Rewterz Threat Alert – Ouija Malware – IoCs

January 1, 2020

Severity

Medium

Analysis summary

Ouija malware is similar to the Mirai botnet. The exploit source attempts to create a web shell and install malware with wget command. Mirai botnet is a malware that turns networked devices running Linux into remotely controlled bots that can be used as part of a botnet in large-scale network attacks. Ouija may take over unsecure IoT devices for the same purpose. Its C&C was detected to be 212[.]237[.]46[.]158.

Impact

DDoS
Information Theft
Taking over of IoT devices

Indicators of Compromise

Source IP

212.237.46[.]158
39.109.161[.]146

URL

hxxp[:]//212.237.46.158/mipsel

Remediation

Block the threat indicators at their respective controls.

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Python RAT Uses Discord Interface to Execute Remote Attacks

Critical Alert: Jordanian Banks Under Siege by Everest Ransomware Group

The SocGholish-RansomHub Connection – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – Kraken and LockerGoga Ransomware – IoCs

Rewterz Threat Alert – New Tactics to Bypass Email Spam Filters for Delivering Sextortion Scams

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.