• Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Alert – Snake Ransomware – Active IOCs
December 7, 2020
Rewterz Threat Alert – “Hack-for-hire” DeathStalker Using New PowerPepper Implant
December 7, 2020

Rewterz Threat Alert – Android Banking Trojan

December 7, 2020

Severity

High

Analysis Summary

A banking trojan is targeting mobile app users in different regions and it seems like the this would spread in the upcoming times. Researchers describe the banking trojan, as a full-fledged spy in your pocket that can be accessed remotely by its operators. Cybercriminals can use the trojan to bypass financial institutions’ security and antifraud measures, in order to make fraudulent transactions on the victim’s smartphones.

Image
Image

Impact

  • Information theft
  • Financial loss

Indicators of Compromise

Filename

  • 18456_Video_Player[.]apk

MD5

  • b809ff4b3f0e178638bebd72c22e910d

SHA-256

  • c44e26c9aefe7dee8e48c548625dbf7a2c0132eb104dc93e18c71cfb84c9d797

SHA1

  • ab089a3f933b67fc28de51b90b477465de32e369

URL

  • http[:]//alcades38[.]xyz/login
  • http[:]//caserne3[.]xyz/login

Remediation

  • Block all threat indicators at your respective controls.
  • Search for IOCs in your environment.
  • Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.