November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Advisory – F5 Multiple Products glibc Denial of Service Vulnerability
March 26, 2019Rewterz Threat Advisory – Apache Tomcat SETTINGS Denial of Service Vulnerability
March 26, 2019Rewterz Threat Advisory – F5 Multiple Products glibc Denial of Service Vulnerability
March 26, 2019Rewterz Threat Advisory – Apache Tomcat SETTINGS Denial of Service Vulnerability
March 26, 2019
Severity
Medium
Analysis Summary
Another account themed malspam phishing campaign has been observed and is actively luring users to click on the links attachments given on the email. Threat indicators are provided.
Indicators of Compromise
| URLs | hxxps://aliyunn[.]xyz/scanned/1000089500_mc.pdf hxxp://151.80.241[.]109/windowns.exe hxxp://bepargotunhis[.]host/smkbg/ |
| Email Address | iyyappan.tut[@]psts[.]in |
| Malware Hash (MD5/SHA1/SH256) | 1340bede5863bae18568e2bf19d94406 79e3791356d2b23d1b7774d8ad908da4 |
Remediation
- Block threat indicators at your respective controls.
- Always be suspicious of the emails sent by unknown senders.
- Never click on the links/attachments sent by unknown senders.