Rewterz Threat Alert – Dridex Banking Trojan – Active IOCs
July 16, 2021Rewterz Threat Alert – Remcos RAT – Active IOCs
July 16, 2021Rewterz Threat Alert – Dridex Banking Trojan – Active IOCs
July 16, 2021Rewterz Threat Alert – Remcos RAT – Active IOCs
July 16, 2021Severity
High
Analysis Summary
Cyber espionage actors, aka APT32 (OceanLotus Group), are carrying out intrusions into private sector companies across multiple industries and have also targeted foreign governments, dissidents, and journalists. APT32 leverages a unique suite of fully-featured malware, in conjunction with commercially available tools, to conduct targeted operations that are aligned with Vietnamese state interests.
Impact
- Information theft and espionage
Indicators of Compromise
MD5
- 8deaf6a4e5e03b3e72d9279f7d8d60e1
SHA-256
- 0bbd75112062602c9cbbf081273b370cff6946decf7a81af6cb8f809c0f395fc
SHA-1
- 7df70349081f827c344dde28ea661672de1a68c9
Remediation
- Block all threat indicators at their respective controls.
- Search all IOCs in your environment.