March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Snake Keylogger’s Malware – Active IOCs
June 13, 2022Rewterz Threat Alert – Hancitor InfoStealer – Active IOCs
June 13, 2022Rewterz Threat Alert – Snake Keylogger’s Malware – Active IOCs
June 13, 2022Rewterz Threat Alert – Hancitor InfoStealer – Active IOCs
June 13, 2022
Severity
High
Analysis Summary
Meterpreter – a trojan-type program – enables attackers to take control of affected machines remotely. This malware injects itself into compromised processes rather than creating new ones. Meterpreter can transmit and receive files, launch executable files, perform command shell operations, capture screenshots, and record keystrokes. The main objective of its distribution is either to generate revenue or infect devices with additional malware. Infected email attachments, malicious online advertisements, social engineering are some of its distribution methods. Cyber thieves can infect victims’ systems with more malware, such as ransomware, by sending, receiving, and executing files using Meterpreter. Ransomware encrypts data, making it impossible for victims to use or access it unless they acquire decryption tools from the program’s creators. Identity theft, banking information, and passwords theft are the main impact of this trojan
Impact
- Information Theft
- File Encryption
Indicators of Compromise
MD5
- 25deb0a1483f814f03e15615a7435167
SHA-256
- a3923ee5beaaf05ceb65358ac7edb7562d0ac3aa9430e26e29bd0a3afd22361c
SHA-1
- 384ea05e3a2b474579bb5761ab3bb78b61c17771
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.