March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – APT29 Cozy Bear – Active IOCs
August 10, 2022Rewterz Threat Alert – Vidar Malware – Active IOCs
August 10, 2022Rewterz Threat Alert – APT29 Cozy Bear – Active IOCs
August 10, 2022Rewterz Threat Alert – Vidar Malware – Active IOCs
August 10, 2022
Severity
Medium
Analysis Summary
The Ramnit malware has numerous variants, which may individually be categorized as trojans, viruses, or worms. The first ramnit malware discovered in 2010 were viruses that infected exe, .dll , and html files found on a computer. Later variants included the ability to steal confidential data from the infected machine. Depending on the variants, Ramnit-infected machines can also be enslaved in a botnet.
Impact
- Information Theft
- Exposure of Sensitive Data
- Credential Theft
Indicators of Compromise
MD5
- be05e80b305820415eb46e15393b66f0
SHA-256
- d58184406f1719a9b303bbb7b0c99c2637d4b70375120218c04417391f160428
SHA-1
- 1ee70eb5f8465ac6cd0b8bb2267a953492c1f9ab
Remediation
- Block the threat indicators at their respective controls.
- Search for IOCs in your environment.