Rewterz Threat Alert – Nanocore – Active IoCs
February 1, 2021Rewterz Threat Alert – Dridex Banking Malware
February 1, 2021Rewterz Threat Alert – Nanocore – Active IoCs
February 1, 2021Rewterz Threat Alert – Dridex Banking Malware
February 1, 2021Severity
High
Analysis Summary
Cyber espionage actors, aka APT32 (OceanLotus Group), are carrying out intrusions into private sector companies across multiple industries and have also targeted foreign governments, dissidents, and journalists. APT32 leverages a unique suite of fully-featured malware, in conjunction with commercially-available tools, to conduct targeted operations that are aligned with Vietnamese state interests.
Impact
- Espionage
- Exposure of data
- Information theft
Indicators of Compromise
MD5
67802c35280a33ccecb3d19946e03b5f
SHA-256
f0a05aaed382f667c49f74f005a754cf50852cbc9b33a9546469cd6db26b8ece
SHA1
06dff731e9f9cd4f2c401d44c02cc42d5e32deb9
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.