Rewterz Threat Alert – Donot APT Group – IOCs
July 26, 2021Rewterz Threat Alert – SmokeLoader Malware – Active IOCs
July 26, 2021Rewterz Threat Alert – Donot APT Group – IOCs
July 26, 2021Rewterz Threat Alert – SmokeLoader Malware – Active IOCs
July 26, 2021Severity
High
Analysis Summary
Cyber espionage actors, aka APT32 (OceanLotus Group), are carrying out intrusions into private sector companies across multiple industries and have also targeted foreign governments, dissidents, and journalists. APT32 leverages a unique suite of fully-featured malware, in conjunction with commercially available tools, to conduct targeted operations that are aligned with Vietnamese state interests.
Impact
- Information theft and espionage
Indicators of Compromise
MD5
- 204e1ad9eb40cdb8270dc9f4d5dfa0ab
SHA-256
- f8b97f049905bc1d92291ea4d73d01215330901aed362cca46b43a92ec027c5c
SHA-1
- 4f796cf35a0631a34a15198323ae7335b38b8ac0
Remediation
- Block all threat indicators at their respective controls.
- Search all IOCs in your environment.