

Rewterz Threat Alert – Lokibot Malware – Active IOCs
July 27, 2021
Rewterz Threat Alert – Quasar RAT – Active IOCs
July 28, 2021
Rewterz Threat Alert – Lokibot Malware – Active IOCs
July 27, 2021
Rewterz Threat Alert – Quasar RAT – Active IOCs
July 28, 2021Severity
High
Analysis Summary
Cyber espionage actors, aka APT32 (OceanLotus Group), are carrying out intrusions into private sector companies across multiple industries and have also targeted foreign governments, dissidents, and journalists. APT32 leverages a unique suite of fully-featured malware, in conjunction with commercially available tools, to conduct targeted operations that are aligned with Vietnamese state interests.

Impact
- Information theft and espionage
Indicators of Compromise
MD5
- 48d20d11a7ceaf25b91a53a78c8e12a6
SHA-256
- e0e993e5237760772fa7089f635e39d0f4406dc6ca4eba34d65999ea3bc3c7e3
SHA-1
- 656576d892bdf6b0705175813ff614b8e7f01995
Remediation
- Block all threat indicators at their respective controls.
- Search all IOCs in your environment.