• Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Alert – Anubis and Spynote Malware Distributed via Fake Covid-19 Applications
June 15, 2020
Rewterz Threat Alert – Indian APT Group Targeting Pakistani Government
June 15, 2020

Rewterz Threat Alert – APT Group Lazarus – IOCs

June 15, 2020

Severity

High

Analysis Summary

Following samples of Lazarus group, an state sponsored threat actor targeting financially organizations for their gains have been active again and actively targeting different organizations via phishing emails dropping malicious word documents which enables macro when downloaded and executed. Previously these campaigns were specifically crafted to target Russian organizations but now they’ve shifted their tilt towards Asia pacific region.

Impact

  • Credential theft
  • Financial loss
  • Exposure of sensitive information

Indicators of Compromise

MD5

  • ccdb051ad65d9f443206d659427d155f
  • 2a9e49fc80fe5124ac98ff5b874fb4d4
  • 84aa5a019b9c50118a9a42a197358060
  • b981a4624183e721a3784426c69b2f59
  • a90f62abee9a761a9576a33ae99b583c

SHA-256

  • 6f79db3e7fa1f3c9e1ea2e0fe098994f109949f82b97c6612386693164d3c7e2
  • ca3372bb37e7109896c28247faadd157759d5e68ac324a54ff0759590f956094
  • 4dc302e1f7cf8bdc4983fdf02cf5b13bcd9314bb87953b9c6797187700192665

SHA1

  • 6a097255fda2271f241a74c0608a38b913fe83ad
  • e516e27ee82022413637e8411fb66fc78968ac4f
  • e6b4362f843437789b2d7854a390a372a28ffc9a

Remediation

  • Block all threat indicators at your respective controls.
  • Search for IOCs in your respective environments.
  • Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.