Rewterz Threat Alert – TeamTNT with New Campaign aka “Chimaera”
September 10, 2021Rewterz Threat Alert – NJRAT – Active IOCs
September 10, 2021Rewterz Threat Alert – TeamTNT with New Campaign aka “Chimaera”
September 10, 2021Rewterz Threat Alert – NJRAT – Active IOCs
September 10, 2021Severity
High
Analysis Summary
Malicious IOCs have been found exploiting the latest addition in the zero-day list of Microsoft and threat actors continue to target organizations with the latest vulnerability.
CVE-2021-40444
An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then have to convince the user to open the malicious document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights
CVE-2021-40444
An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then have to convince the user to open the malicious document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights
Impact
- Remote Code Execution
Indicators of Compromise
MD5
- e057b2ff4ef2c5c116b6998129a644a5
- 1367adbf3946c85570f685ccc0afe856
- 0b7da6388091ff9d696a18c95d41b587
SHA-256
- cc5b86e60504005fcf647c21540d883b5e69b110a39d86d8e031d485403bbe1d
- 60a25fa875226dc9e58c278a1ca5024159d6efef1a91f743ae34bc05d022b010
- 6eedf45cb91f6762de4e35e36bcb03e5ad60ce9ac5a08caeb7eda035cd74762b
SHA-1
- 00913ddca2d851e794a91a22435823c7ab19a526
- cbb7ac498bbb4fcc137b3dacb2f7e497d689bf33
- 6c10d7d88606ac1afd30b4e61bf232329a276cdc
Remediation
- Block all threat indicators at their respective controls
- Search for IOCs in your environment.