Rewterz Threat Alert – Lazarus APT Group – Active IOCs
October 29, 2021Rewterz Threat Alert – SmokeLoader Malware – Active IOCs
October 29, 2021Rewterz Threat Alert – Lazarus APT Group – Active IOCs
October 29, 2021Rewterz Threat Alert – SmokeLoader Malware – Active IOCs
October 29, 2021Severity
High
Analysis Summary
The SideWinder Advanced Persistent Threat (APT) group has used recent territory disputes between China, India, Nepal, and Pakistan as lures. The goal is to gather sensitive information from its targets, mainly located in Nepal and Afghanistan. The targets here include multiple government and military units for countries in the region researchers said, including the Nepali Ministries of Defense and Foreign Affairs, the Nepali Army, the Afghanistan National Security Council, the Sri Lankan Ministry of Defense, the Presidential Palace in Afghanistan, and more.
Impact
- Information Theft and Espionage
Indicators of Compromise
Filename
- Declaration of Asset[.] zip
MD5
- adea8cd7763a981814d3563645193654
SHA-256
- 8056ef141ba7327874c0b79b75cd7b4729f53319ece3e0630faf2eef90191657
SHA-1
- 341aa563e9b96c0d675250a7665ecf96f25acf8f
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.