Rewterz Threat Alert – Lazarus APT Group – Active IOCs

August 24, 2021

Rewterz Threat Alert – APT32 Ocean Lotus – IOCs

August 24, 2021

Rewterz Threat Alert – Sodinokibi Ransomware – Active IOCs

August 24, 2021

Severity

High

Analysis Summary

Sodinokibi ransomware usually targets victims, infecting systems via Microsoft Office documents. After encryption, a ransom note is found on infected systems. The ransomware usually demands a ransom of $850k or $1.7m for decrypting the files on the target system. The ransomware has re-emerged in cyberspace after a few months, earlier campaigns dating back to July and August 2020. Recently, few samples of Sodinokibi were found being distributed.

Impact

Files encryption
Information theft

Indicators of Compromise

MD5

2075566e7855679d66705741dabe82b4

SHA-256

12d8bfa1aeb557c146b98f069f3456cc8392863a2f4ad938722cd7ca1a773b39

SHA-1

136443e2746558b403ae6fc9d9b40bfa92b23420

Remediation

Block the threat indicators at their respective controls.
Do not download files attached in untrusted emails.

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Multiple Microsoft AutoUpdate Vulnerabilities

ICS: Multiple Siemens TeleControl Server Vulnerabilities

ICS: Multiple Hitachi Vantara Pentaho Vulnerabilities

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – Lazarus APT Group – Active IOCs

Rewterz Threat Alert – APT32 Ocean Lotus – IOCs

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.