Rewterz Threat Advisory – CVE-2022-31768 – IBM InfoSphere Information Server Vulnerability
June 8, 2022Rewterz Threat Advisory – CVE-2022-22396 – IBM Spectrum Protect Plus Vulnerability
June 8, 2022Rewterz Threat Advisory – CVE-2022-31768 – IBM InfoSphere Information Server Vulnerability
June 8, 2022Rewterz Threat Advisory – CVE-2022-22396 – IBM Spectrum Protect Plus Vulnerability
June 8, 2022Severity
Medium
Analysis Summary
AveMaria RAT is a remote access trojan that targets Windows systems that provides the capability to gain unauthorized access to a victim’s PC or allow covert surveillance of it. It acts as a keylogger, can steal passwords, escalate privileges, and much more. AveMaria, like most malware, first arrives at systems as a result of phishing mails (as invoices and shipping orders), but is also available on the dark web for subscriptions.
Impact
- Unauthorized Access
Indicators of Compromise
MD5
- d0cffe2fce55cdee9cc00917513a601e
- fb9f4ad7f49f3badc2184d6c0bcbb307
- 31c2210575bbe8d39a0bc5c785433675
- 3c8cdd5010549e30c9b167d483e3baa7
- 9f50a24a0db22e63b5da4de397237468
SHA-256
- ecc62758ef557c2ed6796ad203c9df3a19f2b10edbfa1c3291f7a64f04286233
- 9878839e2117d5885c3a566f1836fca388f39a50e08bfb8eeaeba55ccc5a828e
- 36981ea2e9ccb73809a6fe8956552f0e84a39e7684fc1982b6f52a2ce0ffd11d
- 8ab6895551c1b4cb68242c164d4c78363b683554674c3231a405b663d0684485
- c1729509a8e0eb288cd9e82c43d193af9758e4ae92df71e03ee4a5987df86572
SHA-1
- 3391388ade8cf16ffe0d053b2a77d482df443055
- f443bafbe0645a578ea0ba3e4988f8afe1f4cc19
- 54cdd102d215a5edcb99d4ae1e47d0bbc5be5c7f
- 3ab386eb2e777a8a8202b75fe012a9a51cba7ffc
- 1311902aa93d66aec20f947264bb979c473576db
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.