Rewterz Threat Alert – AZORult Malware – Active IOCs
November 22, 2021Rewterz Threat Alert – Donot APT Group – Active IOCs
November 22, 2021Rewterz Threat Alert – AZORult Malware – Active IOCs
November 22, 2021Rewterz Threat Alert – Donot APT Group – Active IOCs
November 22, 2021Severity
Medium
Analysis Summary
Smokeloader is a popular bot and a veteran in its field, this piece of malware is used mainly for loading other malicious software, usually obtained from a third party. At the same time, it has the capability of loading its own modules, allowing it to conduct a variety of actions without the usage of external components. The seller of Smokeloader (which is known by the handle SmokeLdr) is active in providing this malware as a service to this date.
Impact
- Information Theft
- Exposure of Sensitive Data
Indicators of Compromise
MD5
- bde64a1b356c3eacaf76a9a47893a816
- 9e93213e249415159b0b616a4e1e6504
- 52ec168708a81dcfa6dcaeca0100474a
- 2a0ecd6047ac3e929413c9dc65fd9550
SHA-256
- 5617cf97967fc9377f8b775f52fe43c8c54f9cab67fa164f6f903d4ebe9b79c2
- b1db9a17312d9287f7ca3c6763a7741b758b88481657479a6212aa23c535b48c
- 897572054e7490da731996e653af1d639526a90cd3acb684e9df764986725ece
- 77a56e7215c37931be8cb84232306667ec719336e2ae38fb75ed30bc39c303b9
SHA-1
- 5b34858d77fbf9b7e0037175a5448ca3e9466178
- 4c5f8fdff30f48b5cd554dd5dfd94bf4f28bf51b
- fcc84c8ef565bf9cbd7aeba3c8da0e93b9d357dc
- cab43b6a7d163a16b052bde9ad9392fa7fe1809e
Remediation
- Exercise caution when receiving messages from unknown senders.
- Block all threat indicators at your respective controls.
- Keep your software updated to the latest patches.
- Search for IOCs in your environment.