Rewterz Threat Alert – AsyncRAT – Active IOCs
January 3, 2023Rewterz Threat Alert – Gh0st RAT – Active IOCs
January 4, 2023Rewterz Threat Alert – AsyncRAT – Active IOCs
January 3, 2023Rewterz Threat Alert – Gh0st RAT – Active IOCs
January 4, 2023Severity
Medium
Analysis Summary
Matiex, first observed in July 2020, is a keystroke logger that is capable of taking screenshots, record sound with the computer microphone, and store data to the system clipboard. It is used by the cyber criminals to capture sensitive data like logins, passwords, credentials, and other information. This malware generates fake pop-ups and it also contains a feature of self-destruction which allows it to uninstall automatically after a particular time. This malware is sold in underground forums and the reason behind it’s popularity is ease of use and price. This malware was used to target industrial organizations in an information theft campaign recently.
Impact
- Credential Theft
Indicators of Compromise
MD5
- c6f80a699274d3334e79528a0b490a4b
- ac61756c25f2207f8b8a1f02d905d086
- a8fae326658ce7fb7aa5a3127ee35cb6
SHA-256
- 91700fbcb5e9f728358d7b5fd2125bd9afa72ccf31b4cf4731090feda90868a3
- b7f5e3f550203081fee03094cc7398de3d26f53f5d439e5495427d935b5b9fff
- 44dceefb44c2ff756c3d9093b69b76dba826ecb55ff6279fe0e519585a6fa342
SHA-1
- 3b7f71bd66e0d40282c9b9115c2c7c8632918dbd
- 9a5e6d13a5ef0830c38bd38cef530dd5fc4dceac
- 6559e08cc97a2ff9bba6906a885307378aad5c03
Remediation
- Block all threat indicators at your respective controls.
- Search for Indicators of compromise (IOCs) in your environment utilizing your respective security controls
- Emails from unknown senders should always be treated with caution.
- Never trust or open ” links and attachments received from unknown sources/senders.