecapas[.]com[.]tr/images/index[.]php
- http[:]//raymondjaon[.]ug/rac2[.]exe
- http[:]//34[.]105[.]129[.]68/file_handler/file[.]php?
Remediation
- Block all threat indicators at your respective controls.
- Search for IOC’s in your environment