Rewterz

Rewterz Threat Alert – Remcos RAT – Active IOCs

August 17, 2022
Rewterz

Rewterz Threat Alert – AveMaria RAT – Active IOCs

August 17, 2022

Rewterz Threat Alert – WannaCry Ransomware – Active IOC

Severity

High

Analysis Summary

WannaCry – aka WCry or WanaCrptor – is one of the most dangerous ransomware infections that initially surfaced in a worldwide strike in May 2017, affecting over 150 nations. This ransomware outbreak in 2017 wreaked havoc on hospitals, banks, and telecommunication firms all around the world. It has worm-like qualities and uses the SMBv1 vulnerability EternalBlue to propagate through a computer network. WannaCry encrypts user data and demands a Bitcoin payment in order to unlock them.

Impact

  • File Encryption

Indicators of Compromise

MD5

  • 4d9c771619255c9b937c34b4c50cec7e

SHA-256

  • adb41a37499a6f0f5b1e58b1973367dd34a695293dc1fed601c79d21fd0754c1

SHA-1

  • 55177cd9cefc6369db31b23e324d3263b4d4e6a6

Remediation

  • Block all threat indicators at your respective controls
  • Search for IOCs in your environment.

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.