• Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Press Release
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Alert – Latest Trickbot – IOCs
June 22, 2020
Rewterz Threat Alert – Nefilim/Nephilim Ransomware Campaign
June 22, 2020

Rewterz Threat Alert – APT Group Lazarus – IOCs

June 22, 2020

Severity

High

Analysis Summary

Following samples of Lazarus group, an state sponsored threat actor targeting financially organizations for their gains have been active again and actively targeting different organizations via phishing emails dropping malicious word documents which enables macro when downloaded and executed. Previously these campaigns were specifically crafted to target Russian organizations but now they’ve shifted their tilt towards Asia pacific region.

Impact

  • Credential theft 
  • Financial loss 
  • Exposure of sensitive information

Indicators of Compromise

MD5

  • 18833939ade00657f8ea111c579d5c1b
  • b1913ca7a8e730a60bf498d3a056cfea
  • c984239172e847fcf57ccb906040cc0c

SHA-256

  • 6d461bf3e3ca68b2d6d850322b79d5e3e647b0d515cb10449935bf6d77d7d5f2
  • 6caa98870efd1097ee13ae9c21c6f6c9202a19ad049a9e65c60fce5c889dc4c8
  • c4875cc728e7c4bc00646df57c8c38370fe11439e4c95e38040ba84fe27eb0b9

SHA1

  • e00dcb35db80b84df6f8588783d2f1b50825b775
  • ac4d94ec5bafe46ad5a9b82bb1451883b8fb893b
  • 1e960dd268a436bdeda44b2374208bd95089cd1d

Remediation

  • Block all threat indicators at your respective controls.
  • Search for IOCs in your environment.

  • Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.